+11
Team,
Does anyone has configure backups for MongoDB instances with SSL configuration.
I followed the documentation available at https://documentation.commvault.com/commvault/v11/article?p=133382.htm but this is not working.
Regards,
Mohit
Best answer by Mohit Chordia
View originalHi Mohit
Thank you for the question, please would you provide some more details on the version of Commvault and MongoDB you are using and any error messages being seen?
Thanks,
Stuart
+7
Hey Mohit,
Can you confirm what SSL options you have enabled in the mongod configuration file? Depending on what’s enabled will depend on what options you will need to configure as per the documentation link you have referenced.
When using the mongo client to connect, what parameters are you needing to pass to it?
If possible you can paste your mongod configuration file - removing/scrubbing any sensitive information of course.
+11
CS, Client, and Media agent version - 11.20.32
MongoDB
Hi Mohit
Thank you for the question, please would you provide some more details on the version of Commvault and MongoDB you are using and any error messages being seen?
Thanks,
Stuart
CS, Client, and Media agent version - 11.20.32
MongoDB Version - v4.0.19
Configuration -
PEMKeyFile: /u01/app/mongodb/admin/27052/ssl/PEMKeyfile.pem
CAFile: /u01/app/mongodb/admin/27052/ssl/CAFile.pem
PemKeyPassword : None( leave this empty)
Error - Failed to find cluster nodes while performing Discovery in the instance.
CVD logs while doing discovery :
24275 2173 01/28 09:58:48 ### MongoDbIDA::CClientBrowse::MachineBrowse(105) - dbUser=[mongocommbackup]
24275 2173 01/28 09:58:48 ### MongoDbIDA::CClientBrowse::MachineBrowse(110) - Port Number=27052
24275 2173 01/28 09:58:48 ### MongoDbIDA::CClientBrowse::MachineBrowse(121) - Fetching client info
24275 2173 01/28 09:58:48 ### MongoDbIDA::CClientBrowse::MachineBrowse(130) - Client Id=[16913] Name=[or1010050184124] Host=[or1010050184124] eHost=[or1010050184124]
24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbConnection::Impl::ReadSocketTimeoutAdditionalSetting(232) - Using default socket timeout for mongoc driver connections
24275 2173 01/28 09:58:48 ### MongoDbIDA::CClientBrowse::MachineBrowse(142) - Starting Discover Host=<or1010050184124> Port=<27052>
24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbUtil::Discover(1823) - Starting discover using hostname [or1010050184124] port [27052] user [mongocommbackup]
24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbUtil::RunMongoCmd(1151) - Running cmd [mongod --version]
24275 2173 01/28 09:58:48 ### CvProcess::system() - /u01/app/mongodb/product/4.0/bin/mongod --version 2>&1
24275 2173 01/28 09:58:48 ### CvProcess::system() - Command completed with rc=0
24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbUtil::GetMongoDBServerVersion(1726) - Found MongoDB server version [v4.0.19]
24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbConnection::Connect(497) - Connected to [or1010050184124:27052]
24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbConnection::RunCommand(566) - database:[admin], command:[{"ping" : 1}], slaveOK:[true]
24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbConnection::Impl::RunCommand(317) - [Run admin command failed, error message: [No suitable servers found (`serverSelectionTryOnce` set): [TLS handshake failed: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed calling ismaster on 'or1010050184124:27052']]]
24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbUtil::_RunMongoAdminCmd(4567) - Failed to execute command [{"ping" : 1}]
24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbUtil::_RunMongoAdminCmd(4568) - Error: [Run admin command failed, error message: [No suitable servers found (`serverSelectionTryOnce` set): [TLS handshake failed: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed calling ismaster on 'or1010050184124:27052']]]
24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbConnection::Connect(497) - Connected to [10.50.184.124:27052]
24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbConnection::RunCommand(566) - database:[admin], command:[{"ping" : 1}], slaveOK:[true]
24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbConnection::Impl::RunCommand(317) - [Run admin command failed, error message: [No suitable servers found (`serverSelectionTryOnce` set): [TLS handshake failed: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed calling ismaster on '10.50.184.124:27052']]]
24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbUtil::_RunMongoAdminCmd(4567) - Failed to execute command [{"ping" : 1}]
24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbUtil::_RunMongoAdminCmd(4568) - Error: [Run admin command failed, error message: [No suitable servers found (`serverSelectionTryOnce` set): [TLS handshake failed: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed calling ismaster on '10.50.184.124:27052']]]
24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbUtil::Discover(1834) - Failed to validate master node hostname [or1010050184124]
24275 2173 01/28 09:58:48 ### MongoDbIDA::CClientBrowse::MachineBrowse(144) - retCode from Discover = 1
24275 2173 01/28 09:58:48 ### MongoDbIDA::CClientBrowse::MachineBrowse(164) - XML=[ <?xml version="1.0" encoding="UTF-8" standalone="no" ?><App_MongoDBConfig/> ]
24275 2173 01/28 09:58:48 ### MongoDbIDA::CClientBrowse::MachineBrowse(176) - MachineBrowse Finished -- Path = /
+11
Hey Mohit,
Can you confirm what SSL options you have enabled in the mongod configuration file? Depending on what’s enabled will depend on what options you will need to configure as per the documentation link you have referenced.
When using the mongo client to connect, what parameters are you needing to pass to it?
If possible you can paste your mongod configuration file - removing/scrubbing any sensitive information of course.
I passed the below configuration as additional settings in the commcell client computer group.
bEnableMongoSSL : True
PEMKeyFile: /u01/app/mongodb/admin/27052/ssl/PEMKeyfile.pem
CAFile: /u01/app/mongodb/admin/27052/ssl/CAFile.pem
PemKeyPassword : None( leave this empty)
Error - Failed to find cluster nodes while performing Discovery in the instance( commcell console)
CVD logs while doing discovery :
24275 2173 01/28 09:58:48 ### MongoDbIDA::CClientBrowse::MachineBrowse(105) - dbUser=[mongocommbackup]
24275 2173 01/28 09:58:48 ### MongoDbIDA::CClientBrowse::MachineBrowse(110) - Port Number=27052
24275 2173 01/28 09:58:48 ### MongoDbIDA::CClientBrowse::MachineBrowse(121) - Fetching client info
24275 2173 01/28 09:58:48 ### MongoDbIDA::CClientBrowse::MachineBrowse(130) - Client Id=[16913] Name=[or1010050184124] Host=[or1010050184124] eHost=[or1010050184124]
24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbConnection::Impl::ReadSocketTimeoutAdditionalSetting(232) - Using default socket timeout for mongoc driver connections
24275 2173 01/28 09:58:48 ### MongoDbIDA::CClientBrowse::MachineBrowse(142) - Starting Discover Host=<or1010050184124> Port=<27052>
24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbUtil::Discover(1823) - Starting discover using hostname [or1010050184124] port [27052] user [mongocommbackup]
24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbUtil::RunMongoCmd(1151) - Running cmd [mongod --version]
24275 2173 01/28 09:58:48 ### CvProcess::system() - /u01/app/mongodb/product/4.0/bin/mongod --version 2>&1
24275 2173 01/28 09:58:48 ### CvProcess::system() - Command completed with rc=0
24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbUtil::GetMongoDBServerVersion(1726) - Found MongoDB server version [v4.0.19]
24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbConnection::Connect(497) - Connected to [or1010050184124:27052]
24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbConnection::RunCommand(566) - database:[admin], command:[{"ping" : 1}], slaveOK:[true]
24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbConnection::Impl::RunCommand(317) - [Run admin command failed, error message: [No suitable servers found (`serverSelectionTryOnce` set): [TLS handshake failed: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed calling ismaster on 'or1010050184124:27052']]]
24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbUtil::_RunMongoAdminCmd(4567) - Failed to execute command [{"ping" : 1}]
24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbUtil::_RunMongoAdminCmd(4568) - Error: [Run admin command failed, error message: [No suitable servers found (`serverSelectionTryOnce` set): [TLS handshake failed: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed calling ismaster on 'or1010050184124:27052']]]
24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbConnection::Connect(497) - Connected to [10.50.184.124:27052]
24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbConnection::RunCommand(566) - database:[admin], command:[{"ping" : 1}], slaveOK:[true]
24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbConnection::Impl::RunCommand(317) - [Run admin command failed, error message: [No suitable servers found (`serverSelectionTryOnce` set): [TLS handshake failed: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed calling ismaster on '10.50.184.124:27052']]]
24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbUtil::_RunMongoAdminCmd(4567) - Failed to execute command [{"ping" : 1}]
24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbUtil::_RunMongoAdminCmd(4568) - Error: [Run admin command failed, error message: [No suitable servers found (`serverSelectionTryOnce` set): [TLS handshake failed: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed calling ismaster on '10.50.184.124:27052']]]
24275 2173 01/28 09:58:48 ### MongoDbIDA::MongoDbUtil::Discover(1834) - Failed to validate master node hostname [or1010050184124]
24275 2173 01/28 09:58:48 ### MongoDbIDA::CClientBrowse::MachineBrowse(144) - retCode from Discover = 1
24275 2173 01/28 09:58:48 ### MongoDbIDA::CClientBrowse::MachineBrowse(164) - XML=[ <?xml version="1.0" encoding="UTF-8" standalone="no" ?><App_MongoDBConfig/> ]
24275 2173 01/28 09:58:48 ### MongoDbIDA::CClientBrowse::MachineBrowse(176) - MachineBrowse Finished -- Path = /
+7
Hey Rohit,
Sorry for the delay here - I’m not sure if you’re using the all the correct additinal settings . Can you confirm how you’re logging in with the mongo client? What parameters are used? Also - please confirm all SSL related settings in the monod config file.
+11
Thank you . I raised a case with support and they helped me with the resolution of this issue.
Hosts has “cname” which is recognizable by database , when I updated the hostname in commcell to there cname , discovery works fine.
+7
Hey Mogit,
That’s good to hear!
If you could mark this thread as answered that would be great.
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.
