Warning! This capability is on early experimental stages and not suitable for production deployments.
Warning! This guide is not suitable for existing installations as we will remove all configuration data.
By default FastNetMon Advanced uses MongoDB as default database for configuration. In addition to storing configuration in MongoDB FastNetMon may store some optional information about attacks but this information is not used by FastNetMon itself and can be easily skipped. FastNetMon does not store metrics or traffic in MongoDB as we use InfluxDB and Clickhouse databases for this purpose.
MongoDB uses relatively unusual license called SSPL which may be limiting factor for cloud deployments. MongoDB has official builds for x86_64 and ARM64 platforms but other platforms are not supported. In addition to these constraints MongoDB started requiring CPU extensions such as AVX available only for latest generations of CPUs which may be limiting factor too.
FerretDB is an open-source proxy that translates MongoDB wire protocol queries to SQL, with PostgreSQL as the database engine.
To start using FastNetMon with FerretDB you need to use any version of FastNetMon Advanced starting from 2.0.335 as this version has logic changes required to run it efficiently.
First of all, please use standard install guide and install FastNetMon Advanced with MongoDB as configuration backend.
Please do not try using this guide for existing installation as it will remove all configuration data.
We’re going to use Ubuntu 22.04 for our tests and we support only this platform so far.\
If you do not want to have PostgreSQL on server we have lightweight SQLite based alternative.
Check that FastNetMon daemon is running:
sudo fcli show license
Example output:
Developer license for 10000 mbits valid until 2023-04-07
And confirm that fcli has access to MongoDB:
sudo fcli show main
Then you need to install latest version of FerretDB:
wget https://github.com/FerretDB/FerretDB/releases/download/v1.5.0/ferretdb.deb
Then install it:
sudo dpkg -i ferretdb.deb
Then create systemd unit file for FerretDB:
sudo vim /lib/systemd/system/ferretdb.service
With following content:
[Unit] Description=FerretDB database After=network.target remote-fs.target [Service] Type=simple ExecStart=/usr/bin/ferretdb --debug-addr="127.0.0.1:8089" Restart=on-failure RestartSec=5s [Install] WantedBy=multi-user.target
Then reload systemd configuration:
sudo systemctl daemon-reload
Then we need to shutdown and disable MongoDB as FerretDB uses same port:
sudo systemctl stop mongod sudo systemctl disable mongod
And enable start on boot:
sudo systemctl enable ferretdb
And try starting it:
sudo systemctl start ferretdb
Then check that it’s running well:
sudo systemctl status ferretdb
Example output:
ferretdb.service - FerretDB database Loaded: loaded (/lib/systemd/system/ferretdb.service; enabled; vendor preset: enabled) Active: active (running) since Fri 2023-03-24 12:23:19 UTC; 1min 5s ago Main PID: 38127 (ferretdb) Tasks: 8 (limit: 4694) Memory: 5.1M CPU: 36ms CGroup: /system.slice/ferretdb.service └─38127 /usr/bin/ferretdb --debug-addr=127.0.0.1:8089
And check that daemon is running well:
ps aux|grep ferret root 38127 0.0 0.4 732812 18112 ? Ssl 12:23 0:00 /usr/bin/ferretdb --debug-addr=127.0.0.1:8089
Then we need to make configuration change to allow PLAIN authentication because it’s only single supported authentication method by FerretDB:
echo '{"mongodb_auth_mechanism":"PLAIN"}' | sudo tee /etc/fastnetmon/fastnetmon.conf
Then try to running fcli and check connection to database:
sudo fcli show main
It will fail as we have no PostgreSQL database on this machine yet and FerretDB will show proper error about it:
2023/03/24 17:14:11 We cannot establish connection with MongoDB: connection() error occurred during connection handshake: auth error: unable to authenticate using mechanism "PLAIN": (InternalError) [msg_saslstart.go:60 pg.(Handler).MsgSASLStart] [pg.go:130 pg.(Handler).DBPool] pgdb.NewPool: failed to connect to host=127.0.0.1 user=fastnetmon_user database=ferretdb: dial error (dial tcp 127.0.0.1:5432: connect: connection refused) Attempt number: 1
Then we need to install PostgreSQL:
sudo apt install -y postgresql postgresql-contrib
Enable PostgreSQL launch on boot:
sudo systemctl enable postgresql
Try starting database:
sudo systemctl start postgresql
Then we can try connecting to database again:
sudo fcli show main
We will see another error which just means that username or password are wrong:
2023/03/24 17:20:15 We cannot establish connection with MongoDB: connection() error occurred during connection handshake: auth error: unable to authenticate using mechanism "PLAIN": (InternalError) [msg_saslstart.go:60 pg.(Handler).MsgSASLStart] [pg.go:130 pg.(Handler).DBPool] pgdb.NewPool: failed to connect to host=127.0.0.1 user=fastnetmon_user database=ferretdb: failed SASL auth (FATAL: password authentication failed for user "fastnetmon_user" (SQLSTATE 28P01)) Attempt number: 1
That’s expected as we did not create password yet.
We need to create database user:
sudo -u postgres createuser fastnetmon_user --no-superuser --no-createdb --no-createrole
Get database password from FastNetMon configuration:
export PGPASSWORD=`sudo cat /etc/fastnetmon/keychain/.mongo_fastnetmon_password`
Then set password for this user:
sudo -u postgres psql -c "ALTER USER fastnetmon_user PASSWORD '$PGPASSWORD';"
Create database called ferretdb explicitly specifying locale as other locales may not be supported by FerretDB:
sudo -u postgres createdb ferretdb --locale=en_US.UTF-8 --template=template0
Then you need to grant permission to create schema in database:
sudo -u postgres psql -c "GRANT CREATE ON DATABASE ferretdb TO fastnetmon_user;"
Then try connecting to database ferretdb using username and password we just created:
psql --username fastnetmon_user --host 127.0.0.1 ferretdb --command "select 1+1"
After that you can try reading FastNetMon configuration from fcli:
sudo fcli show main
It’s expected to see error like:
Command returned error: Could not retrieve main configuration from database mongo: no documents in result
Warning! Next command will remove all data in database.
Then we need to try creating new default FastNetMon configuration database:
sudo fcli create_configuration
Then check content of default configuration from fcli:
sudo fcli show main
After that restart FastNetMon to apply changes:
sudo fcli commit
Check that FastNetMon is running correctly:
sudo fcli show license
If something does not work as expected please reach our support and share /var/log/fastnetmon/fastnetmon,log with them.
Well done!