GSOC 2025 PBM SDK and Backup Throttling Projects

If you suddenly don’t feel comfortable running docker containers manually, you can use docker-compose.

Create a docker-compose.yaml file

version: '3.9'

services:
  rs101:
    image: percona/percona-server-mongodb:8.0-multi
    container_name: rs101
    ports:
      - "27017:27017"
    command: ["mongod", "--port", "27017", "--replSet", "rs"]
    volumes:
      - mongodata101:/data/db
    networks:
      - mongo-repl

  rs102:
    image: percona/percona-server-mongodb:8.0-multi
    container_name: rs102
    ports:
      - "28017:28017"
    command: ["mongod", "--port", "28017", "--replSet", "rs"]
    volumes:
      - mongodata102:/data/db
    networks:
      - mongo-repl

  rs103:
    image: percona/percona-server-mongodb:8.0-multi
    container_name: rs103
    ports:
      - "29017:29017"
    command: ["mongod", "--port", "29017", "--replSet", "rs"]
    volumes:
      - mongodata103:/data/db
    networks:
      - mongo-repl

  rs-init:
    image: percona/percona-server-mongodb:8.0-multi
    container_name: rs-init
    depends_on:
      - rs101
      - rs102
      - rs103
    entrypoint: [
      "sh", "-c",
      "until mongosh --host rs101 --eval 'print(\"waited for connection\")'; do sleep 5; done && \
       mongosh --host rs101 --eval 'config={\"_id\":\"rs\",\"members\":[{\"_id\":0,\"host\":\"rs101:27017\"},{\"_id\":1,\"host\":\"rs102:28017\"},{\"_id\":2,\"host\":\"rs103:29017\"}]};rs.initiate(config);'"
    ]
    networks:
      - mongo-repl

networks:
  mongo-repl:
    driver: bridge

volumes:
  mongodata101:
  mongodata102:
  mongodata103:

Run with the command

docker-compose -p psmdb-8-rs up -d

-p psmdb-8-rs - optional parameter (project name)

This will start 3 replicas, with volumes, and using the rs-init container will initiate a replica set.

Screenshot 2025-02-11 at 6.28.57 PM2478×692 96.2 KB

to stop run

docker-compose -p psmdb-8-rs down

If you have handled the previous simple docker-compose.yaml

I’ll add some magic for you.

1. I will add authorization to the replicas so they have user/pass access
   This will cause the keyfile to allow replicas to communicate securely with each other. I added this too in docker-compose.yaml
2. I added a pmm that you can open at localhost:8080 in your browser.
3. I added a pmm-client that will connect all replicas to PMM.

Let’s get this up and running.

1. Create a keyfile that will be used by the replicas. In the same folder as docker-compose.yaml, run

mkdir secrets
openssl rand -base64 756 > secrets/mongodb-keyfile
chmod 600 secrets/mongodb-keyfile

This will create a keyfile that will be used in docker-compose in replicas.

2. Now update docker-compose.yaml

version: '3.9'

services:
  rs101:
    image: percona/percona-server-mongodb:8.0-multi
    container_name: rs101
    ports:
      - "27017:27017"
    command: ["mongod", "--port", "27017", "--replSet", "rs", "--keyFile", "/etc/secrets/mongodb-keyfile"]
    environment:
      MONGO_INITDB_ROOT_USERNAME: databaseAdmin
      MONGO_INITDB_ROOT_PASSWORD: password
    volumes:
      - mongodata101:/data/db
      - ./secrets:/etc/secrets:ro
    networks:
      - mongo-repl

  rs102:
    image: percona/percona-server-mongodb:8.0-multi
    container_name: rs102
    ports:
      - "28017:28017"
    command: ["mongod", "--port", "28017", "--replSet", "rs", "--keyFile", "/etc/secrets/mongodb-keyfile"]
    environment:
      MONGO_INITDB_ROOT_USERNAME: databaseAdmin
      MONGO_INITDB_ROOT_PASSWORD: password
    volumes:
      - mongodata102:/data/db
      - ./secrets:/etc/secrets:ro
    networks:
      - mongo-repl

  rs103:
    image: percona/percona-server-mongodb:8.0-multi
    container_name: rs103
    ports:
      - "29017:29017"
    command: ["mongod", "--port", "29017", "--replSet", "rs", "--keyFile", "/etc/secrets/mongodb-keyfile"]
    environment:
      MONGO_INITDB_ROOT_USERNAME: databaseAdmin
      MONGO_INITDB_ROOT_PASSWORD: password
    volumes:
      - mongodata103:/data/db
      - ./secrets:/etc/secrets:ro
    networks:
      - mongo-repl

  rs-init:
    image: percona/percona-server-mongodb:8.0-multi
    container_name: rs-init
    depends_on:
      - rs101
      - rs102
      - rs103
    entrypoint: [
      "sh", "-c",
      "until mongosh --host rs101 --username databaseAdmin --password password --authenticationDatabase admin --eval 'print(\"waited for connection\")'; do sleep 5; done && \
       mongosh --host rs101 --username databaseAdmin --password password --authenticationDatabase admin --eval 'config={\"_id\":\"rs\",\"members\":[{\"_id\":0,\"host\":\"rs101:27017\"},{\"_id\":1,\"host\":\"rs102:28017\"},{\"_id\":2,\"host\":\"rs103:29017\"}],\"settings\":{\"keyFile\":\"/etc/secrets/mongodb-keyfile\"}};rs.initiate(config);'"
    ]
    volumes:
      - ./secrets:/etc/secrets:ro
    networks:
      - mongo-repl

  pmm-server:
    image: percona/pmm-server:2
    platform: "linux/amd64"
    container_name: pmm-server
    restart: always
    ports:
      - "8080:80"
      - "443:443"
    volumes:
      - pmm-data:/srv
    environment:
      - DISABLE_TELEMETRY=0
    healthcheck:
      test: ["CMD-SHELL", "curl -f http://localhost || exit 1"]
      interval: 30s
      timeout: 10s
      retries: 5
    networks:
      - mongo-repl

  pmm-client:
    image: percona/pmm-client:2
    platform: "linux/amd64"
    container_name: pmm-client
    environment:
      PMM_AGENT_SERVER_ADDRESS: pmm-server
      PMM_AGENT_SERVER_USERNAME: admin
      PMM_AGENT_SERVER_PASSWORD: admin
      PMM_AGENT_SERVER_INSECURE_TLS: 1
      PMM_AGENT_CONFIG_FILE: config/pmm-agent.yaml
      PMM_AGENT_SETUP: 1
      PMM_AGENT_SETUP_FORCE: 1
      PMM_AGENT_PRERUN_SCRIPT: >
        pmm-admin status --wait=10s &&
        pmm-admin add mongodb --service-name=rs101 --username=databaseAdmin --password=password --host=rs101 --port=27017 --query-source=profiler &&
        pmm-admin add mongodb --service-name=rs102 --username=databaseAdmin --password=password --host=rs102 --port=28017 --query-source=profiler &&
        pmm-admin add mongodb --service-name=rs103 --username=databaseAdmin --password=password --host=rs103 --port=29017 --query-source=profiler
    networks:
      - mongo-repl

networks:
  mongo-repl:
    driver: bridge

volumes:
  mongodata101:
  mongodata102:
  mongodata103:
  pmm-data:

3. Run it

docker-compose -p psmdb-8-rs up -d

4. Open PMM in browser localhost:8080, user admin, password admin, don’t change it, click skip if prompted to change.

5. You will now be able to connect to your replica set

mongodb://databaseAdmin:password@rs101:27017,rs102:28017,rs103:29017/?replicaSet=rs&authSource=admin

If you are not connecting from docker, replace rs101, rs102,rs103 with localhost. (for example to connect. For example, to connect using MongoDB Compass

6. (Optional) Check replicaset status

docker exec -ti rs101 mongosh --username databaseAdmin --password password --authenticationDatabase admin --eval 'rs.status()'

For example, I just tested this, ran it, connected and even did a load of database queries.

Screenshot 2025-02-11 at 7.14.06 PM1920×1011 123 KB

Screenshot 2025-02-11 at 7.13.34 PM1920×868 95.9 KB

P.S. For the load simulation, I used an app.

Thanks for this @daniil.bazhenov , this was really solid and I am still in the middle of docker sign-in since I forgot my passphrase so I am now trying to figure this out, I have made the docker-compose yaml file and I will let you know if this works, but thanks so much for this and I will let you know when I get this configured and setup

It worked! Thanks a lot! I can now run this on my localhost. I really appreciate your help, @daniil.bazhenov. I’ll now start exploring how Percona interacts with MongoDB using the example you provided. Are there any additional resources you’d recommend for learning the prerequisites? I’d like to build a solid foundation before diving deeper into the PBM project. Again, thanks for your clear and structured guidance—it was incredibly helpful!

Screenshot from 2025-02-12 16-24-051920×1080 174 KB

I don’t see you have MongoDB connected to PMM, maybe you need to wait, check that the pmm-client container is running

Like from the docs or the command you provided

mongodb://databaseAdmin:password@rs101:27017,rs102:28017,rs103:29017/?replicate=rs&authSource=admin

I was not able to run

docker exec -ti rs101 mongosh --username databaseAdmin --password password --authenticationDatabase admin --eval ‘rs.status()’

It was throwing error

That’s weird,
well, I think it’s a great topic for an independent study.
As I see you have Docker Desktop, you can see the container logs by clicking on them.

The addresses rs101, rs102, rs103 to connect from inside Docker. In other situations localhost:27017, localhost:28017, localhost:29017.

But if you have not started ReplocaSet, you should start with this.

Sure, I will start with this anything else I should study about after this?

Yes I will try to figure out about it

Given that you already have MongoDB (or will) and PMM, you can probably already look into PBM in more detail.

Backup and Restore.

This is the log I am getting in docker-desktop should I go further back:

2025-02-14 14:27:13 time="2025-02-14T08:57:13.194+00:00" level=info msg="Connection closed." component=client
2025-02-14 14:27:13 time="2025-02-14T08:57:13.194+00:00" level=info msg="2025-02-14T08:57:13.194Z\tinfo\tVictoriaMetrics/app/vmagent/main.go:149\treceived signal terminated" agentID=/agent_id/67806e35-8549-4be6-a3bc-91332dfa14c9 component=agent-process type=vm_agent
2025-02-14 14:27:13 time="2025-02-14T08:57:13.194+00:00" level=info msg="2025-02-14T08:57:13.194Z\tinfo\tVictoriaMetrics/app/vmagent/main.go:153\tgracefully shutting down webservice at \"127.0.0.1:42000\"" agentID=/agent_id/67806e35-8549-4be6-a3bc-91332dfa14c9 component=agent-process type=vm_agent
2025-02-14 14:27:13 time="2025-02-14T08:57:13.194+00:00" level=warning msg="Failed to send StateChanged request." component=client
2025-02-14 14:27:13 time="2025-02-14T08:57:13.194+00:00" level=info msg="Supervisor Changes() channel drained." component=client
2025-02-14 14:27:13 time="2025-02-14T08:57:13.194+00:00" level=info msg=Done. component=client
2025-02-14 14:27:13 time="2025-02-14T08:57:13.195+00:00" level=info msg="2025-02-14T08:57:13.194Z\tinfo\tVictoriaMetrics/app/vmagent/main.go:157\tsuccessfully shut down the webservice in 0.000 seconds" agentID=/agent_id/67806e35-8549-4be6-a3bc-91332dfa14c9 component=agent-process type=vm_agent
2025-02-14 14:27:13 time="2025-02-14T08:57:13.195+00:00" level=info msg="2025-02-14T08:57:13.194Z\tinfo\tVictoriaMetrics/lib/promscrape/config.go:223\tstopping service discovery routines..." agentID=/agent_id/67806e35-8549-4be6-a3bc-91332dfa14c9 component=agent-process type=vm_agent
2025-02-14 14:27:13 time="2025-02-14T08:57:13.195+00:00" level=info msg="2025-02-14T08:57:13.195Z\tinfo\tVictoriaMetrics/lib/promscrape/config.go:227\tstopped service discovery routines in 0.000 seconds" agentID=/agent_id/67806e35-8549-4be6-a3bc-91332dfa14c9 component=agent-process type=vm_agent
2025-02-14 14:27:13 time="2025-02-14T08:57:13.195+00:00" level=info msg="2025-02-14T08:57:13.195Z\tinfo\tVictoriaMetrics/lib/promscrape/scraper.go:194\tstopping Prometheus scrapers" agentID=/agent_id/67806e35-8549-4be6-a3bc-91332dfa14c9 component=agent-process type=vm_agent
2025-02-14 14:27:13 time="2025-02-14T08:57:13.195+00:00" level=info msg="2025-02-14T08:57:13.195Z\tinfo\tVictoriaMetrics/lib/promscrape/scraper.go:197\tstopped Prometheus scrapers in 0.000 seconds" agentID=/agent_id/67806e35-8549-4be6-a3bc-91332dfa14c9 component=agent-process type=vm_agent
2025-02-14 14:27:13 time="2025-02-14T08:57:13.195+00:00" level=info msg="2025-02-14T08:57:13.195Z\tinfo\tVictoriaMetrics/app/vmagent/remotewrite/client.go:206\tstopped client for -remoteWrite.url=\"1:secret-url\"" agentID=/agent_id/67806e35-8549-4be6-a3bc-91332dfa14c9 component=agent-process type=vm_agent
2025-02-14 14:27:13 time="2025-02-14T08:57:13.196+00:00" level=info msg="Process: exited: signal: terminated." agentID=/agent_id/f853c86d-ced5-402d-95cb-7a842077dcee component=agent-process type=node_exporter
2025-02-14 14:27:13 time="2025-02-14T08:57:13.196+00:00" level=info msg="Sending status: DONE (port 42001)." agentID=/agent_id/f853c86d-ced5-402d-95cb-7a842077dcee component=agent-process type=node_exporter
2025-02-14 14:27:13 time="2025-02-14T08:57:13.198+00:00" level=info msg="2025-02-14T08:57:13.198Z\tinfo\tVictoriaMetrics/lib/persistentqueue/fastqueue.go:91\tclosed fast persistent queue at \"/usr/local/percona/pmm2/tmp/vmagent-temp-dir/persistent-queue/1_EC3856885D85EBBB\"" agentID=/agent_id/67806e35-8549-4be6-a3bc-91332dfa14c9 component=agent-process type=vm_agent
2025-02-14 14:27:13 time="2025-02-14T08:57:13.198+00:00" level=info msg="2025-02-14T08:57:13.198Z\tinfo\tVictoriaMetrics/app/vmagent/main.go:177\tsuccessfully stopped vmagent in 0.004 seconds" agentID=/agent_id/67806e35-8549-4be6-a3bc-91332dfa14c9 component=agent-process type=vm_agent
2025-02-14 14:27:13 time="2025-02-14T08:57:13.200+00:00" level=info msg="Process: exited: exit status 0." agentID=/agent_id/67806e35-8549-4be6-a3bc-91332dfa14c9 component=agent-process type=vm_agent
2025-02-14 14:27:13 time="2025-02-14T08:57:13.200+00:00" level=info msg="Sending status: DONE (port 42000)." agentID=/agent_id/67806e35-8549-4be6-a3bc-91332dfa14c9 component=agent-process type=vm_agent
2025-02-14 14:27:13 time="2025-02-14T08:57:13.200+00:00" level=info msg=Done. component=supervisor
2025-02-14 14:27:13 time="2025-02-14T08:57:13.200+00:00" level=info msg=Done. component=main
2025-02-14 14:27:13 time="2025-02-14T08:57:13.203+00:00" level=warning msg="Can't get exit code for pmm-agent. Error code: waitid: no child processes" component=entrypoint
2025-02-14 14:27:13 Connection check failed: connection() error occurred during connection handshake: auth error: sasl conversation error: unable to authenticate using mechanism "SCRAM-SHA-1": (AuthenticationFailed) Authentication failed..

And Yes I am not getting any error when I use this command systemctl start mongod.service so I think mongod.service is running and installed

Looks like credentials provided are invalid

Is it the same that is used for hooking up the monintoring server on localhost:8080 because as advised I have the username and passwrod same as admin?
Or is it something else?
I am trying to follow this solution Configure authentication in MongoDB - Percona Backup for MongoDB , am I on the right path? because if yes MongoServerError[Unauthorized]: Command createRole requires authentication still getting this error in the mongosh shell

It’s not clear what you do when you get this error.

MongoDB

MongoDB has its own authentication/authorization. There can be many users and roles. When running in Docker you can specify root access
environment:
MONGO_INITDB_ROOT_USERNAME: databaseAdmin
MONGO_INITDB_ROOT_PASSWORD: password

If this is not specified in docker-compose.yaml then authorization will not be created on initialization, you need to connect to the database and create the root user manually.

PMM

PMM has its own authentication/authorization, admin/admin , there you can also create separate users and API keys. But these are PMM users, you only need them so that PMM-Client, which works with your database, can send metrics to PMM.

Running this command :

yoshi@yodaone:~/VSCode/percona-backup-mongodb/percona-backup-mongodb$ service mongod status 
× mongod.service - High-performance, schema-free document-oriented database
     Loaded: loaded (/usr/lib/systemd/system/mongod.service; enabled; preset: enabled)
     Active: failed (Result: exit-code) since Fri 2025-02-14 21:41:28 IST; 13s ago
   Duration: 196ms
    Process: 219698 ExecStartPre=/usr/bin/percona-server-mongodb-helper.sh (code=exited, status=0/SUCCESS)
    Process: 219721 ExecStart=/usr/bin/env bash -c ${NUMACTL} /usr/bin/mongod ${OPTIONS} (code=exited, status=48)
   Main PID: 219721 (code=exited, status=48)
        CPU: 124ms

Feb 14 21:41:27 yodaone systemd[1]: Starting mongod.service - High-performance, schema-free document-oriented database...
Feb 14 21:41:27 yodaone systemd[1]: Started mongod.service - High-performance, schema-free document-oriented database.
Feb 14 21:41:28 yodaone env[219721]: {"t":{"$date":"2025-02-14T16:11:28.035Z"},"s":"I",  "c":"CONTROL",  "id":7484500, "ctx":">
Feb 14 21:41:28 yodaone systemd[1]: mongod.service: Main process exited, code=exited, status=48/n/a
Feb 14 21:41:28 yodaone systemd[1]: mongod.service: Failed with result 'exit-code'.

And running mongod command gives this:

yoshi@yodaone:~/VSCode/percona-backup-mongodb/percona-backup-mongodb$ mongod
{"t":{"$date":"2025-02-14T21:43:16.494+05:30"},"s":"I",  "c":"CONTROL",  "id":23285,   "ctx":"main","msg":"Automatically disabling TLS 1.0, to force-enable TLS 1.0 specify --sslDisabledProtocols 'none'"}
{"t":{"$date":"2025-02-14T21:43:16.494+05:30"},"s":"I",  "c":"CONTROL",  "id":5945603, "ctx":"main","msg":"Multi threading initialized"}
{"t":{"$date":"2025-02-14T21:43:16.494+05:30"},"s":"I",  "c":"NETWORK",  "id":4648601, "ctx":"main","msg":"Implicit TCP FastOpen unavailable. If TCP FastOpen is required, set at least one of the related parameters","attr":{"relatedParameters":["tcpFastOpenServer","tcpFastOpenClient","tcpFastOpenQueueSize"]}}
{"t":{"$date":"2025-02-14T21:43:16.494+05:30"},"s":"I",  "c":"NETWORK",  "id":4915701, "ctx":"main","msg":"Initialized wire specification","attr":{"spec":{"incomingExternalClient":{"minWireVersion":0,"maxWireVersion":25},"incomingInternalClient":{"minWireVersion":0,"maxWireVersion":25},"outgoing":{"minWireVersion":6,"maxWireVersion":25},"isInternalClient":true}}}
{"t":{"$date":"2025-02-14T21:43:16.495+05:30"},"s":"I",  "c":"TENANT_M", "id":7091600, "ctx":"main","msg":"Starting TenantMigrationAccessBlockerRegist

On stackoverflow it is saying that you have the port listening to another container so mongod is not able to listen to the port
So what I did is I closed manually the rs101 container listening to this port and I was successful in starting mongod on this port

yoshi@yodaone:~/VSCode/percona-backup-mongodb/percona-backup-mongodb$ service mongod status
● mongod.service - High-performance, schema-free document-oriented database
     Loaded: loaded (/usr/lib/systemd/system/mongod.service; enabled; preset: enabled)
     Active: active (running) since Fri 2025-02-14 21:48:24 IST; 2s ago
    Process: 225782 ExecStartPre=/usr/bin/percona-server-mongodb-helper.sh (code=exited, status=0/SUCCESS)
   Main PID: 225804 (mongod)
      Tasks: 45 (limit: 18305)
     Memory: 222.0M (peak: 301.4M)
        CPU: 785ms
     CGroup: /system.slice/mongod.service
             └─225804 /usr/bin/mongod -f /etc/mongod.conf

Feb 14 21:48:24 yodaone systemd[1]: Starting mongod.service - High-performance, schema-free document-oriented database...
Feb 14 21:48:24 yodaone systemd[1]: Started mongod.service - High-performance, schema-free document-oriented database.
Feb 14 21:48:24 yodaone env[225804]: {"t":{"$date":"2025-02-14T16:18:24.469Z"},"s":"I",  "c":"CONTROL",  "id":7484500, "ctx":"main","msg":"Environmen>
lines 1-14/14 (END)

DO I need rs101 ? or should I instead connect mongod to some other port which is not possible I think since it is asking me for authentication everytime, this is what I got from this

Maybe I have followed this for ubuntu installation previously On Debian and Ubuntu - Percona Server for MongoDB 8.0 maybe that might be the reason mongod only configured to work on localhost:8080 and that is the reason rs101 cannot start at 27017:27017 port which might be pointing to localhost:8080 since only one of them is working if I close either one of the container. So do I uninstall the percona server i.e on ubuntu I installed using the link I provided in this message or what do I do I am clearly out of ideas and I am not understanding what should I do now.

@daniil.bazhenov not to bug you but is there anything else I should try? Although my exams are currently going on if the percona team is busy now we can postpone it till 28th feb, and then maybe I can get help from you and then start the contributions based on my expertise or decide if I need more learning to do and then start contributing.

Depends on what you want to do in the project?

Percona Backup for MongoDB Golang SDK

You probably need to look into how the Backup functionality works in PMM.

• Backup management via PMM - Percona Backup for MongoDB
• Supported setups for MongoDB backups - Percona Monitoring and Management

Then look at the PBM SDK itself and its repositories.

Thanks for the resource! I was specifically asking about the installation issue I faced earlier with the rs101 container. I initially ran into authentication issues with docker-desktop, but I was able to resolve that and it was not about the mongodb authentication which we initially thought.

Now, I’m working on finalizing the setup—getting MongoDB connected, connecting it with pmm-server, and ensuring everything runs smoothly. If you have any guidance or recommendations, I’d really appreciate your help!
I think you would understand what I am specifically asking refering above the comments I made after your suggestion to authenticate mongodb.
Thanks again

I think you are making the installation process very difficult.

Start from the beginning and run in Docker

or don’t use docker, just run it on a Linux computer.

When you run in docker you don’t need to get inside the containers to check the mongod server or anything .

Everything should only run using docker-compose.yaml.