Cluster Configuration File

On this page

Overview

Configuration Properties
Sample Configuration File

This version of the documentation is archived and no longer supported. View the current documentation to learn how to upgrade your version of MongoCLI.

Overview

The mongocli command requires cluster configuration settings for creating or updating a MongoDB Cloud Manager or MongoDB Ops Manager cluster. The configuration properties can be provided through a .yaml or .json file. The following sections describe the Configuration Properties that are required for creating or updating a cluster and provide a Sample Configuration File that you can copy and modify.

Configuration Properties

The following sections contain the:

Cluster-wide configuration properties
Replica set member configuration properties
Sharded cluster configuration properties

Cluster-Wide Settings

The configuration file for creating or updating a MongoDB Cloud Manager or MongoDB Ops Manager cluster must contain the following cluster-wide settings:

Field	Type	Description
`name`	string	Name of the cluster.
`version`	string	Version of the `mongod` process to deploy.
`featureCompatibilityVersion`	string	Feature Compatibility Version of the deployment.
`processes`	array of objects	Required for replica sets. An array of objects containing settings for each `mongod` process. Each `mongod` has replica set member settings.
`shards`	array of objects	Required for sharded clusters. An array of objects containing settings for each shard.
`config`	object	Required for sharded clusters. Object that contains your config server replica set.
`mongos`	array of objects	Required for sharded clusters. An array of objects containing settings for each `mongos` instance.

Replica Set Member Settings

The configuration file for creating or updating a MongoDB Cloud Manager or MongoDB Ops Manager cluster can contain the following settings for each replica set member:

Field

Type

Description

Required?

auditLogDestination

string

Setting that enables auditing and specifies where to send all audit events. MongoDB CLI accepts the following values:

syslog
Output the audit events to syslog in JSON format.
console
Output the audit events to stdout in JSON format.
file
Output the audit events to the file specified in the auditLogPath setting in the format specified in the auditLogFormat setting.

This setting corresponds to the auditLog.destination configuration file option.

auditLogFormat

string

Format of the output file for auditing if auditLogDestination is set to file.

MongoDB CLI accepts the following values:

JSON
Output the audit events in JSON format to the file specified in the auditLogPath setting.
BSON
Output the audit events in BSON binary format to the file specified in the auditLogPath setting.

This setting corresponds to the auditLog.format configuration file option.

auditLogPath

string

Output file for auditing if auditLogDestination has a value of file. The auditLogPath option can take either an absolute or a relative path name.

This setting corresponds to the auditLog.path configuration file option.

bindIp

string

Hostnames and/or IP addresses and/or full Unix domain socket paths on which mongos or mongod should listen for client connections. You may attach mongos or mongod to any interface. To bind to multiple addresses, enter a list of comma-separated values.

This setting corresponds to the net.bindIp configuration file option.

bindIpAll

boolean

Flag that indicates whether the mongos or mongod instance binds to all IPv4 addresses (for example, 0.0.0.0). If ipv6 is set to true, bindIpAll` also binds to IPv6 addresses (for exmaple, ``::). MongoDB CLI accepts ] the following values: true or false.

This setting corresponds to the net.bindIpAll configuration file option.

buildIndexes

boolean

Flag that indicates whether to direct the mongod to build indexes. MongoDB CLI accepts the following values: true or false.

This setting corresponds to the buildIndexes replica set configuration option.

dbPath

string

Directory where the mongod instance stores its data. This cannot be modified after deployment.

yes

delay

int

Number of seconds behind the primary member that this member should lag.

This setting corresponds to the slaveDelay replica set configuration option.

hostname

string

Name of the host to add to the replica set. This is the host on which Ops Manager deploys the mongod process.

yes

ipv6

boolean

Flag that indicates whether the deployment supports IPv6. MongoDB CLI accepts the following values: true or false.

This setting corresponds to the net.ipv6 configuration file option.

logDestination

string

Destination to which MongoDB sends all log output. MongoDB CLI accepts the following values: file or syslog. If you specify file, you must also specify logPath.

If you do not specify logDestination, MongoDB sends all log output to standard output.

This setting corresponds to the systemLog.destination configuration file option.

logPath

string

Location and name of the log file for the mongod process on the host.

yes

port

integer

Port for the replica set member. The mongod process must have exclusive access to the specified port.

yes

priority

integer

Priority of the replica set member during elections. Value can be:

Non-voting members must have a priority of 0. Replica set members with a priority of 0 cannot become the primary and cannot trigger elections.

yes

tls.CAFile

string

.pem file that contains the root certificate chain from the Certificate Authority. Specify the file name of the .pem file using relative or absolute paths.

This setting corresponds to the net.tls.CAFile mongod replica set configuration option.

tls.certificateKeyFile

string

.pem file that contains both the TLS certificate and key.

tls.certificateKeyFile and tls.certificateSelector are mutually exclusive. You can only specify one.

This setting corresponds to the net.tls.certificateKeyFile mongod replica set configuration option.

tls.certificateKeyFilePassword

string

Password to de-crypt the certificate-key file.

Use the tls.certificateKeyFilePassword option only if the certificate-key file is encrypted. In all cases, the mongos or mongod will redact the password from all logging and reporting output.

This setting corresponds to the net.tls.certificateKeyFilePassword mongod replica set configuration option.

tls.certificateSelector

string

Certificate property that the MongoDB Agent uses to select a matching certificate from the operating system’s certificate store to use for TLS/SSL.

MongoDB CLI accepts one of the following key-value mappings as an argument of tls.certificateSelector:

Key	Value type	Description
`subject`	ASCII string	The subject name or common name on the certificate.
`thumbprint`	hex string	A sequence of bytes, expressed as hexadecimal, used to identify a public key by its SHA-1 digest. The `thumbprint` is sometimes referred to as a `fingerprint`.

tls.certificateKeyFile and tls.certificateSelector are mutually exclusive. You can only specify one.

This setting corresponds to the net.tls.certificateSelector mongod replica set configuration option.

tls.clusterCertificateSelector

string

Certificate property that the MongoDB Agent uses to select a matching certificate from the operating system’s certificate store to use for internal x.509 membership authentication.

MongoDB CLI accepts one of the following key-value mappings as an argument of tls.clusterCertificateSelector:

Key	Value type	Description
`subject`	ASCII string	The subject name or common name on the certificate.
`thumbprint`	hex string	A sequence of bytes, expressed as hexadecimal, used to identify a public key by its SHA-1 digest. The `thumbprint` is sometimes referred to as a `fingerprint`.

tls.clusterCertificateSelector and tls.clusterFile are mutually exclusive. You can only specify one.

This setting corresponds to the net.tls.clustercertificateSelector mongod replica set configuration option.

tls.clusterFile

string

.pem file that contains the x.509 certificate-key file for membership authentication for the cluster or replica set.

tls.clusterCertificateSelector and tls.clusterFile are mutually exclusive. You can only specify one.

This setting corresponds to the net.tls.clusterFile mongod replica set configuration option.

tls.clusterPassword

string

The password to de-crypt the x.509 certificate-key file specified with tls.clusterFile.

Use the tls.clusterPassword option only if the certificate-key file is encrypted. In all cases, the mongos or mongod will redact the password from all logging and reporting output.

This setting corresponds to the net.tls.clusterPassword mongod replica set configuration option.

tls.CRLFile

string

The .pem file that contains the Certificate Revocation List. Specify the file name of the .pem file using relative or absolute paths.

This setting corresponds to the net.tls.CRLFile mongod replica set configuration option.

tls.disabledProtocols

string

Protocols or versions over which a MongoDB server running with TLS refuses incoming connections.

This setting corresponds to the net.tls.disabledProtocols mongod replica set configuration option.

tls.FIPSMode

string

Enable or disable the use of the FIPS mode of the TLS library for the mongos or mongod. Your system must have a FIPS compliant library to use this option.

This setting corresponds to the net.tls.FIPSMode mongod replica set configuration option.

tls.mode

string

Enables TLS for all network connections. MongoDB CLI accepts the following arguments for this setting:

Value	Description
`disabled`	The server does not use tls.
`allowTLS`	Connections between servers do not use tls. For incoming connections, the server accepts both TLS and non-tls.
`preferTLS`	Connections between servers use tls. For incoming connections, the server accepts both TLS and non-tls.
`requireTLS`	The server uses and accepts only TLS encrypted connections.

This setting corresponds to the net.tls.mode mongod replica set configuration option.

tls.PEMKeyFile

string

.pem file that contains both the TLS certificate and key.

Important

This setting is deprecated. Use tls.certificateKeyFile instead.

This setting corresponds to the net.ssl.PEMKeyFile mongod replica set configuration option.

votes

integer

Number that indicates whether the replica set member votes in the election. MongoDB CLI accepts the following values:

0 if the replica set member cannot vote
1 if the replica set member can vote

To learn more about votes, see votes.

yes

Shard Settings

The configuration file for creating or updating a MongoDB Cloud Manager or MongoDB Ops Manager cluster can contain the following settings for each shard:

Field	Type	Description	Required?
`name`	string	Name of the of the shard.	yes
`processes`	array of objects	An array of objects containing settings for each `mongod` process. Each `mongod` has replica set member settings.	yes

Sample Configuration File

name: "myCluster"
version: 4.2.2
featureCompatibilityVersion: 4.2
processes:
    - hostname: host0
      dbPath: /data/cluster_2/rs1
      logPath: /data/cluster_2/rs1/mongodb.log
      priority: 1
      votes: 1
      port: 29010
    - hostname: host1
      dbPath: /data/cluster_2/rs2
      logPath: /data/cluster_2/rs2/mongodb.log
      priority: 1
      votes: 1
      port: 29020
    - hostname: host2
      dbPath: /data/cluster_2/rs3
      logPath: /data/cluster_2/rs3/mongodb.log
      priority: 1
      votes: 1
      port: 29030

{
    "name": "myCluster",
    "version": "4.2.2",
    "featureCompatibilityVersion": "4.2",
    "processes": [
     {
        "hostname": "host0",
        "dbPath": "/data/cluster_3/rs1",
        "logPath": "/data/cluster_3/rs1/mongodb.log",
        "priority": 1,
        "votes": 1,
        "port": 30010
     },
     {
        "hostname": "host1",
        "dbPath": "/data/cluster_3/rs2",
        "logPath": "/data/cluster_3/rs2/mongodb.log",
        "priority": 1,
        "votes": 1,
        "port": 30020
     },
     {
        "hostname": "host2",
        "dbPath": "/data/cluster_3/rs3",
        "logPath": "/data/cluster_3/rs3/mongodb.log",
        "priority": 1,
        "votes": 1,
        "port": 30030
     }
   ]
}

{
  "name": "myShardedCluster",
  "version": "4.2.2",
  "featureCompatibilityVersion": "4.2",
  "shards": [
    {
      "name": "myShard_0",
      "processes": [
        {
          "dbPath": "/data/myCluster/myShard_0/27000",
          "hostname": "host0.example",
          "logPath": "/data/myCluster/myShard_0/27000/mongodb.log",
          "port": 27000,
          "votes": 1
        },
        {
          "dbPath": "/data/myCluster/myShard_0/27001",
          "hostname": "host1.example",
          "logPath": "/data/myCluster/myShard_0/27001/mongodb.log",
          "port": 27001,
          "votes": 1
        },
        {
          "dbPath": "/data/myCluster/myShard_0/27002",
          "hostname": "host2.example",
          "logPath": "/data/myCluster/myShard_0/27002/mongodb.log",
          "port": 27002,
          "version": "4.2.8-ent",
          "votes": 1
        }
      ]
    },
    {
      "name": "myShard_1",
      "processes": [
        {
          "dbPath": "/data/myCluster/myShard_1/28000",
          "hostname": "host3.example",
          "logPath": "/data/myCluster/myShard_1/28000/mongodb.log",
          "port": 28000,
          "votes": 1
        },
        {
          "dbPath": "/data/myCluster/myShard_1/28001",
          "hostname": "host4.example",
          "logPath": "/data/myCluster/myShard_1/28001/mongodb.log",
          "port": 28001,
          "votes": 1
        },
        {
          "dbPath": "/data/myCluster/myShard_1/28002",
          "hostname": "host5.example",
          "logPath": "/data/myCluster/myShard_1/28002/mongodb.log",
          "port": 28002,
          "votes": 1
        }
      ]
    }
  ],
  "config": {
    "name": "configRS",
    "processes": [
      {
        "dbPath": "/data/myCluster/configRS/29000",
        "hostname": "host6.example",
        "logPath": "/data/myCluster/configRS/29000/mongodb.log",
        "port": 29000,
        "votes": 1
      },
      {
        "dbPath": "/data/myCluster/configRS/29001",
        "hostname": "host7.example",
        "logPath": "/data/myCluster/configRS/29001/mongodb.log",
        "port": 29001,
        "votes": 1
      },
      {
        "dbPath": "/data/myCluster/configRS/29002",
        "hostname": "host8.example",
        "logPath": "/data/myCluster/configRS/29002/mongodb.log",
        "port": 29002,
        "votes": 1
      }
    ]
  },
  "mongos": [
    {
      "hostname": "host9.example",
      "logPath": "/data/myCluster/mongoses/27015/mongodb.log",
      "port": 27015
    }
  ]
}

Back

Update the Version Manifest

Troubleshooting