Navigation

Cluster Configuration File

On this page

  • Overview
  • Configuration Properties
  • Sample Configuration File

The mongocli command requires cluster configuration settings for creating or updating a MongoDB Cloud Manager or MongoDB Ops Manager cluster. The configuration properties can be provided through a .yaml or .json file. The following sections describe the Configuration Properties that are required for creating or updating a cluster and provide a Sample Configuration File that you can copy and modify.

The following sections contain the:

  • Cluster-wide configuration properties
  • Replica set member configuration properties
  • Sharded cluster configuration properties

The configuration file for creating or updating a MongoDB Cloud Manager or MongoDB Ops Manager cluster must contain the following cluster-wide settings:

Field
Type
Description
name
string
Name of the cluster.
version
string
Version of the mongod process to deploy.
featureCompatibilityVersion
string
processes
array of objects
Required for replica sets. An array of objects containing settings for each mongod process. Each mongod has replica set member settings.
shards
array of objects
Required for sharded clusters. An array of objects containing settings for each shard.
config
object
Required for sharded clusters. Object that contains your config server replica set.
mongos
array of objects
Required for sharded clusters. An array of objects containing settings for each mongos instance.

The configuration file for creating or updating a MongoDB Cloud Manager or MongoDB Ops Manager cluster can contain the following settings for each replica set member:

Field
Type
Description
Required?
auditLogDestination
string

Setting that enables auditing and specifies where to send all audit events. MongoDB CLI accepts the following values:

  • syslog

    Output the audit events to syslog in JSON format.

  • console

    Output the audit events to stdout in JSON format.

  • file

    Output the audit events to the file specified in the auditLogPath setting in the format specified in the auditLogFormat setting.

This setting corresponds to the auditLog.destination configuration file option.

no
auditLogFormat
string

Format of the output file for auditing if auditLogDestination is set to file.

MongoDB CLI accepts the following values:

  • JSON

    Output the audit events in JSON format to the file specified in the auditLogPath setting.

  • BSON

    Output the audit events in BSON binary format to the file specified in the auditLogPath setting.

This setting corresponds to the auditLog.format configuration file option.

no
auditLogPath
string

Output file for auditing if auditLogDestination has a value of file. The auditLogPath option can take either an absolute or a relative path name.

This setting corresponds to the auditLog.path configuration file option.

no
bindIp
string

Hostnames and/or IP addresses and/or full Unix domain socket paths on which mongos or mongod should listen for client connections. You may attach mongos or mongod to any interface. To bind to multiple addresses, enter a list of comma-separated values.

This setting corresponds to the net.bindIp configuration file option.

no
bindIpAll
boolean

Flag that indicates whether the mongos or mongod instance binds to all IPv4 addresses (for example, 0.0.0.0). If ipv6 is set to true, bindIpAll also binds to IPv6 addresses (for example, :: ). MongoDB CLI accepts the following values: true or false.

This setting corresponds to the net.bindIpAll configuration file option.

no
buildIndexes
boolean

Flag that indicates whether to direct the mongod to build indexes. MongoDB CLI accepts the following values: true or false.

This setting corresponds to the buildIndexes replica set configuration option.

no
dbPath
string
Directory where the mongod instance stores its data. This cannot be modified after deployment.
yes
delay
int

Number of seconds behind the primary member that this member should lag.

This setting corresponds to the slaveDelay replica set configuration option.

no
directoryPerDB
boolean

Flag that indicates whether MongoDB should use a separate directory to store data for each database. The directories are under the storage.dbPath directory, and each subdirectory name corresponds to the database name.

By default, directoryPerDB is false.

This setting corresponds to the storage.directoryPerDB mongod replica set configuration option.

no
enableMajorityReadConcern
boolean

Flag that indicates whether or not to enable read concern "majority". If enabled, read concern "majority" guarantees that the data read has been acknowledged by a majority of the replica set members for read operations not associated with multi-document transactions.

By default, enableMajorityReadConcern is true.

This setting corresponds to the replication.enableMajorityReadConcern replica set configuration option.

no
hostname
string
Name of the host to add to the replica set. This is the host on which Ops Manager deploys the mongod process.
yes
inMemory.engineConfig.inMemorySizeGB
float

Maximum amount of memory to allocate for in-memory storage engine data, including indexes, oplog if the mongod is part of replica set, replica set or sharded cluster metadata, etc.

The value can range from 256 MB to 10 TB. By default, the in-memory storage engine uses 50% of physical RAM minus 1 GB.

Note
Enterprise Feature

Available for MongoDB Enterprise only.

This setting corresponds to the storage.inMemory.engineConfig.inMemorySizeGB mongod replica set configuration option.

no
ipv6
boolean

Flag that indicates whether the deployment supports IPv6. MongoDB CLI accepts the following values: true or false.

This setting corresponds to the net.ipv6 configuration file option.

no
logDestination
string

Destination to which MongoDB sends all log output. MongoDB CLI accepts the following values: file or syslog. If you specify file, you must also specify logPath.

If you do not specify logDestination, MongoDB sends all log output to standard output.

This setting corresponds to the systemLog.destination configuration file option.

no
logPath
string
Location and name of the log file for the mongod process on the host.
yes
oplogSizeMB
integer

Maximum size in megabytes for the replication oplog.

This setting corresponds to the replication.oplogSizeMB replica set configuration option.

no
port
integer
Port for the replica set member. The mongod process must have exclusive access to the specified port.
yes
priority
integer

Priority of the replica set member during elections. Value can be:

  • 0
  • 1

Non-voting members must have a priority of 0. Replica set members with a priority of 0 cannot become the primary and cannot trigger elections.

yes
tls.CAFile
string

.pem file that contains the root certificate chain from the Certificate Authority. Specify the file name of the .pem file using relative or absolute paths.

This setting corresponds to the net.tls.CAFile mongod replica set configuration option.

no
tls.certificateKeyFile
string

.pem file that contains both the TLS certificate and key.

tls.certificateKeyFile and tls.certificateSelector are mutually exclusive. You can only specify one.

This setting corresponds to the net.tls.certificateKeyFile mongod replica set configuration option.

no
tls.certificateKeyFilePassword
string

Password to de-crypt the certificate-key file.

Use the tls.certificateKeyFilePassword option only if the certificate-key file is encrypted. In all cases, the mongos or mongod will redact the password from all logging and reporting output.

This setting corresponds to the net.tls.certificateKeyFilePassword mongod replica set configuration option.

no
tls.certificateSelector
string

Certificate property that the MongoDB Agent uses to select a matching certificate from the operating system’s certificate store to use for TLS/SSL.

MongoDB CLI accepts one of the following key-value mappings as an argument of tls.certificateSelector:

Key
Value type
Description
subject
ASCII string
The subject name or common name on the certificate.
thumbprint
hex string

A sequence of bytes, expressed as hexadecimal, used to identify a public key by its SHA-1 digest.

The thumbprint is sometimes referred to as a fingerprint.

tls.certificateKeyFile and tls.certificateSelector are mutually exclusive. You can only specify one.

This setting corresponds to the net.tls.certificateSelector mongod replica set configuration option.

no
tls.clusterCertificateSelector
string

Certificate property that the MongoDB Agent uses to select a matching certificate from the operating system’s certificate store to use for internal x.509 membership authentication.

MongoDB CLI accepts one of the following key-value mappings as an argument of tls.clusterCertificateSelector:

Key
Value type
Description
subject
ASCII string
The subject name or common name on the certificate.
thumbprint
hex string

A sequence of bytes, expressed as hexadecimal, used to identify a public key by its SHA-1 digest.

The thumbprint is sometimes referred to as a fingerprint.

tls.clusterCertificateSelector and tls.clusterFile are mutually exclusive. You can only specify one.

This setting corresponds to the net.tls.clustercertificateSelector mongod replica set configuration option.

no
tls.clusterFile
string

.pem file that contains the x.509 certificate-key file for membership authentication for the cluster or replica set.

tls.clusterCertificateSelector and tls.clusterFile are mutually exclusive. You can only specify one.

This setting corresponds to the net.tls.clusterFile mongod replica set configuration option.

no
tls.clusterPassword
string

The password to de-crypt the x.509 certificate-key file specified with tls.clusterFile.

Use the tls.clusterPassword option only if the certificate-key file is encrypted. In all cases, the mongos or mongod will redact the password from all logging and reporting output.

This setting corresponds to the net.tls.clusterPassword mongod replica set configuration option.

no
tls.CRLFile
string

The .pem file that contains the Certificate Revocation List. Specify the file name of the .pem file using relative or absolute paths.

This setting corresponds to the net.tls.CRLFile mongod replica set configuration option.

no
tls.disabledProtocols
string

Protocols or versions over which a MongoDB server running with TLS refuses incoming connections.

This setting corresponds to the net.tls.disabledProtocols mongod replica set configuration option.

no
tls.FIPSMode
string

Enable or disable the use of the FIPS mode of the TLS library for the mongos or mongod. Your system must have a FIPS compliant library to use this option.

This setting corresponds to the net.tls.FIPSMode mongod replica set configuration option.

no
tls.mode
string

Enables TLS for all network connections. MongoDB CLI accepts the following arguments for this setting:

Value
Description
disabled
The server does not use tls.
allowTLS
Connections between servers do not use tls. For incoming connections, the server accepts both TLS and non-tls.
preferTLS
Connections between servers use tls. For incoming connections, the server accepts both TLS and non-tls.
requireTLS
The server uses and accepts only TLS encrypted connections.

This setting corresponds to the net.tls.mode mongod replica set configuration option.

no
tls.PEMKeyFile
string

.pem file that contains both the TLS certificate and key.

Important

This setting is deprecated. Use tls.certificateKeyFile instead.

This setting corresponds to the net.ssl.PEMKeyFile mongod replica set configuration option.

no
votes
integer

Number that indicates whether the replica set member votes in the election. MongoDB CLI accepts the following values:

  • 0 if the replica set member cannot vote
  • 1 if the replica set member can vote

To learn more about votes, see votes.

yes
wiredTiger.engineConfig.cacheSizeGB
float

Maximum size of the internal cache that WiredTiger uses for all data.

The value can range from 0.25 GB to 10000 GB. By default, the WiredTiger internal cache size is the larger of either:

  • 50% of (RAM - 1 GB), or
  • 256 MB.

Avoid increasing the WiredTiger internal cache size above its default value.

This setting corresponds to the storage.wiredTiger.engineConfig.journalCompressor mongod replica set configuration option.

no
wiredTiger.engineConfig.journalCompressor
string

Type of compression to use to compress WiredTiger journal data.

Available compressors are:

  • none
  • snappy
  • zlib
  • zstd (Available for clusters running MongoDB 4.2 and later)

By default, WiredTiger uses snappy.

This setting corresponds to the storage.wiredTiger.engineConfig.journalCompressor mongod replica set configuration option.

no
wiredTiger.engineConfig.directoryForIndexes
boolean

Flag that indicates whether mongod stores indexes and collections in separate subdirectories under the data (i.e. storage.dbPath) directory. Specifically, mongod stores the indexes in a subdirectory named index and the collection data in a subdirectory named collection.

By using a symbolic link, you can specify a different location for the indexes. Specifically, when the mongod instance is not running, move the index subdirectory to a new destination and create a symbolic link named index under the data directory to the new destination.

By default wiredTiger.engineConfig.directoryForIndexes is false.

This setting corresponds to the storage.wiredTiger.engineConfig.directoryForIndexes mongod replica set configuration option.

no
wiredTiger.engineConfig.maxCacheOverflowFileSizeGB
float
Note
Limited version support

This setting is only supported for clusters running MongoDB versions:

  • 4.0.12 through 4.0.x, and
  • 4.2.1 through 4.2.x.

Maximum size (in GB) for the "lookaside (or cache overflow) table" file named WiredTigerLAS.wt. The file no longer exists starting in MongoDB version 4.4.

The setting can accept the following values:

Value
Description
0
The default value. If set to 0, the file size is unbounded.
number >= 0.1
The maximum size (in GB). If the WiredTigerLAS.wt file exceeds this size, mongod exits with a fatal assertion. You can clear the WiredTigerLAS.wt file and restart mongod.

To change the maximum size during runtime, use the wiredTigerMaxCacheOverflowSizeGB parameter.

This setting corresponds to the storage.wiredTiger.engineConfig.maxCacheOverflowFileSizeGB mongod replica set configuration option.

no
wiredTiger.collectionConfig.blockCompressor
string

Default compression for collection data. You can override this on a per-collection basis when creating collections.

Available compressors are:

  • none
  • snappy
  • zlib
  • zstd (Available for clusters running MongoDB 4.2 and later)

By default the compressor is snappy.

This setting affects all newly created collections. If you change the value of this setting on an existing MongoDB deployment, all new collections will use the specified compressor. Existing collections continue to use the compressor that was specified when they were created, or the default compressor at that time.

This setting corresponds to the storage.wiredTiger.collectionConfig.blockCompressor mongod replica set configuration option.

no
wiredTiger.indexConfig.prefixCompression
boolean

Flag that indicates whether to enable or disable prefix compression for index data.

If true, prefix compression is enabled for index data. If false, prefix compression is disabled.

By default wiredTiger.indexConfig.prefixCompression is true.

This setting affects all indexes created. If you change the value of this setting on an existing MongoDB deployment, all new indexes will use prefix compression. Existing indexes are not affected.

This setting corresponds to the storage.wiredTiger.indexConfig.prefixCompression mongod replica set configuration option.

no

The configuration file for creating or updating a MongoDB Cloud Manager or MongoDB Ops Manager cluster can contain the following settings for each shard:

Field
Type
Description
Required?
name
string
Name of the of the shard.
yes
processes
array of objects
An array of objects containing settings for each mongod process. Each mongod has replica set member settings.
yes
Give Feedback

On this page

  • Overview
  • Configuration Properties
  • Sample Configuration File