Hi Andrew,
I’m trying to establish a replica set with three nodes (one of which is an arbiter). For technical reasons the nodes must access each other using SSH tunnelling. I am reasonably confident this is configured correctly as on all the mongodb host’s I am able to connect to the other nodes using mongo by providing the relevant —host and —port parameters. When I initiate the replica set on what I’d like to be the primary, the logs show the “initiator” successfully connecting to the other members:
I’m not really sure what’s cause and what’s effect here. Does the initiator only send config on receipt of a heartbeat from a node? What can be done to get “replset config” to be send to the other nodes? Has anyone else successfully managed to create a replica set using SSH tunnelling?
I managed to create a localhost-based replica set using SSH tunnels by first starting all the mongod
servers and set up the SSH tunnels, then initiated the replica set using a configuration where the members’ addresses are using the SSH tunnel’s endpoint (in may case, it was localhost). So it is possible to create a replica set using SSH tunneling.
However, this is not a supported setup if you’re looking for transport-level security. This is because if you setup all tunnel endpoints on a single machine, then this machine is a single point of failure. If this machine went offline, then all tunnels are inaccessible, and the replica set could not failover as designed. This complicates your deployment, and will compromise the operation of the replica set’s high availability functions.
A better approach for transport-level security is to use MongoDB’s built-in transport encryption features, which utilizes TLS/SSL for transport level encryption, and also identity verification using SSL certificates. These security functionalities are baked into MongoDB and are more robust to failure scenarios compared to using SSH tunnels.
For more information, please see:
Best regards,
Kevin