Convert a Standalone Self-Managed mongod to a Replica Set
A standalone mongod
instance is useful for testing and
development. A standalone instance isn't a good choice for a production
deployment because it can be a single point of failure. A replica
set, also known as a cluster, provides redundancy and
availability. Always use a replica set in production.
If you have a standalone server with data that you want to use in production, convert the standalone server to a replica set first.
Important
If you convert a development server to a replica set for production use, consult the security checklist before you expose your cluster to the internet.
Before You Begin
Cluster Type
Before you convert your standalone instance, consider whether a replica set or a sharded cluster is more appropriate for your workload.
A sharded cluster is a special kind of cluster. A sharded cluster provides redundancy and availability; it also distributes data across shards. Shards are usually hosted on multiple servers and allow for horizontal scaling.
Authorization
To use authorization with a replica set, you must also configure replica set members to use X.509 certificates or keyfiles to perform internal authentication.
For more information, see:
Procedure
Configure Replica Set Members
Update the configuration file on each server and to set
the replSetName
setting.
replication: replSetName: "rs0"
Configure Member Authentication
Configure member authentication for each server in the replica set.
Configure the replica set to use X.509 certificates for internal member authentication.
Setting | Option | Description |
---|---|---|
Sets the TLS mode to use in authentication. To configure the server
to require X.509 certificate authentication, set this option to
requireTLS . | ||
Sets the path to the .pem file that contains the TLS certificate
for client connections. | ||
Sets the path to the file that contains the root certificate chain
for the Certificate Authority (CA). | ||
Sets the path to the .pem file that contains the TLS certificate
for cluster member connections. | ||
Sets the mode used to authenticate cluster members. To use X.509
authentication, set this option to x509 . |
For example:
replication: replSetName: "rs0" security: clusterAuthMode: x509 net: tls: mode: requireTLS certificateKeyFile: /etc/mongodb/client.pem CAFile: /etc/mongodb/ca.pem clusterFile: /etc/mongodb/member.pem
Configure the replica set to use keyfiles for internal member authentication. To authenticate, each member must have a copy of the same keyfile.
Setting | Option | Description |
---|---|---|
Sets the path to the replica set keyfile. |
For example:
replication: replSetName: "rs0" security: keyFile: /etc/mongodb/keyfile
Configures a replica set without authorization.
Warning
You should only use this configuration for internal replica sets that are not accessible through the network.
Setting | Option | Description |
---|---|---|
Sets the hostnames or IP addresses that MongoDB listens on for client
connections. To block network access to the server, set this option
to localhost . |
For example:
replication: replSetName: "rs0" net: bindIp: localhost
Start MongoDB
Start mongod
for each member.
Initialize the replica set.
To initialize the replica set, use mongosh
to reconnect to
your server instance. Then, run rs.initiate()
.
rs.initiate()
You only have to initiate the replica set once.
To view the replica set configuration, use rs.conf()
.
To check the status of the replica set, use rs.status()
.
Add nodes to the replica set.
The new replica set has a single, primary node. The next step is to add new nodes to the replica set. Review the documentation on clusters before you add additional nodes:
When you are ready to add nodes, use rs.add()
.
Update Your Application Connection String.
After you convert the mongod to a replica set, update the connection string used by your applications to the connection string for your replica set. Then, restart your applications.