1

I have 3 node mongodb replica set as below

Primary node Secondary node Arbiter node

Replication set is enabled for all three. I am trying to set up authentication for these nodes and i followed the below steps to configure it.

Step 1: Created a root user, added him to role: root with password in the primary node

Step 2: Created a key file using the command - openssl rand -base64 741> mongodb.key in the primary node and copied the key file to all the 3 nodes

Step 3: Added the below configuration to all three nodes.

Security: authorization: enabled keyFile: /pathtokeyfile

Step 4: sudo service mongod restart, on all three nodes

After completing above steps i tried accessing the DB with username and password in the primary node and i could read the DB and files

When i try the same in secondary and arbiter nodes i get the below error

rsss0:SECONDARY> show dbs
2019年03月06日T09:10:40.884+0000 E QUERY [thread1] Error: listDatabases failed:{
"operationTime" : Timestamp(1551863438, 9),
"ok" : 0,
"errmsg" : "not master and slaveOk=false",
"code" : 13435,
"codeName" : "NotMasterNoSlaveOk",
"$clusterTime" : {
"clusterTime" : Timestamp(1551863438, 9),
"signature" : {
"hash" : BinData(0,"AAAAAAAAAAAAAAAAAAAAAAAAAAA="),
"keyId" : NumberLong(0)
}
}
} :
_getErrorWithCode@src/mongo/shell/utils.js:25:13
Mongo.prototype.getDBs@src/mongo/shell/mongo.js:67:1
shellHelper.show@src/mongo/shell/utils.js:860:19
shellHelper@src/mongo/shell/utils.js:750:15
@(shellhelp2):1:1

Tony Hinkle
8,0921 gold badge24 silver badges46 bronze badges
asked Mar 6, 2019 at 9:59

2 Answers 2

4

As shown in your question you are now connected with the secondary node. Since secondary may contain stale data, by default MongoDB won't allow you to read any data from secondary. There are two options to read your data

  1. Connect primary node (use the correct port number )

  2. From secondary, run rs.slaveOk(). This will allow you to read data from the secondary.

Note: run rs.status() or rs.isMaster() to find out which one is primary.

answered Mar 7, 2019 at 7:56
5
  • When I try to enable authentication the secondary DB node is in recovery state but as soon as I disable auth , then it works fine. How to enable authentication for 3 node replicaset Commented Mar 7, 2019 at 8:16
  • Recovery mode means the node was trying to catch up with the primary. It is nothing to do with authentication. docs.mongodb.com/manual/reference/replica-states/… Commented Mar 7, 2019 at 8:21
  • Just using internal authentication(in this case Keyfile) you already using will enable client authorization by default. So no need to explicily enable authentication when using keyFile(internal) authentication. docs.mongodb.com/manual/core/security-internal-authentication Check the Note on the link Commented Mar 7, 2019 at 8:25
  • I enabled auth on secondary and restarted the mongod service and in primary I did not enable auth yet. So once after recovering get over in secondary should I enable auth on primary or I sould enable auth on all the servers at once shot ? Commented Mar 7, 2019 at 8:25
  • You don't need to explicitly specify the authentication when you use key file authentication. By default key file authentication will enable client authentication. Just specifying key file for all mongod instance is enough. Commented Mar 7, 2019 at 8:27
0

I had a similar issue, and rs.slaveOk() is deprecated. I had to run rs.secondaryOk(), and all was well.

answered Mar 31 at 15:02

Your Answer

Draft saved
Draft discarded

Sign up or log in

Sign up using Google
Sign up using Email and Password

Post as a guest

Required, but never shown

Post as a guest

Required, but never shown

By clicking "Post Your Answer", you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.