Connect to MongoDB

Learn to create a connection to MongoDB to use as a source or target for OCI GoldenGate.

Before you begin

Ensure that you:

• Review how OCI GoldenGate connects to your source and targets.

• Configure the required policies to enable secure Vault and Secrets access, such as use secrets, use vaults, and read secret-bundles. For more information, see Minimum recommended policies.

• Configure a MongoDB Replicat set:

  • OCI GoldenGate for Big Data uses the operations log (oplog) to read Change Data Capture (CDC) records. The oplog is a capped collection in MongoDB that maintains a rolling record of all operations that modify the database. Oplog files are created when a replica set is enabled in MongoDB.

  • MongoDB Atlas comes preconfigured with a Replicat set. For on-premises MongoDB deployments, you must manually configure and deploy a Replicat set to enable oplog and CDC functionality. For on premises MongoDB, you need to deploy a Replica set.

• Have MongoDB version 3.6 or later.

• Have OCI GoldenGate support to capture the following operations: INSERT, UPDATE, DELETE.

Create the connection

To create a MongoDB connection:

1. From the OCI GoldenGate Overview page, select Connections.

   You can also select Create Connection under the Get started section and skip to step 3.

2. On the Connections page, select Create Connection.

3. On the Create Connection page, complete the fields as follows:

   1. For Name, enter a name for the connection.

   2. (Optional) For Description, enter a description that helps you distinguish this connection from others.

   3. (For GoldenGate on Multicloud only) Select your Subscription, and then complete the following fields.

      1. From the Compartment dropdown, select the compartment in which the Resource Anchor resides.

      2. Select the Multicloud partner region.

      3. Select your Partner availability zone. The available options populate based on the selected Multicloud partner region.

   4. For Compartment, select the compartment in which to create the connection.

   5. For Type, select MongoDB.

   6. For Connection string, enter a valid MongoDB connection string URI without the username and password. For example, mongodb://mongodb1.example.com:27017.

   7. For Username, enter the username for this database.

   8. Select the Password secret. If located in a different compartment, use the dropdown to change compartments.

      Note:

      • Secrets are credentials such as passwords, certificates, SSH keys, or authentication tokens that you use with OCI services. To create a secret, see Creating a secret. Ensure that you:

        • Select Manual secret generation.

        • Paste the credentials into Secret contents.

      • If you prefer not to use password secrets, ensure that you deselect Use secrets in vault in the Security section under Advanced Options, located at the bottom of this form.

      • When you need to update the Secret content, ensure that you:

        • Create a new Secret version using the Plain-Text template and provide the updated content. For more information, see Updating a Secret’s Content.

        • Refresh the connection to clear cached Secret content.

   9. For Security protocol, select the security protocol:

      • Plain: username and password authentication.

      • TLS: TLS with username and password.

      • MTLS: MTLS with username and password.

   10. Expand Show advanced options. You can configure the following options:

       • Security

         • Deselect Use vault secrets you prefer not to use password secrets for this connection. If not selected:

           • Select Use Oracle-managed encryption key to leave all encryption key management to Oracle.

           • Select Use customer-managed encryption key to select a specific encryption key stored in your OCI Vault to encrypt your connection credentials.

       • Network connectivity

         • Shared endpoint, to share an endpoint with the assigned deployment. You must allow connectivity from the deployment's ingress IP.

         • Dedicated endpoint, for network traffic through a dedicated endpoint in the assigned subnet in your VCN. You must allow connectivity from this connection's ingress IPs.

           Note:

           • If a dedicated connection remains unassigned for seven days, then the service converts it to a shared connection.
           • Learn more about Oracle GoldenGate connectivity.

       • Security attributes: Add security attributes to control access to this connection using Zero Trust Packet Routing (ZPR).

       • Tags: Add tags to organize your resources.

4. Select Create.

After the connection is created, it appears in the Connections list. Ensure that you assign the connection to a deployment to use it as a source or target in a replication.

Next steps

• Assign a connection to a deployment
• Manage connections

Known issues

MongoDB, DocumentDB, and Oracle JSON Collection TLS Security Protocol

If the MongoDB Replicat, DocumentDB Replicat, or Oracle JSON Collection connection fails with the following error in the Report file:

Error: Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Workaround: Add the following property to your Properties file, update <connection_ocid> with your connection OCID and keep the rest as is.

jvm.bootoptions=-Djavax.net.ssl.trustStore=/u02/connections/<connection_ocid>/truststore.pkcs12 -Djavax.net.ssl.trustStorePassword=Welcome123

OCI GoldenGateMongoDB connection doesn’t support mongdb+srv connection strings.

Workaround: Use MongoDB connection strings.

1. In MongoDB Atlas, select Connect.

2. Select Drivers.

3. Select Java.

4. For Version, select 3.4 or later.

5. You can use the provided mongodb string. For example:

   mongodb://<user_name>:<db_password>@cluster0-shard-00-00.abc.mongodb.net:27017,cluster0-shard-00-01.abc.mongodb.net:27017,cluster0-shard-00-02.abc.mongodb.net:27017/?ssl=true&replicaSet=atlas-3grqh1-shard-0&authSource=admin&retryWrites=true&w=majority&appName=Cluster0

Issue with MongoDB Test connection

You may encounter an error when using Test connection with MongoDB connections. You can ignore this error and test MongoDB connections in the OCI GoldenGate deployment console. In the deployment console, open the navigation menu for the Administration Service, select Configuration. Your MongoDB connection should be listed as a credential, where you can select **Connect to ** to test the connection.