MongoDB
- Canonical
- Databases
Channel | Revision | Published | Runs on |
---|---|---|---|
6/stable | 199 | 04 Oct 2024 | |
6/candidate | 199 | 04 Oct 2024 | |
6/beta | 199 | 04 Oct 2024 | |
6/edge | 204 | 12 Nov 2024 | |
5/stable | 117 | 20 Apr 2023 | |
5/candidate | 117 | 20 Apr 2023 | |
5/edge | 139 | 21 Nov 2023 | |
5/edge | 109 | 06 Mar 2023 | |
3.6/stable | 100 | 28 Apr 2023 | |
3.6/candidate | 100 | 13 Apr 2023 | |
3.6/edge | 100 | 03 Feb 2023 |
juju deploy mongodb --channel 6/stable
Deploy universal operators easily with Juju, the Universal Operator Lifecycle Manager.
Platform:
Charmed MongoDB Tutorials > Deploy a sharded cluster > 5. Manage passwords
Manage passwords
When we accessed MongoDB earlier in this tutorial, we needed to include a password in the URI. Passwords help secure our database and are essential for security. Over time, it is a good practice to change the password frequently.
This part of the tutorial will guide you through the essential password operations in Charmed MongoDB.
Summary
Retrieve the admin password
Theoperator
password can be retrieved by running the get-password
action on the Charmed MongoDB application. Password management in shared Charmed MongoDB clusters is handled exclusively by the config-server
, so this is where we will perform all password-related operations.
To retrieve the cluster password, run the
get-passwordaction on the
config-server`:
juju run config-server/leader get-password
Running the command should output:
Running operation 9 with 1 task
- task 10 on unit-mongodb-0
Waiting for task 10...
password: 9JLjd0tuGngW5xFKWWbo0Blxyef0oGec
The admin password is under the result: password
.
Rotate the admin password
You can change theoperator
password to a new random password by running the set-password
action on the config-server
:
juju run config-server/leader set-password
Running the command should output:
Running operation 11 with 1 task
- task 12 on unit-config-server-0
Waiting for task 12...
password: f3QkHE6QgmDLdRBonrt4vToWB7IZd4JO
The admin password is under the result: password
. It should be different from your previous password.
Remember that when you change the operator
password, you will also need to update the DB_PASSWORD
environment variable used in the MongoDB URI.
To update the URI:
export DB_PASSWORD=$(juju run config-server/leader get-password | grep password| awk '{print $2}')
export URI=mongodb://$DB_USERNAME:$DB_PASSWORD@localhost:27018/admin
echo $URI
Set the admin password
You can change theoperator
password to a specific password by running set-password
on the config-server
with your provided password:
juju run config-server/leader set-password password=<password>
Running the command should output:
Running operation 17 with 1 task
- task 18 on unit-config-server-0
Waiting for task 18...
password: <password>
The operator
password under the result: password
should match whatever you passed in when you entered the command.
Remember that when you change the operator
password, you will also need to update the DB_PASSWORD
environment variable used in the MongoDB URI.
To update the URI:
export DB_PASSWORD=$(juju run config-server/leader get-password | grep password| awk '{print $2}')
export URI=mongodb://$DB_USERNAME:$DB_PASSWORD@localhost:27018/admin
echo $URI
Next step: 6. Integrate with other applications