Skip to main content

Your submission was sent successfully! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates from Canonical and upcoming events where you can meet our team.Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

Charmed MongoDB Tutorials > Deploy a sharded cluster > 5. Manage passwords

Manage passwords

When we accessed MongoDB earlier in this tutorial, we needed to include a password in the URI. Passwords help secure our database and are essential for security. Over time, it is a good practice to change the password frequently.

This part of the tutorial will guide you through the essential password operations in Charmed MongoDB.

Summary


Retrieve the admin password

The operator password can be retrieved by running the get-password action on the Charmed MongoDB application. Password management in shared Charmed MongoDB clusters is handled exclusively by the config-server, so this is where we will perform all password-related operations.

To retrieve the cluster password, run the get-passwordaction on theconfig-server`:

juju run config-server/leader get-password

Running the command should output:

Running operation 9 with 1 task
  - task 10 on unit-mongodb-0

Waiting for task 10...
password: 9JLjd0tuGngW5xFKWWbo0Blxyef0oGec

The admin password is under the result: password.

Rotate the admin password

You can change the operator password to a new random password by running the set-password action on the config-server:

juju run config-server/leader set-password

Running the command should output:

Running operation 11 with 1 task
  - task 12 on unit-config-server-0

Waiting for task 12...
password: f3QkHE6QgmDLdRBonrt4vToWB7IZd4JO

The admin password is under the result: password. It should be different from your previous password.

Remember that when you change the operator password, you will also need to update the DB_PASSWORD environment variable used in the MongoDB URI.

To update the URI:

export DB_PASSWORD=$(juju run config-server/leader get-password | grep password|  awk '{print $2}')
export URI=mongodb://$DB_USERNAME:$DB_PASSWORD@localhost:27018/admin
echo $URI

Set the admin password

You can change the operator password to a specific password by running set-password on the config-server with your provided password:

juju run config-server/leader set-password password=<password>

Running the command should output:

Running operation 17 with 1 task
  - task 18 on unit-config-server-0

Waiting for task 18...
password: <password>

The operator password under the result: password should match whatever you passed in when you entered the command.

Remember that when you change the operator password, you will also need to update the DB_PASSWORD environment variable used in the MongoDB URI.

To update the URI:

export DB_PASSWORD=$(juju run config-server/leader get-password | grep password|  awk '{print $2}')
export URI=mongodb://$DB_USERNAME:$DB_PASSWORD@localhost:27018/admin
echo $URI

Next step: 6. Integrate with other applications

Last updated 9 months ago. Help improve this document in the forum.