defaults/main.yml

@@ -49,9 +49,9 @@ mongodb_directoryperdb: 'false'
 mongodb_conf_file: /etc/mongod.conf
 mongodb_daemon: /usr/bin/mongod
 mongod_additional_options: ""
-# mongodb_allowed_hosts:
-#  - 127.0.0.1/8
-#  - '{{ ansible_default_ipv4.address }}/32'
+mongodb_allowed_hosts:
+  - 127.0.0.1/8
+  - '{{ ansible_default_ipv4.address }}/32'
 
 mongodb_storage_engine: wiredTiger
 
@@ -81,28 +81,6 @@ mongodb_cluster_enabled: False
 mongodb_authorization_enabled: False
 mongodb_replicaset: storagedev
 mongodb_replica_keyfile: '{{ mongodb_dbpath }}/replica_keyfile'
-mongodb_oplog_size: 2000
 
-# Prometheus metrics
-mongodb_prometheus_exporter_enabled: false
-mongodb_prometheus_exporter_version: '0.39.0'
-mongodb_prometheus_exporter_dir: 'mongodb_exporter-{{ mongodb_prometheus_exporter_version }}.linux-amd64'
-mongodb_prometheus_exporter_file: '{{ mongodb_prometheus_exporter_dir }}.tar.gz'
-mongodb_prometheus_exporter_download_url: 'https://github.com/percona/mongodb_exporter/releases/download/v{{ mongodb_prometheus_exporter_version }}/{{ mongodb_prometheus_exporter_file }}'
-mongodb_prometheus_exporter_port: 9216
-mongodb_prometheus_exporter_loglevel: error
-mongodb_prometheus_exporter_collstat_limit: '20'
-mongodb_prometheus_exporter_opts: '--web.listen-address=":{{ mongodb_prometheus_exporter_port }}" --log.level={{ mongodb_prometheus_exporter_loglevel }}'
-mongodb_prometheus_exporter_connection_opts: '--mongodb.uri="mongodb://{{ mongodb_prometheus_exporter_connection_user }}:{{ mongodb_prometheus_exporter_connection_password }}@{{ mongodb_prometheus_exporter_connection_host }}/{{ mongodb_prometheus_exporter_connection_params }}"'
-mongodb_prometheus_exporter_collect_opts: '--mongodb.global-conn-pool --mongodb.direct-connect=true --collector.topmetrics --discovering-mode --collector.dbstats --collector.collstats-limit={{ mongodb_prometheus_exporter_collstat_limit }}'
-mongodb_prometheus_exporter_enable_compatible_mode: False
-# List the additional options here
-mongodb_prometheus_exporter_additional_opts: ''
-mongodb_prometheus_exporter_user: prometheus_mongodb
-mongodb_prometheus_exporter_home: '/opt/{{ mongodb_prometheus_exporter_user }}'
-mongodb_prometheus_exporter_dist_dir: '{{ mongodb_prometheus_exporter_home }}/dist'
-mongodb_prometheus_exporter_cmd: '{{ mongodb_prometheus_exporter_dist_dir }}/{{ mongodb_prometheus_exporter_dir }}/mongodb_exporter'
-mongodb_prometheus_exporter_connection_host: 'localhost:27017'
-mongodb_prometheus_exporter_connection_user: monitor
-#mongodb_prometheus_exporter_connection_password: 'use a vault'
-mongodb_prometheus_exporter_connection_params: 'admin?ssl=true'
+# User and password are stored in the variables mongo_monitoring_u and mongo_monitoring_pwd
+

handlers/main.yml

@@ -7,11 +7,3 @@
   service: name=mongodb state=restarted
   when: "'{{ mongodb_start_server }}' == 'yes'"
 
-- name: Restart mongodb exporter
-  ansible.builtin.service:
-    name: mongodb_exporter
-    state: restarted
-
-- name: Reload the systemd data
-  systemd:
-    daemon_reload: yes

tasks/main.yml

@@ -2,4 +2,3 @@
 - import_tasks: mongodb.yml
 - import_tasks: mongodb-letsencrypt-acmetool.yml
   when: mongodb_ssl_letsencrypt_managed
-- import_tasks: mongodb-prometheus-exporter.yml

tasks/mongodb-prometheus-exporter.yml

@@ -1,70 +0,0 @@
----
-- name: Mongodb exporter
-  block:
-    - name: Create the user under the mongodb exporter will run
-      ansible.builtin.user:
-        name: '{{ mongodb_prometheus_exporter_user }}'
-        home: '{{ mongodb_prometheus_exporter_home }}'
-        createhome: no
-        shell: /usr/sbin/nologin
-        system: yes
-
-    - name: Create the prometheus mongodb exporter base directory
-      ansible.builtin.file:
-        dest: '{{ item }}'
-        state: directory
-        owner: root
-        group: root
-      loop:
-        - '{{ mongodb_prometheus_exporter_home }}'
-        - '{{ mongodb_prometheus_exporter_dist_dir }}'
-
-    - name: Download the prometheus mongodb exporter
-      ansible.builtin.get_url:
-        url: '{{ mongodb_prometheus_exporter_download_url }}'
-        dest: /srv/
-
-    - name: Unarchive the prometheus distribution
-      ansible.builtin.unarchive:
-        src: '/srv/{{ mongodb_prometheus_exporter_file }}'
-        dest: '{{ mongodb_prometheus_exporter_dist_dir }}'
-        remote_src: yes
-        owner: root
-        group: root
-      args:
-        creates: '{{ mongodb_prometheus_exporter_dist_dir }}/{{ mongodb_prometheus_exporter_dir }}/mongodb_exporter'
-      notify: Restart mongodb exporter
-
-    - name: Install the prometheus node exporter upstart script
-      ansible.builtin.template:
-        src: mongodb_exporter.upstart.j2
-        dest: /etc/init/mongodb_exporter.conf
-        mode: 0644
-        owner: root
-        group: root
-      when: ansible_service_mgr != 'systemd'
-      notify: Restart mongodb exporter
-
-    - name: Install the prometheus mongodb exporter systemd unit
-      ansible.builtin.template:
-        src: mongodb_exporter.service.j2
-        dest: /etc/systemd/system/mongodb_exporter.service
-        mode: 0644
-        owner: root
-        group: root
-      when: ansible_service_mgr == 'systemd'
-      notify:
-        - Reload the systemd data
-        - Restart mongodb exporter
-
-    - ansible.builtin.meta: flush_handlers
-
-    - name: Ensure that prometheus mongodb_exporter is started and enabled
-      ansible.builtin.service:
-        name: mongodb_exporter
-        state: started
-        enabled: yes
-
-  when: mongodb_prometheus_exporter_enabled
-  tags: [ 'mongodb', 'prometheus', 'mongodb_prometheus' ]
-

tasks/mongodb.yml

@@ -36,7 +36,7 @@
     - name: Install/Update the mongodb-org configuration
       template: src=mongod-{{ mongodb_version }}.conf.j2 dest=/etc/mongod.conf owner=root group=root mode=0444 backup=yes
       when: mongodb_install_conf
-      notify: Restart mongod
+      notify: Restart mongodb
       tags: [ 'mongodb', 'mongodb_update_conf', 'mongodb_keyfile' ]
 
   when:
@@ -55,7 +55,7 @@
     - name: Install the mongodb-org defaults file
       template: src=mongod-default.j2 dest=/etc/default/mongod owner=root group=root mode=0444
       when: mongodb_install_conf
-      notify: Restart mongod
+      notify: Restart mongodb
       tags: [ 'mongodb', 'mongodb_update_conf' ]
 
   when:

templates/mongod-3.0.conf.j2

@@ -43,7 +43,7 @@ net:
 
 {%if mongodb_cluster_enabled %}
 security:
-  keyFile: {{ mongodb_replica_keyfile }}
+  keyFile: /data/mongo_home/dev-d4science-keyfile
 
 replication:
   oplogSizeMB: 2000

templates/mongod-3.2.conf.j2

@@ -1 +0,0 @@
-mongod-3.0.conf.j2

templates/mongod-3.2.conf.j2

@@ -0,0 +1,54 @@
+# mongod.conf
+
+# for documentation of all options, see:
+#   http://docs.mongodb.org/manual/reference/configuration-options/
+
+# Where and how to store data.
+storage:
+  dbPath: {{ mongodb_dbpath }}
+  journal:
+    enabled: true
+  directoryPerDB: {{ mongodb_directoryperdb }}
+  engine: {{ mongodb_storage_engine }}
+#  mmapv1:
+#  wiredTiger:
+
+# where to write logging data.
+systemLog:
+  destination: {{ mongodb_systemlog_destination }}
+  path: {{ mongodb_logpath }}
+{% if not mongodb_systemlog_external_logrotate %}
+  logRotate: rename
+  logAppend: false
+{% else %}
+  logRotate: reopen
+  logAppend: true
+{% endif %}
+# network interfaces
+net:
+  port: {{ mongodb_tcp_port }}
+  bindIp: {{ mongo_bind_ip }}
+  http:
+    enabled: {{ mongodb_http_interface }}
+    JSONPEnabled: {{ mongodb_http_interface }}
+    RESTInterfaceEnabled: {{ mongodb_http_interface }}
+{% if mongodb_ssl_enabled %}
+  ssl:
+    mode: {{ mongodb_ssl_mode }}
+    PEMKeyFile: '{{ mongodb_ssl_certkey_file }}'
+    CAFile: '{{ mongodb_ssl_CA_file }}'
+{% endif %}
+  
+#processManagement:
+
+{%if mongodb_cluster_enabled %}
+security:
+  keyFile: /data/mongo_home/dev-d4science-keyfile
+
+replication:
+  oplogSizeMB: 2000
+  replSetName: {{ mongodb_replicaset }}
+{% endif %}
+
+#sharding:
+

templates/mongod-3.6.3.conf.j2

@@ -1 +0,0 @@
-mongod-3.6.conf.j2

templates/mongod-3.6.3.conf.j2

@@ -0,0 +1,52 @@
+# mongod.conf
+
+# for documentation of all options, see:
+#   http://docs.mongodb.org/manual/reference/configuration-options/
+
+# Where and how to store data.
+storage:
+  dbPath: {{ mongodb_dbpath }}
+  journal:
+    enabled: true
+  directoryPerDB: {{ mongodb_directoryperdb }}
+  engine: {{ mongodb_storage_engine }}
+#  mmapv1:
+#  wiredTiger:
+
+# where to write logging data.
+systemLog:
+  destination: {{ mongodb_systemlog_destination }}
+  path: {{ mongodb_logpath }}
+{% if not mongodb_systemlog_external_logrotate %}
+  logRotate: rename
+  logAppend: false
+{% else %}
+  logRotate: reopen
+  logAppend: true
+{% endif %}
+# network interfaces
+net:
+  port: {{ mongodb_tcp_port }}
+  bindIp: {{ mongo_bind_ip }}
+{% if mongodb_ssl_enabled %}
+  ssl:
+    mode: {{ mongodb_ssl_mode }}
+    PEMKeyFile: '{{ mongodb_ssl_certkey_file }}'
+    CAFile: '{{ mongodb_ssl_CA_file }}'
+    disabledProtocols: {{ mongodb_ssl_disabled_protocols }}
+    allowConnectionsWithoutCertificates: {{ mongodb_ssl_allowConnectionsWithoutCertificates }}
+{% endif %}
+  
+#processManagement:
+
+{%if mongodb_cluster_enabled %}
+security:
+  keyFile: /data/mongo_home/dev-d4science-keyfile
+
+replication:
+  oplogSizeMB: 2000
+  replSetName: {{ mongodb_replicaset }}
+{% endif %}
+
+#sharding:
+

templates/mongod-3.6.conf.j2

@@ -41,12 +41,11 @@ net:
 
 {%if mongodb_cluster_enabled %}
 security:
-  keyFile: {{ mongodb_replica_keyfile }}
+  keyFile: /data/mongo_home/dev-d4science-keyfile
 
 replication:
-  oplogSizeMB: {{ mongodb_oplog_size }}
+  oplogSizeMB: 2000
   replSetName: {{ mongodb_replicaset }}
-  enableMajorityReadConcern: false
 {% endif %}
 
 #sharding:

templates/mongodb-letsencrypt-acmetool.sh.j2

@@ -12,31 +12,17 @@ echo "$DATE" > $LE_LOG_DIR/mongodb.log
 
 [ ! -d $MONGODB_CERTDIR ] && mkdir $MONGODB_CERTDIR
 
-cat ${LE_CERTS_DIR}/{cert,privkey} > ${MONGODB_CERTFILE}.new
-cmp ${MONGODB_CERTFILE}.new ${MONGODB_CERTFILE} 2>/dev/null
-if [ $? -eq 0 ] ; then
-   echo "The certificate is up to date" >> $LE_LOG_DIR/mongodb.log
-   rm -f ${MONGODB_CERTFILE}.new
-   exit 0
-fi
-
 echo "Building the new certificate file" >> $LE_LOG_DIR/mongodb.log
-/bin/mv -f ${MONGODB_CERTFILE}.new ${MONGODB_CERTFILE}
+cat ${LE_CERTS_DIR}/{cert,privkey} > ${MONGODB_CERTFILE}
 chmod 440 ${MONGODB_CERTFILE}
 chgrp mongodb ${MONGODB_CERTFILE}
 
 {% if mongodb_ssl_enabled %}
-echo "Restart the mongod service, reload is not supported" >> "$LE_LOG_DIR/mongodb.log"
+echo "Reload the mongod service" >> "$LE_LOG_DIR/mongodb.log"
 {% if mongodb_install_from_external_repo %}
-if [ -x /sbin/stop ] && [ -f /etc/init/mongod.conf ] ; then
-    /sbin/stop mongod >> "$LE_LOG_DIR/mongodb.log" 2>&1
-    sleep 10
-    /sbin/start mongod >> "$LE_LOG_DIR/mongodb.log" 2>&1
-else
-    service mongod stop >> "$LE_LOG_DIR/mongodb.log" 2>&1
-    sleep 10
-    service mongod start >> "$LE_LOG_DIR/mongodb.log" 2>&1
-fi 
+service mongod stop >> "$LE_LOG_DIR/mongodb.log" 2>&1
+sleep 10
+service mongod start >> "$LE_LOG_DIR/mongodb.log" 2>&1
 {% else %}
 systemctl stop mongodb >> "$LE_LOG_DIR/mongodb.log" 2>&1
 sleep 10

templates/mongodb_exporter.service.j2

@@ -1,15 +0,0 @@
-[Unit]
-Description=mongodb_exporter - Prometheus exporter for mongodb.
-After=network.target
-
-[Service]
-Type=simple
-Restart=on-failure
-
-User={{ mongodb_prometheus_exporter_user }}
-Group={{ mongodb_prometheus_exporter_user }}
-
-ExecStart={{ mongodb_prometheus_exporter_cmd }} {{ mongodb_prometheus_exporter_opts }} {{ mongodb_prometheus_exporter_additional_opts }} {{ mongodb_prometheus_exporter_collect_opts }} {{ mongodb_prometheus_exporter_connection_opts }}{% if mongodb_prometheus_exporter_enable_compatible_mode %} --compatible-mode{% endif %}
-
-[Install]
-WantedBy=multi-user.target

templates/mongodb_exporter.upstart.j2

@@ -1,13 +0,0 @@
-description "Prometheus mongodb exporter"
-start on (local-filesystems and net-device-up IFACE!=lo)
-stop on runlevel [016]
-
-respawn
-respawn limit 10 5
-setuid {{ mongodb_prometheus_exporter_user }}
-setgid {{ mongodb_prometheus_exporter_user }}
-
-script
-  exec {{ mongodb_prometheus_exporter_cmd }} {{ mongodb_prometheus_exporter_opts }} {{ mongodb_prometheus_exporter_connection_opts }} {{ mongodb_prometheus_exporter_collect_opts }} {{ mongodb_prometheus_exporter_additional_opts }}{% if mongodb_prometheus_exporter_enable_compatible_mode %} --compatible-mode{% endif %}
-
-end script