Hello!
I’m running Katello 3.17 with Foreman 2.2.3 which seems to had come with MongoDB 3.4. Unfortunately, our security scanner reported that 3.4 is EOL and is coming up on our vulnerability report.
So with that, after running the Pulp2 to Pulp3 migration process for Katello 3.17, I’m wondering if and how I can now safely remove MongoDB?
I read in the Katello - Saying goodbye to Pulp 2 document that after moving to Pulp 3, MondoDB will no longer be needed. However, after executing the Pulp migration steps, I noticed that MongoDB is still installed and the service is enabled and running.
# foreman-maintain service list
Running Service List
================================================================================
List applicable services:
foreman-proxy.service enabled
foreman.service enabled
goferd.service enabled
httpd.service enabled
postgresql.service enabled
pulp_celerybeat.service enabled
pulp_resource_manager.service enabled
pulp_streamer.service enabled
pulp_workers.service enabled
pulpcore-api.service enabled
pulpcore-content.service enabled
pulpcore-resource-manager.service enabled
pulpcore-worker@.service enabled
puppetserver.service enabled
qdrouterd.service enabled
qpidd.service enabled
rh-mongodb34-mongod.service enabled
rh-redis5-redis.service enabled
squid.service enabled
tomcat.service enabled
All services listed [OK]
--------------------------------------------------------------------------------
# systemctl status rh-mongodb34-mongod.service
● rh-mongodb34-mongod.service - High-performance, schema-free document-oriented database
Loaded: loaded (/usr/lib/systemd/system/rh-mongodb34-mongod.service; enabled; vendor preset: disabled)
Active: active (running) since Wed 2022-01-12 21:17:00 UTC; 28min ago
Process: 19699 ExecStart=/opt/rh/rh-mongodb34/root/usr/libexec/mongodb-scl-helper enable $RH_MONGODB34_SCLS_ENABLED -- /opt/rh/rh-mongodb34/root/usr/bin/mongod $OPTIONS run (code=exited, status=0/SUCCESS)
Main PID: 19704 (mongod)
Tasks: 48
CGroup: /system.slice/rh-mongodb34-mongod.service
└─19704 /opt/rh/rh-mongodb34/root/usr/bin/mongod -f /etc/opt/rh/rh-mongodb34/mongod.conf run
Jan 12 21:17:00 foreman.example.net mongod.27017[19704]: [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/defrag is 'always'.
Jan 12 21:17:00 foreman.example.net mongod.27017[19704]: [initandlisten] ** We suggest setting it to 'never'
Jan 12 21:17:00 foreman.example.net mongod.27017[19704]: [initandlisten]
Jan 12 21:17:00 foreman.example.net mongod.27017[19704]: [initandlisten] ** WARNING: soft rlimits too low. rlimits set to 31193 processes, 64000 files. Number of processes should be at least 32000 : 0.5 times number of files.
Jan 12 21:17:00 foreman.example.net mongod.27017[19704]: [initandlisten]
Jan 12 21:17:00 foreman.example.net mongod.27017[19704]: [initandlisten] Initializing full-time diagnostic data capture with directory '/var/lib/mongodb/diagnostic.data'
Jan 12 21:17:00 foreman.example.net mongod.27017[19704]: [thread1] waiting for connections on port 27017
Jan 12 21:17:00 foreman.example.net mongodb-scl-helper[19699]: child process started successfully, parent exiting
Jan 12 21:17:00 foreman.example.net systemd[1]: Started High-performance, schema-free document-oriented database.
Jan 12 21:30:28 foreman.example.net mongod.27017[19704]: [conn53] received client metadata from 127.0.0.1:41242 conn53: { application: { name: "MongoDB Shell" }, driver: { name: "MongoDB Internal Client", version: "3.4.9" }, os...
Hint: Some lines were ellipsized, use -l to show in full.
I know there is a foreman-maintain content remove-pulp2
command used to remove Pulp2, which may end up disabling/removing MongoDB? However it doesn’t seem the version of foreman-maintain
that comes with Katello 3.17/Foreman 2.2.3 has that option. Not too sure, but I believe I’d need to upgrade to Katello 4 first?
I do plan to upgrade to Katello 4 as soon as possible (planning on finishing up an OS deployment first) and wondering if I can somehow drop MongoDB before then.
My main question I suppose is how should I go about removing MongoDB completely from my Katello host? If upgrading to Katello 4 is really the way to go about that, that is cool, but if I can do so prior, that would be really, really sweet. Just trying to review my options
Thanks!