IBM Support

MongoDB database backup and restore requirements: IBM Spectrum Protect™ Plus V10.1.3

Preventive Service Planning


Abstract

This document details the MongoDB database backup and restore requirements for IBM® Spectrum Protect™ Plus V10.1.3

Content

This document is divided into linked sections for ease of navigation. You may use the links below to jump to the section of the document you need.
 

General
Configuration
Software
Connectivity
Authentication and Privileges
Ports


General

Before registering each MongoDB application server in IBM Spectrum Protect Plus, ensure it meets the following requirements.
 


Configuration

Database Versions

  • MongoDB Version 3.6 and later maintenance levels and mod levels: Community Server and Enterprise Server Editions.

  • MongoDB Version 4.0 and later maintenance levels and mod levels: Community Server and Enterprise Server Editions.
     

Operating Systems

On Linux x86_x64

  • Red Hat Enterprise Linux 6.8 and later maintenance levels and mod levels

  • CentOS 6.8 and later maintenance levels and mod levels

  • Red Hat Enterprise Linux 7 and later maintenance levels and mod levels

  • CentOS 7 and later maintenance levels and mod levels

  • SUSE Linux Enterprise Server 12.0 SP1 and later maintenance levels and mod levels
     

Additional Notes

Install the latest MongoDB patches and updates in your environment.

Ensure that your MongoDB environment is configured to meet the following criteria:

  • MongoDB is configured as a standalone instance or replica set. Backups of MongoDB sharded cluster instances are not supported. A backup always includes all databases in the instance.

  • MongoDB instance is configured to use the WiredTiger Storage Engine.

  • The user in the MongoDB application server registration in IBM Sectrum Protect Plus must be able to retrieve server info and status from the MongoDB admin database.

  • Logical volumes of MongoDB data and log paths are managed by Linux Logical Volume Manager (LVM2). LVM2 is used for creating temporary volume snapshots. The database files and the journal must be located on a single volume. The logical volume grows in size with data as it changes on the source volume while the snapshot exists. For more information, see IBM Knowledge Center under LVM2 .
     


Software

  • Python version 2.6.x or 2.7.x must be installed.

  • When the MongoDB application server runs RHEL or CentOS 6.x, ensure that the openssl package is at version 1.0.1e-57 or above. Run "yum update openssl" to update.

  • Ensure the supported version of Linux x86_64 is installed.
     


Connectivity

Ensure that the following connectivity criteria are in place:

  • SSH service is running on port 22 on the server.

  • Firewalls must be configured to allow IBM Spectrum Protect Plus to connect to the server using SSH.

  • The SFTP subsystem for SSH is enabled.

  • The application server can be registered in IBM Spectrum Protect Plus using a DNS name or IP address. DNS names must be resolvable by IBM Spectrum Protect Plus.
     


Authentication and Privileges

  • The MongoDB server must be registered in IBM Spectrum Protect Plus using an operating system user that exists on the MongoDB server (referred to as "IBM Spectrum Protect Plus agent user" for the rest of this topic).

  • Ensure the password is correctly configured and that the user can log in without facing any other prompts, such as prompts to reset the password.

  • On MongoDB SSL based encryption and certificate based authentication is not supported

  • On MongoDB Enterprise Server Editions only on-storage encryption is supported

The IBM Spectrum Protect Plus agent user must have the following privileges:

  • Privileges to run commands as root and as MongoDB software owner users using sudo. IBM Spectrum Protect Plus requires this for various tasks such as discovering storage layouts, mounting and unmounting disks, and managing databases.

    • The sudoers configuration must allow the IBM Spectrum Protect Plus agent user to run commands without a password.

    • The !requiretty setting must be set.

  • Privileges to execute the standard MongoDB server module /usr/local/bin/mongod. IBM Spectrum Protect Plus requires this to use the pymongo API to connect to the MongoDB servers using the instance's assigned DNS/IP name and port. This mechanism is used to gather information on MongoDB instances and databases.

  • If the MongoDB server is protected by role-based authentication, in order to get the MongoDB agent to work in your IBM Spectrum Protect™ Plus environment, you must set up the appropriate privileges. See Managing user access in IBM Knowledge Center. 
     


Ports

The following ports are used by IBM Spectrum Protect Plus Agents. Note that ports marked as Accept use a secure connection (https/ssl).

Incoming IBM Spectrum Protect Plus Agent Firewall Connections
Port Protocol Firewall Rule Service Description
22 TCP Accept SSH Used for SSH data transfer to and from the internal vSnap server.


 

Outgoing IBM Spectrum Protect Plus Agent Firewall Connections
Port Protocol Service Description
111 TCP vSnap RPC Port Bind Allows clients to discover ports that Open Network Connectivity (ONC) clients require to communicate with ONC servers.
2049 TCP vSnap NFS Used for NFS file sharing via vSnap.
20048 TCP vSnap NFS Mount Mounts vSnap file systems on clients such as the VADP Proxy, application servers, and virtualization data stores.



 

[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSNQFQ","label":"IBM Spectrum Protect Plus"},"Component":"Not Applicable","Platform":[{"code":"PF016","label":"Linux"},{"code":"PF033","label":"Windows"}],"Version":"10.1.3","Edition":"","Line of Business":{"code":"LOB26","label":"Storage"}}]

Document Information

Modified date:
12 February 2019

UID

ibm10742435