Get started
Yandex Data Transfer

Configuring a MongoDB target endpoint

Written by

When creating or editing an endpoint, you can define:

Managed Service for MongoDB cluster

Connecting to the database with the cluster ID specified in Yandex Cloud. Available only for clusters deployed in Yandex Managed Service for MongoDB.

  • Managed Service for MongoDB cluster: Specify ID of the cluster to connect to.

  • Security groups: Select the cloud network to host the endpoint and security groups for network traffic.

    This will let you apply the specified security group rules to the VMs and clusters in the selected network without changing the settings of these VMs and clusters. For more information, see Network in Yandex Data Transfer.

  • Authentication source: Specify the database name in the cluster.

  • User: Specify the username that Data Transfer will use to connect to the database.

  • Password: Enter the user's password to the database.

  • Endpoint type: mongo-target.

  • --cluster-id: ID of the cluster you need to connect to.

  • --database: Database name.

  • --user: Username that Data Transfer will use to connect to the database.

  • --security-group: Security groups for network traffic, whose rules will apply to VMs and clusters without changing their settings. For more information, see Network in Yandex Data Transfer.

  • To set a user password to access the database, use one of the parameters:

    • --raw-password: Password as text.

    • --password-file: The path to the password file.

  • Endpoint type: mongo_target.

  • connection.connection_options.mdb_cluster_id: ID of cluster to connect to.

  • subnet_id: ID of the subnet hosting the cluster. If not specified, the cluster must be accessible from the internet.

    If the value in this field is specified for both endpoints, both subnets must be hosted in the same availability zone.

  • security_groups: Specify the security groups for network traffic.

    This will let you apply the specified security group rules to the VMs and clusters in the subnet_id network without changing the settings of these VMs and clusters. For more information, see Network in Yandex Data Transfer.

  • auth_source: Specify the database name in the cluster.

  • connection.connection_options.user: Username that Data Transfer will use to connect to the database.

  • connection.connection_options.password.raw: Password in text form.

Example of the configuration file structure:

resource "yandex_datatransfer_endpoint" "<endpoint name in Terraform>" {
  name = "<endpoint name>"
  settings {
    mongo_target {
      security_groups = [ "list of security group IDs" ]
      subnet_id       = "<subnet ID>"
      connection {
        connection_options {
          mdb_cluster_id = "<Managed Service for MongoDB cluster ID>"
          database       = "<database name>"
          user           = "<username>"
          password {
            raw = "<user password>"
          }
        }
      }
      <advanced endpoint settings>
    }
  }
}

For more information, see the Terraform provider documentation.

  • securityGroups: Security groups for network traffic, whose rules will apply to VMs and clusters without changing their settings. For more information, see Network in Yandex Data Transfer.

  • mdbClusterId: ID of the cluster you need to connect to.

  • database: Database name.

  • user: Username that Data Transfer will use to connect to the database.

  • password.raw: Database user password (in text form).

Custom installation

Connecting to the database with explicitly specified network addresses and ports.

  • Hosts: Specify the IPs or FQDNs of the hosts to connect to.

  • Replica set: Specify the name of the replica set.

  • Port: Set the number of the port that Data Transfer will use for the connection.

  • CA certificate: To encrypt transmitted data, upload the PEM certificate or add its contents as text.

  • Subnet ID: Select or create a subnet in the desired availability zone.

    If the value in this field is specified for both endpoints, both subnets must be hosted in the same availability zone.

  • Authentication source: Specify the database name in the cluster.

  • User: Specify the username that Data Transfer will use to connect to the database.

  • Password: Enter the user's password to the database.

  • Security groups: Select the cloud network to host the endpoint and security groups for network traffic.

    This will let you apply the specified security group rules to the VMs and clusters in the selected network without changing the settings of these VMs and clusters. For more information, see Network in Yandex Data Transfer.

  • Endpoint type: mongo-target.

  • --host: IP address or FQDN of the master host you want to connect to.

  • --port: Number of the port that Data Transfer will use for the connection.

  • --ca-certificate — If the transmitted data needs to be encrypted, for example, to meet the requirements of PCI DSS.

  • --subnet-id: ID of the subnet the host resides in.

  • --database: Database name.

  • --user: Username that Data Transfer will use to connect to the database.

  • --security-group: Security groups for network traffic, whose rules will apply to VMs and clusters without changing their settings. For more information, see Network in Yandex Data Transfer.

  • To set a user password to access the database, use one of the parameters:

    • --raw-password: Password as text.

    • --password-file: The path to the password file.

  • Endpoint type: mongo_target.

  • on_premise.port: Port number that Data Transfer will use for connections.

  • connection.connection_options.on_premise.tls_mode.enabled.ca_certificate: CA certificate used if the data being transferred must be encrypted to comply with the PCI DSS requirements.

  • security_groups: Specify the security groups for network traffic.

    This will let you apply the specified security group rules to the VMs and clusters in the subnet_id network without changing the settings of these VMs and clusters. For more information, see Network in Yandex Data Transfer.

  • subnet_id: ID of the subnet hosting the cluster. If not specified, the cluster must be accessible from the internet.

    If the value in this field is specified for both endpoints, both subnets must be hosted in the same availability zone.

  • connection.connection_options.on_premise.replica_set: Specify the name of the replica set.

  • connection.connection_options.on_premise.hosts: Specify the IP addresses or FQDN of the hosts to connect to.

  • auth_source: Specify the database name in the cluster.

  • connection.connection_options.user: Username that Data Transfer will use to connect to the database.

  • connection.connection_options.password.raw: Password in text form.

Example of the configuration file structure:

resource "yandex_datatransfer_endpoint" "<endpoint name in Terraform>" {
  name = "<endpoint name>"
  settings {
    mongo_target {
      security_groups = [ "list of security group IDs" ]
      subnet_id       = "<subnet ID>"
      connection {
        connection_options {
          on_premise {
            hosts       = [ "list of replica set hosts" ]
            port        = "<connection port>"
            replica_set = "<replica set name>"
            tls_mode {
              enabled {
                ca_certificate = "<certificate in PEM format>"
              }
            }
          }
          auth_source = "<database name>"
          user        = "<username>"
          password {
            raw = "<user password>"
          }
        }
      }
      <advanced endpoint settings>
    }
  }
}

For more information, see the Terraform provider documentation.

  • onPremise: Database connection parameters:

    • hosts — IP address or FQDN of the master host to connect to.

    • port: The number of the port that Data Transfer will use for the connection.

    • tlsMode: Parameters of encryption of transmitted data if it is required, for example, to meet the requirements of PCI DSS.

    • subnetId: ID of the subnet the host resides in.

  • securityGroups: Security groups for network traffic, whose rules will apply to VMs and clusters without changing their settings. For more information, see Network in Yandex Data Transfer.

  • database: Database name.

  • user: Username that Data Transfer will use to connect to the database.

  • password.raw: Database user password (in text form).

Additional settings

  • Database: Specify the database name if you want to create collections in a database that is different from the source database.

  • Cleanup policy: Select a way to clean up data in the target database before the transfer:

    • Don't cleanup: Select this option if you are only going to do replication without copying data.

    • Drop: Fully delete tables included in the transfer (used by default).

      Use this option so that the latest version of the table schema is always transferred to the target database from the source whenever the transfer is activated.

    • Truncate: Delete only the data from the tables included in the transfer but leave the schema.

      Use this option if the schema in the target database differs from the one that would have been transferred from the source during the transfer.

  • database: Specify the database name if you want to create collections in a database that is different from the source database.

  • cleanup_policy: Select a way to clean up data in the target database before the transfer:

    • DISABLED: Do not clean up.

      Select this option if only replication without copying data is performed.

    • DROP: Fully delete collections included in the transfer (default).

      Use this option so that the latest collection version is always transferred to the target database from the source whenever the transfer is activated.

    • TRUNCATE: Delete only the data from the collections included in the transfer but leave the collections.

      Use this option if the structure of collections in the target database differs from the one that would have been transferred from the source during the transfer.

Warning

By default, Data Transfer transfers collections without sharding. If you are transferring data to a sharded target cluster and want your collections to be sharded:

  1. Prepare the target cluster to shard the collections.
  2. Select DISABLED or TRUNCATE as your cleanup policy.

Selecting the DROP policy will result in the service deleting all the data from the target database, including sharded collections, and replacing them with new unsharded ones when a transfer is activated.

In this article: