MongoDB

Channel Revision Published Runs on
6/stable 199 04 Oct 2024
Ubuntu 22.04
6/candidate 199 04 Oct 2024
Ubuntu 22.04
6/beta 199 04 Oct 2024
Ubuntu 22.04
6/edge 204 12 Nov 2024
Ubuntu 22.04
5/stable 117 20 Apr 2023
Ubuntu 22.04
5/candidate 117 20 Apr 2023
Ubuntu 22.04
5/edge 139 21 Nov 2023
Ubuntu 22.04 Ubuntu 20.04
5/edge 109 06 Mar 2023
Ubuntu 22.04 Ubuntu 20.04
3.6/stable 100 28 Apr 2023
Ubuntu 20.04 Ubuntu 18.04
3.6/candidate 100 13 Apr 2023
Ubuntu 20.04 Ubuntu 18.04
3.6/edge 100 03 Feb 2023
Ubuntu 20.04 Ubuntu 18.04
juju deploy mongodb --channel 6/stable
Show information

Platform:

Ubuntu
22.04 20.04 18.04

Charmed MongoDB Tutorials > Deploy a sharded cluster > 5. Manage passwords

Manage passwords

When we accessed MongoDB earlier in this tutorial, we needed to include a password in the URI. Passwords help secure our database and are essential for security. Over time, it is a good practice to change the password frequently.

This part of the tutorial will guide you through the essential password operations in Charmed MongoDB.

Summary


Retrieve the admin password

The operator password can be retrieved by running the get-password action on the Charmed MongoDB application. Password management in shared Charmed MongoDB clusters is handled exclusively by the config-server, so this is where we will perform all password-related operations.

To retrieve the cluster password, run the get-passwordaction on theconfig-server`:

juju run config-server/leader get-password

Running the command should output:

Running operation 9 with 1 task
  - task 10 on unit-mongodb-0

Waiting for task 10...
password: 9JLjd0tuGngW5xFKWWbo0Blxyef0oGec

The admin password is under the result: password.

Rotate the admin password

You can change the operator password to a new random password by running the set-password action on the config-server:

juju run config-server/leader set-password

Running the command should output:

Running operation 11 with 1 task
  - task 12 on unit-config-server-0

Waiting for task 12...
password: f3QkHE6QgmDLdRBonrt4vToWB7IZd4JO

The admin password is under the result: password. It should be different from your previous password.

Remember that when you change the operator password, you will also need to update the DB_PASSWORD environment variable used in the MongoDB URI.

To update the URI:

export DB_PASSWORD=$(juju run config-server/leader get-password | grep password|  awk '{print $2}')
export URI=mongodb://$DB_USERNAME:$DB_PASSWORD@localhost:27018/admin
echo $URI

Set the admin password

You can change the operator password to a specific password by running set-password on the config-server with your provided password:

juju run config-server/leader set-password password=<password>

Running the command should output:

Running operation 17 with 1 task
  - task 18 on unit-config-server-0

Waiting for task 18...
password: <password>

The operator password under the result: password should match whatever you passed in when you entered the command.

Remember that when you change the operator password, you will also need to update the DB_PASSWORD environment variable used in the MongoDB URI.

To update the URI:

export DB_PASSWORD=$(juju run config-server/leader get-password | grep password|  awk '{print $2}')
export URI=mongodb://$DB_USERNAME:$DB_PASSWORD@localhost:27018/admin
echo $URI

Next step: 6. Integrate with other applications


Help improve this document in the forum (guidelines). Last updated 8 months ago.