MongoDB requirements

Before you install IBM Spectrum Protect Plus, review the hardware and software requirements for the product and other components that you plan to install in the storage environment.

To help ensure that backup and restore operations can be run successfully, your system must meet the hardware and software requirements. Use the following requirements as a starting point. For the most current requirements, which might include updates, see technote 2013790.

The MongoDB database backup and restore requirements for IBM Spectrum Protect Plus are as follows.

MongoDB configuration requirements

The following MongoDB database versions are supported:
  • MongoDB Version 3.6 and later maintenance levels and mod levels: Community Server and Enterprise Server Editions.
  • MongoDB Version 4.0 and later maintenance levels and mod levels: Community Server and Enterprise Server Editions.

Operating systems

The following operating systems are supported:
  • On Linux x86_x64:
    • Red Hat Enterprise Linux 6.8 and later maintenance levels and mod levels.
    • CentOS 6.8 and later maintenance levels and mod levels.
    • Red Hat Enterprise Linux 7 and later maintenance levels and mod levels.
    • CentOS 7 and later maintenance levels and mod levels.
    • SUSE Linux Enterprise Server 12.0 SP1 and later maintenance levels and mod levels.

Additional notes

To help optimize performance, install the latest MongoDB patches and updates in your environment.

Ensure that your MongoDB environment is configured to meet the following criteria:
  • MongoDB is configured as a standalone instance or replica set. Back up operations of MongoDB sharded cluster instances are not supported. A backup always includes all databases in the instance.
  • The MongoDB instance is configured to use the WiredTiger Storage Engine
  • The user in the MongoDB application server registration in IBM Spectrum Protect Plus must be able to retrieve server information and status from the MongoDB admin database.
  • Logical volumes of MongoDB data and log paths are managed by Linux Logical Volume Manager (LVM2). LVM2 is used for creating temporary volume snapshots. The database files and the journal must be located on a single volume. The logical volume grows in size with data as it changes on the source volume while the snapshot exists. For more information, see Linux LVM2.

Software

Review the following software requirements:
  • Python version 2.6 or 2.7 must be installed.
  • When the MongoDB application server runs RHEL or CentOS 6.x, ensure that the openssl package is at version 1.0.1e-57 or above. Run yum update openssl to update to this requirement.
  • Ensure that the supported version of Linux x86_64 is installed.

Connectivity

Review the following connectivity requirements:
  • SSH service is running on port 22 on the server.
  • Firewalls must be configured to allow IBM Spectrum Protect Plus to connect to the server using SSH.
  • The SFTP subsystem for SSH is enabled.
  • The application server can be registered to IBM Spectrum Protect Plus by using a DNS name or an IP address. DNS names must be resolvable by IBM Spectrum Protect Plus.

Authentication and privileges

The MongoDB server must be registered in IBM Spectrum Protect Plus using an operating system user that exists on the MongoDB server. This user is referred to as IBM Spectrum Protect Plus agent user.

Ensure that the password is correctly configured and that the user can log in without any other prompts, such as prompts to reset the password.

On MongoDB, SSL-based encryption and certificate-based authentication is not supported.

On MongoDB Enterprise Editions, only on-storage encryption is supported.

The IBM Spectrum Protect Plus agent user must have the following privileges:
  • Privileges to run commands as the root user and as the MongoDB software owner user by using sudo. IBM Spectrum Protect Plus requires this privilege for tasks such as discovering storage layouts, mounting and unmounting disks, and managing databases.
    • The sudoers configuration must allow the IBM Spectrum Protect Plus agent user to run commands without a password.
    • The !requiretty setting must be set.

  • Privileges to run the standard MongoDB server module /usr/local/bin/mongodb. IBM Spectrum Protect Plus requires this privilege to use the pymongo API to connect to the MongoDB servers by using the assigned DNS/IP name and port. This mechanism is used to gather information about MongoDB instances and databases.
  • If the MongoDB server is protected by role-based authentication, to get the MongoDB agent to work in your IBM Spectrum Protect Plus environment, you must set up the appropriate privileges. See Managing user access and Roles for MongoDB.

Ports

The following ports are used by MongoDB servers. Ports that are marked as Accept use secure connections (HTTPS/SSL).

Table 1. Incoming MongoDB server firewall connections
Port Protocol Firewall Service Description
22 TCP Accept SSH Used for SSH data transfer to and from the internal vSnap server.
Table 2. Outgoing MongoDB server firewall connections
Port Protocol Service Description
111 TCP vSnap RPC Port Bind Allows clients to discover ports that Open Network Computing (ONC) clients require to communicate with ONC servers.
2049 TCP vSnap NFS Used for NFS file sharing via vSnap.
20048 TCP vSnap NFS Mount Mounts vSnap file systems on clients such as the VADP proxy, application servers, and virtualization data stores.