DOCS-15299 fips mode legacy shell (#1215)

jason-price-mongodb · jason-price-mongodb · web-flow · commit 0fe4fd11612f · 2022-07-18T13:21:10.000-07:00
* DOCS-15299-FIPS-mode-legacy-shell

* DOCS-15299-FIPS-mode-legacy-shell

* DOCS-15299-FIPS-mode-legacy-shell

* DOCS-15299-FIPS-mode-legacy-shell

* DOCS-15299-FIPS-mode-legacy-shell

* DOCS-15299-fips-mode-legacy-shell

* DOCS-15299-fips-mode-legacy-shell

* DOCS-15299-fips-mode-legacy-shell

* DOCS-15299-fips-mode-legacy-shell

* DOCS-15299-FIPS-mode-legacy-shell

* DOCS-15299-FIPS-mode-legacy-shell

* DOCS-15299-FIPS-mode-legacy-shell

* DOCS-15299-FIPS-mode-legacy-shell

* DOCS-15299-FIPS-mode-legacy-shell

* DOCS-15299-FIPS-mode-legacy-shell

* DOCS-15299-FIPS-mode-legacy-shell

* DOCS-15299-FIPS-mode-legacy-shell

* DOCS-15299-FIPS-mode-legacy-shell

* DOCS-15299-FIPS-mode-legacy-shell

* DOCS-15299-FIPS-mode-legacy-shell

* DOCS-15299-FIPS-mode-legacy-shell

* DOCS-15299-FIPS-mode-legacy-shell

* DOCS-15299-FIPS-mode-legacy-shell

* DOCS-15299-FIPS-mode-legacy-shell

* DOCS-15299-FIPS-mode-legacy-shell

* DOCS-15299-FIPS-mode-legacy-shell

* DOCS-15299-FIPS-mode-legacy-shell

* DOCS-15299-FIPS-mode-legacy-shell

Co-authored-by: jason-price-mongodb &lt;jshfjghsdfgjsdjh@aolsdjfhkjsdhfkjsdf.com&gt;
diff --git a/source/includes/install-mongodb-apt-get-commands.rst b/source/includes/install-mongodb-apt-get-commands.rst
@@ -0,0 +1,45 @@
+You can also install the MongoDB Shell that uses the system's OpenSSL.
+You must have already installed OpenSSL on your system before
+installing this version of the MongoDB Shell.
+
+You can install all of the MongoDB Enterprise packages and the
+MongoDB Shell that uses the system's OpenSSL without removing the
+MongoDB Shell first. For example:
+
+.. code-block:: sh
+
+   sudo apt-get install -y mongodb-enterprise mongodb-mongosh-shared-openssl11
+
+The following example removes the MongoDB Shell and then installs the
+MongoDB Shell that uses the system's OpenSSL 1.1:
+
+.. code-block:: sh
+
+   sudo apt-get remove -y mongodb-mongosh && sudo apt-get install -y
+   mongodb-mongosh-shared-openssl11
+
+The following example removes the MongoDB Shell and then installs the
+MongoDB Shell that uses the system's OpenSSL 3:
+
+.. code-block:: sh
+
+   sudo apt-get remove -y mongodb-mongosh && sudo apt-get install -y
+   mongodb-mongosh-shared-openssl3
+
+You can also choose the MongoDB packages to install.
+   
+The following example installs MongoDB Enterprise and tools, and the
+MongoDB Shell that uses the system's OpenSSL 1.1:
+
+.. code-block:: sh
+
+   sudo apt-get install -y mongodb-enterprise-database
+   mongodb-enterprise-tools mongodb-mongosh-shared-openssl11
+
+The following example installs MongoDB Enterprise and tools, and the
+MongoDB Shell that uses the system's OpenSSL 3:
+
+.. code-block:: sh
+
+   sudo apt-get install -y mongodb-enterprise-database
+   mongodb-enterprise-tools mongodb-mongosh-shared-openssl3
diff --git a/source/includes/install-mongodb-shell-tarball.rst b/source/includes/install-mongodb-shell-tarball.rst
@@ -0,0 +1,2 @@
+Download the package for the version of ``mongosh`` you need from the
+|mdb-download-link| and uncompress the package.
diff --git a/source/includes/install-mongodb-yum-commands.rst b/source/includes/install-mongodb-yum-commands.rst
@@ -0,0 +1,45 @@
+You can also install the MongoDB Shell that uses the system's OpenSSL.
+You must have already installed OpenSSL on your system before
+installing this version of the MongoDB Shell.
+
+You can install all of the MongoDB Enterprise packages and the
+MongoDB Shell that uses the system's OpenSSL without removing the
+MongoDB Shell first. For example:
+
+.. code-block:: sh
+
+   sudo yum install -y mongodb-enterprise mongodb-mongosh-shared-openssl11
+
+The following example removes the MongoDB Shell and then installs the
+MongoDB Shell that uses the system's OpenSSL 1.1:
+
+.. code-block:: sh
+
+   sudo yum remove -y mongodb-mongosh && sudo yum install -y
+   mongodb-mongosh-shared-openssl11
+
+The following example removes the MongoDB Shell and then installs the
+MongoDB Shell that uses the system's OpenSSL 3:
+
+.. code-block:: sh
+
+   sudo yum remove -y mongodb-mongosh && sudo yum install -y
+   mongodb-mongosh-shared-openssl3
+
+You can also choose the MongoDB packages to install.
+   
+The following example installs MongoDB Enterprise and tools, and the
+MongoDB Shell that uses the system's OpenSSL 1.1:
+
+.. code-block:: sh
+
+   sudo yum install -y mongodb-enterprise-database
+   mongodb-enterprise-tools mongodb-mongosh-shared-openssl11
+
+The following example installs MongoDB Enterprise and tools, and the
+MongoDB Shell that uses the system's OpenSSL 3:
+
+.. code-block:: sh
+
+   sudo yum install -y mongodb-enterprise-database
+   mongodb-enterprise-tools mongodb-mongosh-shared-openssl3
diff --git a/source/includes/list-mongodb-enterprise-packages.rst b/source/includes/list-mongodb-enterprise-packages.rst
@@ -36,7 +36,11 @@ repository, and contains the following officially-supported packages:
 
   * - ``{+package-name+}-mongosh``
     - Contains the MongoDB Shell (:binary:`~bin.mongosh`).
- 
+
+  * - ``{+package-name+}-shared-openssl*``
+    - Contains the MongoDB Shell that uses the OpenSSL version already
+      installed on your computer (:binary:`~bin.mongosh`).
+
   * - ``{+package-name-enterprise+}-tools``
     - A ``metapackage`` that automatically installs the component
       packages listed below:
diff --git a/source/includes/steps-install-mongodb-enterprise-on-linux.yaml b/source/includes/steps-install-mongodb-enterprise-on-linux.yaml
@@ -29,4 +29,5 @@ content: |
    :mongosh:`Install </install>` ``mongosh`` then use the MongoDB Shell
    to connect to your deployment.
 
+   .. include:: /includes/install-mongodb-shell-tarball.rst
 ...
diff --git a/source/includes/steps-install-mongodb-on-amazon-tarball.yaml b/source/includes/steps-install-mongodb-on-amazon-tarball.yaml
@@ -65,4 +65,5 @@ content: |
    :mongosh:`Install </install>` ``mongosh`` then use the MongoDB Shell
    to connect to your deployment.
 
+   .. include:: /includes/install-mongodb-shell-tarball.rst
 ...
diff --git a/source/includes/steps-install-mongodb-on-linux.yaml b/source/includes/steps-install-mongodb-on-linux.yaml
@@ -67,4 +67,5 @@ content: |
    :mongosh:`Install </install>` ``mongosh`` then use the MongoDB Shell
    to connect to your deployment.
 
+   .. include:: /includes/install-mongodb-shell-tarball.rst
 ...
diff --git a/source/includes/steps-install-mongodb-on-ubuntu-tarball.yaml b/source/includes/steps-install-mongodb-on-ubuntu-tarball.yaml
@@ -64,5 +64,6 @@ content: |
    :mongosh:`Install </install>` ``mongosh`` then use the MongoDB Shell
    to connect to your deployment.
 
+   .. include:: /includes/install-mongodb-shell-tarball.rst
 ...
 
diff --git a/source/reference/command/serverStatus.txt b/source/reference/command/serverStatus.txt
@@ -1445,8 +1445,9 @@ network
             "clientsRunning" : <num>,
             "clientsWaitingForData" : <num>
          }
-      }
-   },
+      },
+      "listenerProcessingTime" : { durationMicros: <num> }  // Added in MongoDB 6.1
+   }
 
 .. serverstatus:: network
 
@@ -1626,6 +1627,22 @@ network
    Number of clients using the ``fixed`` service executor that are
    waiting for incoming data from the network.
 
+.. serverstatus:: network.listenerProcessingTime
+
+   .. versionadded:: 6.1
+
+   A document that reports the total time the database listener spends
+   allocating incoming database connection requests to dedicated
+   threads.
+
+.. serverstatus:: network.listenerProcessingTime.durationMicros
+
+   .. versionadded:: 6.1
+
+   Total time in microseconds the database listener spends allocating
+   incoming database connection requests to dedicated threads that
+   perform database operations.
+
 opLatencies
 ~~~~~~~~~~~
 
diff --git a/source/tutorial/configure-fips.txt b/source/tutorial/configure-fips.txt
@@ -242,8 +242,51 @@ Select the tab below for your platform:
 Additional Considerations
 --------------------------
 
-.. include:: /includes/fact-5.1-scram-sha-1-fips-default.rst
+SCRAM SHA and FIPS Mode
+~~~~~~~~~~~~~~~~~~~~~~~
 
-.. include:: /includes/extracts/4.2-changes-fips.rst
+.. include:: /includes/fact-5.1-scram-sha-1-fips-default.rst
 
 .. include:: /includes/md5-and-scram-sha-1.rst
+
+Database Tools and FIPS Mode
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Starting in MongoDB 4.2, the following programs no longer support the
+:option:`--sslFIPSMode <mongod --sslFIPSMode>` option:
+
+- :binary:`~bin.mongodump`
+- :binary:`~bin.mongoexport`
+- :binary:`~bin.mongofiles`
+- :binary:`~bin.mongoimport`
+- :binary:`~bin.mongorestore`
+- :binary:`~bin.mongostat`
+- :binary:`~bin.mongotop`
+
+``mongod``, ``mongos``, and FIPS Mode
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+If you configure :binary:`~bin.mongod` and :binary:`~bin.mongos` to use
+FIPS mode, ``mongod`` and ``mongos`` use FIPS-compliant connections.
+
+MongoDB Shell and FIPS Mode
+~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+The default :binary:`MongoDB Shell <~bin.mongosh>` distribution:
+
+- Contains OpenSSL 1.1.
+- Uses FIPS-compliant connections to :binary:`~bin.mongod` and
+  :binary:`~bin.mongos` if you configure ``mongod`` and ``mongos`` to
+  use FIPS mode.
+
+MongoDB also provides a MongoDB Shell distribution that can use:
+
+- OpenSSL 1.1 and OpenSSL 3 installed on your server.
+- ``--tlsFIPSMode`` option, which enables the ``mongosh`` FIPS mode.
+
+.. seealso::
+
+   - To download MongoDB Shell distributions that contain OpenSSL 1.1
+     and OpenSSL 3, go to the `MongoDB Download Center
+     <https://www.mongodb.com/try/download/shell?jmp=docs>`__.
+   - :ref:`mdb-shell-install`
diff --git a/source/tutorial/install-mongodb-enterprise-on-amazon.txt b/source/tutorial/install-mongodb-enterprise-on-amazon.txt
@@ -71,6 +71,10 @@ Amazon Linux:
 
       .. include:: /includes/steps/install-mongodb-enterprise-on-amazon.rst
 
+.. note::
+
+   .. include:: /includes/install-mongodb-yum-commands.rst
+   
 Run MongoDB Enterprise Edition
 ------------------------------
 
diff --git a/source/tutorial/install-mongodb-enterprise-on-debian-tarball.txt b/source/tutorial/install-mongodb-enterprise-on-debian-tarball.txt
@@ -92,6 +92,8 @@ the ``.tgz``.
 
 .. include:: /includes/steps/install-mongodb-enterprise-on-linux.rst
 
+.. include:: /includes/install-mongodb-shell-tarball.rst
+
 Run MongoDB Enterprise Edition
 ------------------------------
 
diff --git a/source/tutorial/install-mongodb-enterprise-on-debian.txt b/source/tutorial/install-mongodb-enterprise-on-debian.txt
@@ -65,6 +65,10 @@ Follow these steps to install MongoDB |edition| Edition using the
 
 .. include:: /includes/steps/install-mongodb-enterprise-on-debian.rst
 
+.. note::
+
+   .. include:: /includes/install-mongodb-apt-get-commands.rst
+
 Run MongoDB Enterprise Edition
 ------------------------------
 
diff --git a/source/tutorial/install-mongodb-enterprise-on-red-hat.txt b/source/tutorial/install-mongodb-enterprise-on-red-hat.txt
@@ -58,6 +58,10 @@ Follow these steps to install MongoDB |edition| Edition using the
 
 .. include:: /includes/steps/install-mongodb-enterprise-on-red-hat.rst
 
+.. note::
+
+   .. include:: /includes/install-mongodb-yum-commands.rst
+
 Run MongoDB Enterprise Edition
 ------------------------------
 
diff --git a/source/tutorial/install-mongodb-enterprise-on-ubuntu.txt b/source/tutorial/install-mongodb-enterprise-on-ubuntu.txt
@@ -66,7 +66,9 @@ Install MongoDB Enterprise Edition
 Follow these steps to install MongoDB |edition| Edition using the
 |package-manager| package manager.
 
-.. include:: /includes/steps/install-mongodb-enterprise-on-ubuntu.rst
+.. note::
+
+   .. include:: /includes/install-mongodb-apt-get-commands.rst
 
 Run MongoDB Enterprise Edition
 ------------------------------

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	+Download the package for the version of ``mongosh`` you need from the
	`2`	`+\|mdb-download-link\| and uncompress the package.`