Installing a mongodb v6 cluster in almalinux 9.5 help

Curious_Guy1 · January 16, 2025, 11:36am

hello, I was attempting to create a cluster with replica set using 3 pc.
I am very new to the mongodb world and maybe linux in general.
the 3 pc have almalinux9.5 and mongodb v6 installed.
so far I issued those commands as root.

yum install https://repo.percona.com/yum/percona-release-latest.noarch.rpm
 percona-release enable psmdb-60 release
 yum list percona-server-mongodb --showduplicates
 yum install percona-server-mongodb
 systemctl start mongod
 systemctl status mongod
 systemctl stop mongod
 mongosh
 sudo firewall-cmd --add-port=27017/tcp --permanent
 firewall-cmd --reload
 systemctl restart mongod
 rm /tmp/mongodb-27017.sock
 systemctl restart mongod
 systemctl status mongod
 mongosh --port 27017  --authenticationDatabase "admin" -u "admin" -p
 nano /etc/mongod.conf 
 systemctl stop mongod

the conf file is this one:

dbPath: /var/lib/mongo
  journal:
    enabled: true
systemLog:
  destination: file
  logAppend: true
  path: /var/log/mongo/mongod.log

processManagement:
  fork: true
  pidFilePath: /var/run/mongod.pid
net:
  port: 27017
  bindIp: 0.0.0.0
security:
  authorization: enabled
replication:
  replSetName: "rs0"
security:
    keyFile: /etc/mongodb/keyfile

when I try to start mongod, and I do it as root, i get this error log:

{"t":{"$date":"2025-01-16T12:01:48.622+01:00"},"s":"I",  "c":"CONTROL",  "id":23285,   "ctx":"-","msg":"Automatically disabling TLS 1.0, to force-enable TLS 1.0 specify --sslDisabledProtocols 'none'"}
{"t":{"$date":"2025-01-16T12:01:48.629+01:00"},"s":"I",  "c":"NETWORK",  "id":4915701, "ctx":"-","msg":"Initialized wire specification","attr":{"spec":{"incomingExternalClient":{"minWireVersion":0,"maxWireVersion":17},"incomingInternalClient":{"minWireVersion":0,"maxWireVersion":17},"outgoing":{"minWireVersion":6,"maxWireVersion":17},"isInternalClient":true}}}
{"t":{"$date":"2025-01-16T12:01:48.630+01:00"},"s":"I",  "c":"NETWORK",  "id":4648601, "ctx":"main","msg":"Implicit TCP FastOpen unavailable. If TCP FastOpen is required, set tcpFastOpenServer, tcpFastOpenClient, and tcpFastOpenQueueSize."}
{"t":{"$date":"2025-01-16T12:01:48.632+01:00"},"s":"I",  "c":"ACCESS",   "id":20254,   "ctx":"main","msg":"Read security file failed","attr":{"error":{"code":30,"codeName":"InvalidPath","errmsg":"permissions on /etc/mongodb/keyfile are too open"}}}
{"t":{"$date":"2025-01-16T12:01:48.633+01:00"},"s":"I",  "c":"SHARDING", "id":5847201, "ctx":"main","msg":"Balancer command scheduler stop requested"}
{"t":{"$date":"2025-01-16T12:01:48.633+01:00"},"s":"I",  "c":"ASIO",     "id":22582,   "ctx":"main","msg":"Killing all outstanding egress activity."}
{"t":{"$date":"2025-01-16T12:01:48.633+01:00"},"s":"F",  "c":"CONTROL",  "id":20575,   "ctx":"main","msg":"Error creating service context","attr":{"error":"Location5579201: Unable to acquire security key[s]"}}

every suggestion is really appreciated.

Curious_Guy1 · January 16, 2025, 11:40am

to better describe my attempt, i copied with scp a keyfile called keyfile in all the 3 pc and putted it in the folder:

/etc/mongodb/keyfile

I don’t understand if it is a permission issue, the file has permission level 644.
The unable to acquire security key is a bit confusing to me.

Curious_Guy1 · January 16, 2025, 3:28pm

The keyfile has 644 permissions. It must not have group or world permissions at all. Change the permissions to 400 and make sure that it is owned by the user mongod. Also, make sure that the directory path to the keyfile can be traversed by mongod.

dogs_Cute · January 16, 2025, 6:57pm

chown -R mongod:mongod /etc/mongodb/keyfile && chmod -R 400 /etc/mongodb/keyfile