Migration to MongoDB 4.0 from a previous version

1 . Upgrade to MongoDB 4.0 Antonios Giannopoulos DBA @ Rackspace/ObjectRocket linkedin.com/in/antonis/ 1 

2 .Introduction Antonios Giannopoulos www.objectrocket.com 2 

3 .Overview • Upgrade Procedure • Application Layer • Middleware • Database Layer • Rollback Procedure • Why 4.0? www.objectrocket.com 3 

4 .MongoDB 4.0 MongoDB 4.0 released on June 26,2018 Current minor version is 4.0.3 You can obtain it from: - Mongo Inc Download Center - Percona Server Download Center - Repos like yum, apt-get… www.objectrocket.com 4 

5 .MongoDB 4.0 www.objectrocket.com 5 

6 .Upgrade Replica-Set Upgrade the secondary, one at a time o Shut down the mongod instance o Replace the binary with the 4.0 binary o Restart the member Connect a mongo shell to the primary o Issue rs.stepDown() o Ensure a new Primary is elected Upgrade the ex-Primary o Shut down the mongod instance o Replace the binary with the 4.0 binary o Restart the member Connect a mongo shell to the primary Enable backwards-incompatible 4.0 features db.adminCommand( { setFeatureCompatibilityVersion: "4.0" } www.objectrocket.com 6 

7 .Sharded Cluster Stop Balancer o sh.stopBalancer() o sh.getBalancerState() Upgrade config servers o Use the replica-set steps Upgrade the shards o Use the replica-set steps Upgrade the mongos o One at a time o Replace binary and restart Enable backwards-incompatible 4.0 features db.adminCommand( { setFeatureCompatibilityVersion: "4.0" } ) s1 s2 Restart the mongos www.objectrocket.com 7 

8 .Application • Upgrade Driver • Upgrade Language • Inspect the code base www.objectrocket.com 8 

9 .Driver Your driver must be compactible with 4.0 www.objectrocket.com 9 

10 .Driver www.objectrocket.com 10 

11 .Driver www.objectrocket.com 11 

12 .So just upgrade the driver? The underling language version must also be compactible with your driver Mongo 4.0 Compatible www.objectrocket.com 12 

13 .Upgrade the driver/language Perform safe upgrades /always have rollback in mind Python supports “virtual environments” Python “virtualenv” creates an isolated environment for Python projects. Each project can have its own dependencies, regardless of what dependencies every other project has. There are no limits to the number of environments ,they’re just directories containing scripts www.objectrocket.com 13 

14 .Upgrade the driver/language www.objectrocket.com 14 

15 .Upgrade the driver/language What about other languages: There are equivalents of “virtualenv” like JAVA use classpath Ruby use Ruby Version Manager (RVM) www.objectrocket.com 15 

16 .Upgrade the driver/language Do not forget frameworks and their dependencies o Very popular in PHP o They have their own compatibility matrix Should I always use the latest driver? o Check the change log o Check the open bugs www.objectrocket.com 16 

17 .Driver version? Dunno Inspect the logs Manipulate the logs to export driver name & version Quick hack: less /var/log/messages |grep "driver: { name" | awk '{print $16, $17, $18, $19}' | uniq www.objectrocket.com 17 

18 .Driver version? Dunno Inspect the system.profile Collect a representative sample On a sharded cluster, all shards must examined. www.objectrocket.com 18 

19 .Inspect the codebase Each version Removes & Deprecates operators. Remove: Operator is no longer available Deprecate: Operator will be removed to the next version Take Actions: o Patched the codebase against the removed operators o Plan to replace the deprecated operators www.objectrocket.com 19 

20 .Inspect the codebase Removed Operators: o $isolated operator: If you have an existing partial index that includes the $isolated operator or a view that includes a $isolated operator, recreate the index or view without the operator in the definition before upgrading. Deprecated Operators: o maxScan o geoNear command o copydb and the clone commands www.objectrocket.com 20 

21 .Inspect the codebase Exception handling o Error descriptions may change between versions o Error format may also change o New error codes may introduced o New warning codes may introduced www.objectrocket.com 21 

22 .Middleware • Monitoring • Backups • Deployments • Utilities • OS changes • TLS/SSL www.objectrocket.com 22 

23 .Monitoring The monitoring system must be able to connect to MongoDB Vast majority relies on db.serverStatus() A newer version may be necessary to installed prior to upgrade www.objectrocket.com 23 

24 .Deployment & Managment Automatic deployment scripts also connect to MongoDB For example: o Deploy a replica-set (rs.add(), rs.status()) o Add a shard (sh.addShard()) A change to error code formats may affect deployment scripts User-roles may also change Management tools may also affected www.objectrocket.com 24 

25 .Backup - Filesystems Snapshots - Copy files - Hot Backup (Percona Server) - Mongodump They should all work but testing is recommended. In the case of restore, a downgrade may be required. www.objectrocket.com 25 

26 .OS Removes support for: o SLES 11 o Ubuntu 12.04 o Debian 7 Deprecates: o Windows 7/2008R2 o Windows 8/2012 o Windows 8.1/2012R2 o Ubuntu 14.04 Compatibility matrix: https://bit.ly/2ys8Crs www.objectrocket.com 26 

27 .TLS Removes support for TLS 1.0 o On systems where TLS 1.1+ is available Latest PCI compliance standards require the use of TLS 1.1+ If you need to support TLS 1.0 (hopefully temporarily): o Set to none either net.ssl.disabledProtocols or --sslDisabledProtocols Test: openssl s_client -connect <host>:<port> -tls1 (tls1_1 and tls1_2) www.objectrocket.com 27 

28 .Database Layer • Configuration files • Prerequisites • Deprecated items • Storage engine • Miscellaneous • FCV www.objectrocket.com 28 

29 .mongo.conf net.transportLayer cant be set to legacy anymore net.host: Resolves localhost IP address as configured instead of assuming 127.0.0.1 Can’t combine storage.journal.enabled: false with WiredTiger storage engine Can’t combine storage.indexBuildRetry with replication.replSetName When ssl.allowInvalidCertificates: true with x.509 authentication, an invalid certificate is only sufficient to establish a TLS/SSL connection but is insufficient for authentication. www.objectrocket.com 29