Preventive Service Planning
Abstract
This document details the MongoDB database backup and restore requirements for IBM Spectrum Protect Plus Version 10.1.6.
Content
This document is divided into linked sections for ease of navigation. Use the following links to jump to the section of the document that you require:
- General
- Configuration
- Software
- Authentication and privileges
- Prerequisites and operations
- Connectivity
- Ports
- Hardware
General
Beginning with IBM Spectrum Protect Plus V10.1.3, support was added for backing up and restoring of MongoDB database data.
Before you register a MongoDB database with IBM Spectrum Protect Plus, ensure that the system environment meets the following requirements.
Configuration
Application versions
| IBM Spectrum Protect Plus | MongoDB V3.6* Community Server and Enterprise Server editions | MongoDB V4.0* Community Server and Enterprise Server editions | MongoDB V4.2* Community Server and Enterprise Server editions |
| V10.1.3 |  | | -- |
| V10.1.4 | | | -- |
| V10.1.5 | | | -- |
| V10.1.6 | | | |
* The base release and later maintenance and modification levels are supported.
Operating systems
| IBM Spectrum Protect Plus | RHEL 6.8* | RHEL 7.0* | CentOS 6.8* | CentOS 7.0* | SLES 12.0 SP1* |
| V10.1.3 | | | | | |
| V10.1.4 | | | | | |
| V10.1.5 | | | | | |
| V10.1.6 | IT32842: See Restrictions | | IT32842: See Restrictions | | |
* The base release and later maintenance and modification levels are supported.
| IBM Spectrum Protect Plus | RHEL 7.1* | CentOS 7.0* |
| V10.1.4 | | |
| V10.1.5 | | |
| V10.1.6 | IT32842: See Restrictions | IT32842: See Restrictions |
* The base release and later maintenance and modification levels are supported.
Protect the MongoDB environment with IBM Spectrum Protect Plus when is running on one of the following guest operating systems:
- Red Hat Enterprise Linux
- SUSE Linux Enterprise Server Kernel-based Virtual Machine (KVM)
Restrictions
-
All MongoDB instances without user authentication enabled are still supported for all listed operating systems.
As of APAR IT32842, because of issues with encrypted credentials, MongoDB instances with user authentication enabled cannot be supported in IBM Spectrum Protect Plus V10.1.6 on the following operating systems:- Linux x86_64: RHEL 6.8, and later maintenance and modification levels, CentOS 6.8, and later maintenance and modification levels
- Linux on Power Systems: RHEL7.1 and later maintenance and modification levels, CentOS 7.0, and later maintenance and modification levels
- On Linux on Power Systems (little endian), only the MongoDB Enterprise Server Edition is supported.
- MongoDB shared cluster configurations are detected when you run an inventory, but these resources are not eligible for backup or restore operations.
- On MongoDB, SSL-based encryption and certificate-based authentication are not supported.
- Do not run inventory jobs during scheduled backup jobs.
- Do not configure nested mount points.
Software
- The bash and sudo packages must be installed. Sudo must be at version 1.7.6p2 or later. Run
sudo -Vto check the version.
Tip: The required bash and sudo packages are included in the supported Linux x86_64 and Linux on Power Systems (little endian) operating systems. - Install the most recent MongoDB patches and updates in your environment.
- Ensure that a supported version of Linux x86_64 or Linux on Power Systems (little endian) is installed. Ensure that the most recent patches and updates are installed.
- The International Components for Unicode (
libicu) RPM-package corresponding to the operating system must be installed. - Ensure that the ulimit -f,for the IBM Spectrum Protect Plus agent user and the MongoDB instance user, is set to unlimited. Alternatively, set a sufficiently high value to support copying of the largest database files in your backup and restore jobs. If you change the ulimit setting, restart the MongoDB instance to finalize the configuration.
- In a Linux environment, depending on your version or distribution, ensure that the Linux utility package
util-linux-ngorutil-linuxis current. - RHEL and CentOS 6 users: To ensure that the
util-linux-ngorutil-linuxpackage is current, run the following command:yum update package_name
- RHEL and CentOS 6 users: When the MongoDB application server runs RHEL 6 or CentOS 6, ensure that the openssl package is at version 1.0.1e-57 or later. To update the version, run the following command:
yum update openssl
Authentication and privileges
Authentication
- The MongoDB server must be registered with IBM Spectrum Protect Plus by using an operating system user that exists on the MongoDB server. The user is then referred to as the IBM Spectrum Protect Plus agent user.
- Ensure that the password is correctly configured and that the user can log in without facing any other prompts, such as prompts to reset the password.
- With the MongoDB Enterprise Server Edition, only the encrypted storage engine is supported.
Privileges
To use a MongoDB database, an IBM Spectrum Protect Plus agent user must have the following permissions:
- Privileges to run commands as root user and as a MongoDB software owner user by using sudo. IBM Spectrum Protect Plus requires these privileges for various tasks such as discovering storage layouts, mounting and unmounting disks, and managing databases.
- The
sudoersconfiguration must allow the IBM Spectrum Protect Plus agent user to run commands without a password. - The
!requirettysetting must be specified, see as described in Setting sudo privileges
- The
- Privileges to read the standard MongoDB server module
/usr/local/bin/mongod. IBM Spectrum Protect Plus requires these privileges to use the PyMongo API to connect to the MongoDB servers by using the instance's assigned Domain Name System (DNS) name or Internet Protocol (IP) address name and port. This mechanism is used to gather information about MongoDB instances and databases. - If the MongoDB server is protected by role-based authentication, you must set up the appropriate privileges, as described in Roles for MongoDB
Prerequisites and operations
Prerequisites
Ensure that the Software, Connectivity, and Authentication and privileges requirements are met.
The following prerequisites must be met before you start protecting your resources. For details, see Prerequisites for MongoDB
- The MongoDB is configured as a stand-alone instance or replica set. Backups of MongoDB sharded cluster instances are not supported. A backup always includes all databases in the instance.
- The MongoDB instance is configured to use the WiredTiger Storage Engine.
- Each MongoDB instance to be protected must be registered with IBM Spectrum Protect Plus. After the instances are registered, IBM Spectrum Protect Plus runs an inventory to detect MongoDB resources. Ensure that all instances that you want to protect are detected and listed correctly.
- The user in the MongoDB application server registration in IBM Spectrum Protect Plus must be able to retrieve server information and status from the MongoDB admin database.
- Ensure that you have enough free space on the target and source hosts, and in the vSnap repository. Extra space is required to store temporary Logical Volume Manager (LVM) backups of logical volumes where the MongoDB data is located. These temporary backups, known as LVM snapshots, are created automatically by the MongoDB agent. For each LVM snapshot logical volume, at least 10% free space must be allocated in the volume group. If there is enough free space in the volume group, the IBM Spectrum Protect Plus MongoDB agent reserves up to 25% of the source logical volume size for the snapshot logical volume. For more information, see Space requirements for MongoDB
- Ensure that enough disk space is allocated at the target server for restore operations.
- Logical volumes of MongoDB data and log paths are managed by Linux Logical Volume Manager (LVM2). LVM2 is used to create temporary volume snapshots. The database files and the journal must be on a single volume. The logical volume grows in size with data as the data changes on the source volume while the snapshot exists. For more information, see LVM2
Operations
Before you start a backup or restore operation:
- Add the application servers that you want to back up. For instructions, see Adding a MongoDB application server
- Configure a service level agreement (SLA) policy. For instructions, see Defining a Service Level Agreement backup job
- Before an IBM Spectrum Protect Plus user can set up backup and restore operations, roles and resource groups must be assigned to the user. Grant users access to resources, and backup and restore operations, by using the Accounts pane. For more information, see Managing user access and Roles for MongoDB
Review the following information about creating backup and restore jobs:
- To regularly back up your data, define a backup job that includes a SLA policy. For instructions, see Backing up MongoDB data
- To restore data, define a job that restores data from the latest backup or select an earlier backup copy. You can restore data to the original instance or to an alternative instance on a different client host, creating a cloned copy. Define and save the restore job to run as an ad hoc operation, or to run regularly as a scheduled job. For instructions, see Restoring MongoDB data
- Ensure that dedicated volumes are allocated for file copying.
- Ensure that the same directory structure and layout are available on both the target and source servers.
- If you restore data from an IBM Spectrum Protect archive, files are initially migrated from tape storage to the staging storage pool. Depending on the size of the files to be restored, this process might take several hours.
- For restore operations to alternative instances, MongoDB must be at the same version level on the target and client hosts.
Connectivity
Ensure that the following connectivity requirements are met:
- The secure file transfer protocol (SFTP) subsystem for Secure Shell (SSH) is enabled.
- The Secure Shell (SSH) service is running on port 22 on the proxy host server.
- Firewalls are configured to allow IBM Spectrum Protect Plus to connect to the proxy host server by using SSH.
- IBM Spectrum Protect Plus uses the Network File System (NFS) protocol to mount storage volumes for backup and restore operations. Ensure that the native Linux NFS client is installed on the proxy host server.
- All servers, proxies, applications, and hypervisors that are added to the IBM Spectrum Protect Plus environment must be registered by using a Domain Name System (DNS) name or Internet Protocol (IP) address.
- If DNS names are used, they must be resolvable over the network by the IBM Spectrum Protect Plus virtual appliance server and the vSnap server. All IBM Spectrum Protect Plus components must also be resolvable by their DNS names.
- If DNS is not available, you must add the server to the
/etc/hostsfile on the IBM Spectrum Protect Plus virtual appliance by using the command line.
Ports
The following ports are used by IBM Spectrum Protect Plus agent users.
| Port | Protocol | Initiator | Target | Description |
|---|---|---|---|---|
| 22 | Transmission Control Protocol (TCP) | IBM Spectrum Protect Plus virtual appliance1 | MongoDB | Provides access to troubleshoot and maintain remote proxy host servers running guest application components by using the SSH protocol |
1 The IBM Spectrum Protect Plus virtual appliance contains the following base components: the IBM Spectrum Protect Plus server, the vSnap server, and a VADP proxy, as described in Product components
| Port | Protocol | Initiator | Target | Description |
|---|---|---|---|---|
| 111 | TCP | MongoDB | vSnap server | Allows Open Network Computing (ONC) clients to discover ports for communications with ONC servers |
| 2049 | TCP | MongoDB | vSnap server | Used for NFS data transfer to and from vSnap servers |
| 20048 | TCP | MongoDB | vSnap server | Mounts vSnap file systems on clients such as the VMware vStorage API for Data Protection (VADP) proxy, application servers, and virtualization datastores |
Hardware
| System | Disk Space |
|---|---|
| Compatible hardware that is supported by the operating system and MongoDB | A minimum of 500 MB of disk space for the product to be installed |
Related Information
[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSNQFQ","label":"IBM Spectrum Protect Plus"},"Component":"Not Applicable","Platform":[{"code":"PF016","label":"Linux"},{"code":"PF033","label":"Windows"}],"Version":"10.1.6","Edition":"","Line of Business":{"code":"LOB26","label":"Storage"}}]
Was this topic helpful?
Document Information
Modified date:
17 August 2020
UID
ibm12488767