Deploy a 3-Node MongoDB 4.0 Replica Set with X.509 Authentication + Self Signed Certificates

This article will guide you through the process of setting up a MongoDB cluster that will utilise X.509 authentication with self signed certificates. Our cluster will consist of 3 nodes that will be deployed as a replica set. I will also include tips along the way to help your workflow.

An overview of the walkthrough:

• Installation of MongoDB on your VPSs. This article documents Red Hat CentOS7 installation, but I will outline the official MongoDB resources you can refer to for installation on your OS.
• Adding a admin user to your nodes.
• Attaching an XFS formatted volume that will serve as your means of data storage.
• Adding hostnames for each of your cluster nodes and configuring your firewall.
• Creating a X.509 certificate for each node using a self signed CA.
• Configuring MongoDB for a X.509 Authentication replica set.
• Initialising a replica set.

Why Choose MongoDB?

Before you undertake the task of deploying MongoDB as your means of data storage, make sure it is the right solution for you. MongoDB is a document oriented database offering a flexible scaling and accessibility solution.

Installation

The first stage is to install MongoDB on your 3 nodes. For this article I will use 3 Digital Ocean VPS droplets.

Note: This article is for production purposes where each node is run on a separate VPS, but if you wish to install MongoDB in your development enviornment, you can still run 3 or more nodes on the same machine. You simply have to run 3 mongod processes on different ports.

Installing MongoDB on CentOS7 is very easy, and is achieved via rpm. We are interested in installing the MongoDB Community Edition, the free open-source version of MongoDB. Visit this page for the official Red Hat installation instructions, or run the following commands:

#create a mongodb repo
sudo vi /etc/yum.repos.d/mongodb-org-4.0.repo
#paste the following into the file and save