MongoDB Cluster Connections Test

Monitoring client connections to a MongoDB cluster database server typically provide insights into the workload of the server and whether/not the server is sized well-enough to handle the load. This is exactly the type of visibility the Mongo Cluster Connections Test provides. This test tracks client connections to each node in the target shard and reports their usage. With the help of the metrics reported by this test, administrators can assess the load on each node and can determine whether/not the node has sufficient free connections to handle subsequent connection requests. Based on these insights, administrators can plan the future connection capacity of the nodes.

Target of the test : A MongoDB Cluster

Agent deploying the test : An external agent

Outputs of the test : One set of results for each node in the shard on the target cluster being monitored.

Configurable parameters for the test
Parameter

Description

Test period

How often should the test be executed.

Host

The host for which the test is to be configured.

Port

The port number at which the specified host listens.

Cluster Node IPs

By default, the eG agent connects to any of the available nodes in the target MongoDB cluster to collect the required metrics. Therefore, in the Cluster Node IPs text box, provide a comma-separated list of all the nodes in the target cluster. By default, this parameter is set to none. This parameter should be specified in the following format: HOSTNAME1:PORT1,HOSTNAME2:PORT2,.... For example, you can configure this parameter as: ac-zcguoqj-shard-00-00.e5ahzxy.mongodb.net:27017,ac-zcguoqj-shard-00-01.e5ahzxy.mongodb.net:27017.

Database Name

The test connects to a specific Mongo Cluster to run API commands and pull metrics of interest. Specify the name of a database on the target MongoDB Cluster database server being monitored The default value of this parameter is admin.

Username and Password

The eG agent has to be configured with the credentials of a user who has the required privileges to monitor the target MongoDB cluster, if the MongoDB instance is access control enabled. To know how to create such a user, refer to How to monitor access control enabled MongoDB database?If the target MongoDB instance is not access control enabled, then, specify none against the Username and Password parameters.

Confirm Password

Confirm the password by retyping it here.

Authentication Mechanism

Typically, the MongoDB supports multiple authentication mechanisms that users can use to verify their identity. In environments where multiple authentication mechanisms are used, this test enables the users to select the authentication mechanism of their interest using Authentication Mechanism list box. By default, this is set to none. However, you can modify this settings as per the requirement.

SSL

By default, the SSL flag is set to No, indicating that the target MongoDB Cluster server is not SSL-enabled by default. To enable the test to connect to an SSL-enabled MongoDB Cluster server, set the SSL flag to Yes.

CA PEM File

A certificate authority (CA) file contains root and intermediate certificates that are electronically signed to affirm that a public key belongs to the owner named in the certificate. A .pem file is a container that may just include the public certificate or the entire certificate chain (private key, public key and root certificates). If the connection requires server authentication and the server certificate is in the .pem format, then, the target instance presents the CA PEM File that contains the server certificate to its clients to establish the instance's identity. Therefore, you should specify the full path to the CA PEM file available in the target MongoDB cluster in the CA PEM File text box. For example, the location of this file may be: C:\app\openSSL\SSLcert\test-ca.pem.

Client PEM File

If the target instance requires a certificate key file that is in .pem format from the client to verify the client's identity, then, to establish a connection with the target cluster, the eG agent should access the client certificate. For this, specify the full path to the Client PEM file in the Client PEM File text box. For example, the location of this file may be: C:\app\openSSL\SSLcert\test-client.pem.

CA Cert File

This parameter is applicable only if the target MongoDB Cluster is SSL-enabled and CA PEM File parameter is set to none.The certificate file is a public-key certificate following the x.509 standard. It contains information about the identity of the server, such as its name, geolocation, and public key. Each nodes of the target cluster can have individual certificate files or a single certificate can be used to access all the nodes in the cluster. Essentially, it’s a certificate that the server serves to the connecting users to prove that they are what they claim to be. Therefore, specify the full path to the server root certificate or certificate file that is signed by the CA in .crt file format for all/each node in the CA Cert File text box. For example, the location of this file may be: C:\app\eGurkha\JRE\lib\security\mongodb-test-ca.crt. By default, this parameter is set to none.

This parameter specification differs according to the type of cluster and configuration:

  • If the certificate file is available for each node of the MongoDB Cluster then, provide a comma-seperated list of full path to the certificates in CA Cert File text box:

    For example:C:\app\eGurkha\JRE\lib\security\mongodb-test-ca.crt,C:\app\eGurkha\JRE\lib\security\mongodb-test-ca2.crt,C:\app\eGurkha\JRE\lib\security\mongodb-test-ca3.crt

  • Specify the full path to the certificate file of the target MongoDB cluster if a single certificate is used to access all nodes.

    For example: C:\app\eGurkha\JRE\lib\security\mongodb-test-ca.crt

Client Cert File

This parameter is applicable only if the target MongoDB Cluster is SSL-enabled and Client PEM File parameter is set to none.In order to collect metrics from the target MongoDB cluster, the eG agent requires client certificate in .p12 format. Hence, specify the full path to the Client certificate file in .p12 format in the Client Cert File text box. For example, the location of this file may be: C:\app\eGurkha\JRE\lib\security\test-client.p12 . To know how to generate .p12 file from Client PEM file, refer to How to import a Certificate that is in the PEM Format?. By default, this parameter is set to none.

Client Cert Password

Provide the password for .p12 Client certificate file in the Client Cert Password text box.

RS Node Cert Info

By default, the this parameter is set to none. This indicates that the test will report metrics for all the nodes in the cluster. However, you should specify this parameter with a comma-seperated list of the nodes in the cluster, provided, separate certificate file is required to access each node of the MongoDB cluster. The format of this configuration is: HOSTNAME1:PORT1,HOSTNAME2:PORT2,...

For example: 192.168.0.1:27011,192.168.0.2:27012,192.168.0.2:27013

Note:

The nodes should be listed in the same order corresponding to the list of certificates specified against CA Cert File.

AWS Key ID, AWS Secret Key,Confirm Password

If you are monitoring MongoDB clusters hosted on the AWS cloud, the eG agent has to be configured with the AWS AccessKey ID and Secret Key to connect with the AWS cloud and collect the required metrics. Therefore, Specify the AWS Key ID and AWS Secret Key and confirm the password by re-typing it in the Confirm Password text box. To obtain the AWS Access key and secret key, refer to Obtaining AWS Access Key and Obtaining AWS Secret Key.

Atlas URI

MongoDB Atlas is a NoSQL Database-as-a-Service offering in the public cloud. If the target MongoDB Cluster is deployed and managed in MongoDB Atlas, then the eG agent has to be configured with the MongoDB Atlas connection URI,a unique identifier for connecting to a MongoDB replica set or a sharded cluster, in the Atlas URI text box to access the target MongoDB Cluster hosted on Atlas and collect the required metrics.

Report Manager Time

By default, this flag is set to Yes, indicating that, by default, the detailed diagnosis of this test, if enabled, will report the shutdown and reboot times of the device in the manager's time zone.

If this flag is set to No, then the shutdown and reboot times are shown in the time zone of the system where the agent is running(i.e., the system being managed for agent-based monitoring, and the system on which the remote agent is running - for agentless monitoring).

Measurements made by the test
Measurement Description Measurement Unit Interpretation

Total connections

Indicates the total number of incoming connections to this node.

Number

This is the sum of the values of the Open connections and Free connections measure.

For the Summary descriptor, this measure will reveal the total number of connections to the target cluster.

Open connections

Indicates the count of incoming connections from clients to this node.

Number

This is a good measure of the current load on the node.

The value will include all incoming connections including any shell connections or connections from other servers, such as replica set members or mongos instances.

For the Summary descriptor, this measure will reveal the number incoming connections from clients to the target cluster.

Free connections

Indicates the number of unused connections on this node.

Number

The value 0 or a very low value for this measure is a cause for concern, as it indicates that there are no (or very few) free connections to handle subsequent connection requests. You may want to increase the maximum number of connections the server can handle, so that connection requests are not rejected.

For the Summary descriptor, this measure will reveal the number unused connections on the target cluster.

Connection usage

Indicates the percentage of total connections that is in use on this node.

Percent

A value close to 100% is indicative of over-utilization of connections. This in turn means that there are there are no (or very few) free connections to handle subsequent connection requests. You may want to increase the maximum number of connections the server can handle, so that connection requests are not rejected.

The value of this measure is calculated using the formula:

(Open connections / Total connections)*100

For the Summary descriptor, this measure will reveal the percentage of total connections that is in use on the target cluster.