Question
I'm working on enabling authentication using the puppetlabs mongodb module.
As the docs say, to enable authentication, I should add auth => true. But in order for authentication to work, I have to add a user to the admin database, so I did that like so:
https://stackoverflow.com/questions/22667774
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russianmongodb::db { 'admin':
user => 'adminuser',
password_hash => 'a15fbfca5e3a758be80ceaf42458bcd8',
}
This works for the first run, but subsequent runs results in the error:
Mongodb::Db[admin]/Mongodb_database[admin]: Could not evaluate: Execution of '/usr/bin/mongo --quiet --eval db.getMongo().getDBNames()' returned 252: Wed Mar 26 16:28:40 uncaught exception: listDatabases failed:{ "errmsg" : "need to login", "ok" : 0 }
This makes sense, since it's unable to authenticate now to check if the admin database already exists.
How do you handle configuring mongodb password authentication with this module?
Solution
It seems like this pull request (merged 23. okt 2015) might fix this issue: https://github.com/puppetlabs/puppetlabs-mongodb/pull/194
With this, you can supply admin username and password to server creation like this:
class {'::mongodb::server':
auth => true,
create_admin => true,
admin_username => "admin",
admin_password => "admin"
}
Now puppet should be able to authenticate against mongodb on subsequent runs.
OTHER TIPS
This is my complete manifest file that made my deployment work (on a Vagrant setup). I only wanted to install Mongo and it's what I achieved.
class {'::mongodb::server':
#port => 27017, #the default port
verbose => true,
auth => true,
bind_ip => ['0.0.0.0'] #Necessary for Vagrant to bind on the correct IP address instead of the loopback 127.0.0.1
}
#if we install a different port this did not work for me
mongodb::db { 'testdb':
user => 'user1',
password_hash => 'a15fbfca5e3a758be80ceaf42458bcd8', #this means pass1
}
include '::mongodb::server'
Remember to include the following modules in your modules folder:
