🧾 Plan of Action: MongoDB 8.0 - 3 Node Replica Set on Air-Gapped RHEL 8.9

📘 Overview

• Goal: Setup a MongoDB 8.0 replica set with 3 RHEL 8.9 air-gapped servers
• Nodes: 3 (Primary, Secondary, Secondary/Arbiter)
• No Internet access on servers
• RPMs and config provided from an internet-enabled Windows machine

🧱 Architecture

🔹 1. Prerequisites on All RHEL Servers

• RHEL 8.9 installed
• Static IP or /etc/hosts updated for inter-node resolution
• Ports open: 27017/tcp
• SELinux set to permissive or configured
• Firewall open:

  sudo firewall-cmd --add-port=27017/tcp --permanent
  sudo firewall-cmd --reload

🔹 2. On Windows Machine (with Internet)

A. Download Required RPMs for MongoDB 8.0

1. Visit: https://repo.mongodb.org/yum/redhat/8/mongodb-org/8.0/x86_64/RPMS/

2. Download:

   • mongodb-org-8.0.0-1.el8.x86_64.rpm
   • mongodb-org-server-8.0.0-1.el8.x86_64.rpm
   • mongodb-org-shell-8.0.0-1.el8.x86_64.rpm
   • mongodb-org-mongos-8.0.0-1.el8.x86_64.rpm
   • mongodb-org-tools-8.0.0-1.el8.x86_64.rpm

3. Place RPMs in a folder: mongodb8-rpms/

4. Zip the folder: mongodb8-rpms.zip

🔹 3. Transfer to All 3 RHEL Servers

• Use winSCP to move mongodb8-rpms.zip to each server.
• On each node:

  unzip mongodb8-rpms.zip -d mongodb8-rpms
  cd mongodb8-rpms
  sudo dnf install *.rpm

🔹 4. Configure MongoDB on Each Node

Edit /etc/mongod.conf:

net:
  bindIp: 0.0.0.0
  port: 27017

replication:
  replSetName: rs0

Update /etc/hosts:

<IP1> mongo-node1
<IP2> mongo-node2
<IP3> mongo-node3

🔹 5. Start MongoDB on Each Node

sudo systemctl enable mongod
sudo systemctl start mongod
sudo systemctl status mongod

🔹 6. Initiate Replica Set (on Primary Node)

mongosh

rs.initiate({
  _id: "rs0",
  members: [
    { _id: 0, host: "mongo-node1:27017" },
    { _id: 1, host: "mongo-node2:27017" },
    { _id: 2, host: "mongo-node3:27017" }
  ]
})
rs.status()

🔹 7. (Optional) Enable Authentication

On primary node:

use admin
db.createUser({
  user: "admin",
  pwd: "securePassword",
  roles: [ { role: "root", db: "admin" } ]
})

Edit /etc/mongod.conf:

security:
  authorization: enabled

Restart MongoDB:

sudo systemctl restart mongod

🔁 Optional: Local Yum Repo

sudo dnf install createrepo -y
createrepo /tmp/mongodb8-rpms
sudo tee /etc/yum.repos.d/mongodb-local.repo <<EOF
[mongodb-local]
name=MongoDB 8 Local Repo
baseurl=file:///tmp/mongodb8-rpms
enabled=1
gpgcheck=0
EOF

✅ Final Checklist

📄 MongoDB Cluster Cheat Sheet (Replica Set)

🔧 Basic Cluster Setup Commands

▶️ Initialize Replica Set (run on primary)

rs.initiate({
_id: "rs0",
members: [
{ _id: 0, host: "mongo-node1:27017" },
{ _id: 1, host: "mongo-node2:27017" },
{ _id: 2, host: "mongo-node3:27017" }
]
})

➕ Add Node

rs.add("mongo-node4:27017")

❌ Remove Node

rs.remove("mongo-node3:27017")

⛑️ Step Down Primary

rs.stepDown()

📊 Monitoring & Config

🧠 Show Config

rs.conf()

📈 Status of Replica Set

rs.status()

⏱️ Replication Lag Info (Secondary)

rs.printSlaveReplicationInfo()

🔐 Authentication

👤 Create Admin User

use admin
db.createUser({
  user: "admin",
  pwd: "securePassword",
  roles: [ { role: "root", db: "admin" } ]
})

🔒 Enable Authentication in mongod.conf

security:
  authorization: enabled

💡 CRUD Commands (Data Ops)

📥 Insert

use mydb
db.users.insertOne({ name: "Ragu", role: "admin" })

📤 Read

db.users.find()
db.users.findOne({ name: "Ragu" })

🔁 Update

db.users.updateOne({ name: "Ragu" }, { $set: { role: "engineer" } })

🗑️ Delete

db.users.deleteOne({ name: "Ragu" })

⚙️ Connection Commands

▶️ Local Shell

mongosh

▶️ Remote Shell (no auth)

mongosh --host mongo-node1:27017

▶️ Remote Shell (with auth)

mongosh "mongodb://admin:securePassword@mongo-node1:27017/?authSource=admin&replicaSet=rs0"

📁 File Paths

🧪 Testing Tips

• Shut down primary: sudo systemctl stop mongod
• Watch failover with: rs.status()
• Restart with: sudo systemctl start mongod