0

I have successfully deployed a mongo replication set sharing a keyfile between my three nodes. It works fine, the problem is when I try to start ops manager service: 

[root@xxx:/etc]# service mongodb-mms start
Starting pre-flight checks
Failure to connect to configured mongo instance: 
Config{loadBalance=false, encryptedCredentials=false, ssl='false', 
dbNames='[mmsdb, mmsdbprovisionlog, mmsdbautomation, mmsdbserverlog, 
mmsdbpings, mmsdbprofile, mmsdbrrd, mmsdbconfig, mmsdblogcollection, 
mmsdbjobs, mmsdbagentlog, mmsdbbilling, backuplogs, automationcore, 
monitoringstatus, mmsdbautomationlog, automationstatus, cloudconf, backupdb, 
mmsdbprovisioning, mmsdbqueues]', uri=mongodb://xxx1:27017,xxx2:27017,xxx3:27017} Error: Command failed with 
error 13: 'not authorized on admin to execute command { listDatabases: 1, 
$db: "admin" }' on server xxx1:27017. The full response is { "operationTime" 
: { "$timestamp" : { "t" : 1517416044, "i" : 1 } }, "ok" : 0.0, "errmsg" : 
"not authorized on admin to execute command { listDatabases: 1, $db: 
\"admin\" }", "code" : 13, "codeName" : "Unauthorized", "$clusterTime" : { 
"clusterTime" : { "$timestamp" : { "t" : 1517416044, "i" : 1 } }, "signature" : { "hash" : { "$binary" : "fh+qyjJ0L8c8zCx0U672aJdZdUw=", "$type" : "00" }, "keyId" : { "$numberLong" : "6516848947321896961" } } } }
Pre-flight checks failed. Service can not start.

I'm not authorized on database admin..

I have tried to configure another repl set in which I have commented this part of the mongod.conf file

security:
  keyFile: /opt/mongo/mongo-keyfile

i can start the service correctly. what is wrong?

Giuseppe Giuffrida
  • 1
  • 1
  • I think you only need to run mongod service on your server with "service mongod start ", for details you can see on this website, I think the error is same.[How to Fix Mongodb OPS Manager Failure to connect to configured mongo instance](https://www.siskom.xyz/2018/05/how-to-fix-mongodb-ops-manager-failur-to-connect.html) – Kirana May 12 '18 at 23:59

1 Answers1

1

Your MongoDB server is starting with authentication enabled, but the ops manager service is trying to connect and manage the server (starting with the listDatabases command) without being authenticated.

The MongoDB docs include a useful tutorial on Enforce Keyfile Access Control in a Replica Set, which includes this pertinent comment:

Running mongod with the --keyFile command-line option or the security.keyFile configuration file setting enforces both Internal Authentication and Role-Based Access Control.

Vince Bowdren
  • 8,326
  • 3
  • 31
  • 56