Skip to content

DOCS-393 added info about arbiters and encryption #142

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 4 commits into from
Aug 24, 2012
Merged

DOCS-393 added info about arbiters and encryption #142

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
33f7086
DOCS-393 added info about arbiters and encryption
Aug 20, 2012
0a44904
small edit
Aug 21, 2012
b99ee21
edits
Aug 23, 2012
048778d
DOCS-393 added info on arbiter communications
Aug 23, 2012
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 17 additions & 1 deletion source/core/replication.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -164,6 +164,21 @@ participate in :term:`elections <election>`.
Do not run arbiter processes on a system that is an active
:term:`primary` or :term:`secondary` of its replica set.

Arbiters never receive the contents of any collection but do have the
following interactions with the ret of the replica set:

- Credential exchanges, which are used to authenticate the arbiter with
the replica set. All MongoDB processes within a replica set use
keyfiles. These exchanges are encrypted.

- Only the authentication step is encrypted. Replica set configuration
data and voting are not encrypted.

If your MongoDB deployment uses SSL, then all communications between
arbiters and the other members of the replica set are secure. See the
documentation for :doc:`/administration/ssl` for more information. Run
all arbiters on secure networks, as with all MongoDB components.

.. index:: replica set members; non-voting
.. _replica-set-non-voting-members:

Expand Down Expand Up @@ -308,7 +323,8 @@ apply or decide to ignore the rollback data.

The best strategy for avoiding all rollbacks is to ensure :ref:`write
propagation <replica-set-write-concern>` to all or some of the
nodes in the set. Using these kinds of policies prevents situations
nodes in the set. Using /bin/bash: Using: command not found
these kinds of policies prevents situations
that might create rollbacks.

.. warning::
Expand Down
18 changes: 18 additions & 0 deletions source/faq/replica-sets.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -181,6 +181,24 @@ primary.

.. seealso:: :doc:`/administration/replication-architectures`

What information do arbiters exchange with replica sets?
--------------------------------------------------------

Arbiters never receive the contents of a collection but do exchange the
following data with the rest of the replica set:

- Credentials used to authenticate the arbiter with the replica set. All
MongoDB processes within a replica set use keyfiles. These exchanges
are encrypted.

- Replica set configuration data and voting data. This information is
not encrypted. Only credential exchanges are encrypted.

If your MongoDB deployment uses SSL, then all communications between
arbiters and the other members of the replica set are secure. See the
documentation for :doc:`/administration/ssl` for more information. Run
all arbiters on secure networks, as with all MongoDB components.

Which members of a replica set vote in elections?
-------------------------------------------------

Expand Down