MongoDB does not store data in tables, instead, it stores data in a “document” structure similar to JSON (in MongoDB called BSON).MongoDB is a NoSQL database that provides high performance, high availability, and automatic scaling. NoSQL database means that, unlike MySQL or PostgreSQL, it does not support SQL (Structured Query Language) to retrieve or manipulate the stored data.
Prerequisites
- CentOS 7
- Root privileges
Steps:
+Add the MongoDB repository.
+Installing MongoDB.
+Fix some MongoDB errors.
+Create an administrator user.
+Enable MongoDB authentication and Testing.
Connect to your CentOS 7 server with the ssh root account:
#ssh root@10.0.0.211create new repository file ‘mongodb-org-3.2.repo’
#cd /etc/yum.repos.d/
#vi mongodb-org-3.2.repopaste the followings
[mongodb-org-3.2]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/3.2/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-3.2.ascsave the file and and exit the editor.
Installing MongoDB
Run the command below and make sure mongodb repository is there.
#yum repolist
=====
repo id repo name status
!base/7/x86_64 CentOS-7 - Base 10,019
!epel/x86_64 Extra Packages for Enterprise Linux 7 - x86_64 12,985
!extras/7/x86_64 CentOS-7 - Extras 382
!jenkins Jenkins-stable 86
!mongodb-org-3.2/7 MongoDB Repository 115
!updates/7/x86_64 CentOS-7 - Updates Next, install MongoDB with the yum command.
#yum -y install mongodb-orgWhen the installation is finished, start MongoDB with this systemctl command:
systemctl start mongod
Check that MongoDB is running by checking that the port ‘27017’ is open.
#netstat -plntu
[root@syam ~]# netstat -plntu
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:27017 0.0.0.0:* LISTEN 3110/mongod
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 267/sshd
tcp 0 0 0.0.0.0:1723 0.0.0.0:* LISTEN 2889/pptpd
tcp6 0 0 :::8080 :::* LISTEN 1725/java
tcp6 0 0 :::22 :::* LISTEN 267/sshd
udp6 0 0 :::33848 :::* 1725/java
udp6 0 0 :::5353 :::* 1725/java
And make sure the mongodb service is active.
[root@syam ~]# systemctl status mongod
● mongod.service - SYSV: Mongo is a scalable, document-oriented database.
Loaded: loaded (/etc/rc.d/init.d/mongod; bad; vendor preset: disabled)
Active: active (running) since Thu 2019-03-21 15:41:53 UTC; 1 day 12h ago
Docs: man:systemd-sysv-generator(8)
Process: 3077 ExecStop=/etc/rc.d/init.d/mongod stop (code=exited, status=0/SUCCESS)
Process: 3095 ExecStart=/etc/rc.d/init.d/mongod start (code=exited, status=0/SUCCESS)
CGroup: /system.slice/mongod.service
└─3110 /usr/bin/mongod -f /etc/mongod.conf
Mar 21 15:41:53 syam systemd[1]: Stopped SYSV: Mongo is a scalable, document-oriented database..
Mar 21 15:41:53 syam systemd[1]: Starting SYSV: Mongo is a scalable, document-oriented database....
Mar 21 15:41:53 syam mongod[3095]: /etc/rc.d/init.d/mongod: line 67: ulimit: max locked memory: cannot modify limit: Operation not permitted
Mar 21 15:41:53 syam runuser[3106]: pam_unix(runuser:session): session opened for user mongod by (uid=0)
Mar 21 15:41:53 syam runuser[3106]: pam_unix(runuser:session): session closed for user mongod
Mar 21 15:41:53 syam systemd[1]: Started SYSV: Mongo is a scalable, document-oriented database..
Mar 21 15:41:53 syam mongod[3095]: Starting mongod: [ OK ]Fix a MongoDB Error
MongoDB is installed. Now we can access the mongodb shell by using the command below:
#mongoYou will probably see this error about ulimit configuration on the server.
** WARNING: soft rlimits too low. rlimits set to 4096 processes, 64000 files. Number of processes should be at least 32000…
the MongoDB database is running under the user ‘mongod’. Go to the ‘security’ directory and edit the ‘limits.conf’ configuration file.
#cd /etc/security/
#vi limits.confPaste new configuration below to the end of the file:
mongod soft nproc 64000
mongod hard nproc 64000
mongod soft nofile 64000
mongod hard nofile 64000Save the limits.conf file.
#systemctl restart mongod
#mongo
[root@syam ~]# mongo
MongoDB shell version: 3.2.22
connecting to: test
> Type in the MongoDB query below to create the new administrator user:
[root@syam ~]# mongo
MongoDB shell version: 3.2.22
connecting to: test
> use admin
switched to db admin
> db.createUser(
... {
... user: "syam",
... pwd: "syam123!@#",
... roles: [ { role: "userAdminAnyDatabase", db: "admin" } ]
... }
... )
Successfully added user: {
"user" : "syam",
"roles" : [
{
"role" : "userAdminAnyDatabase",
"db" : "admin"
}
]
}
> show users
{
"_id" : "admin.admin",
"user" : "admin",
"db" : "admin",
"roles" : [
{
"role" : "userAdminAnyDatabase",
"db" : "admin"
}
]
}
{
"_id" : "admin.syam",
"user" : "syam",
"db" : "admin",
"roles" : [
{
"role" : "userAdminAnyDatabase",
"db" : "admin"
}
]
}
> Enable User Authentication in MongoDB
Enable authentication for users to prevent that another user without sufficient privileges is able to see the data on the database.
On our CentOS 7 server, MongoDB is running under systemd with an init script in the ‘/etc/init.d/’ dirctory. We will edit that script to force the mongodb service to run with the ‘–auth’ option.
Go to the ‘/etc/init.d/’ directory and edit the “mongod” file:
#cd /etc/init.d/
vi mongodIn line 15 edit the following as follows,
OPTIONS=" --auth -f $CONFIGFILE"save and exit editor
Reload the systemd service and restart MongoDB.
systemctl daemon-reload
systemctl restart mongodNext, we have to test the configuration by logging into the mongo shell and switch to the admin database, then try to see the admin users.
mongo
use admin
show users
You will see an error about the unauthorised execution of the command in the database admin. Now we need to use the command ‘db.auth()’ for the authentication.
db.auth('admin', 'admin123')Please see the mongo console details
[root@syam init.d]# mongo
MongoDB shell version: 3.2.22
connecting to: test
> use admin
switched to db admin
> show users
2019-03-23T04:07:59.196+0000 E QUERY [thread1] Error: not authorized on admin to execute command { usersInfo: 1.0 } :
_getErrorWithCode@src/mongo/shell/utils.js:25:13
DB.prototype.getUsers@src/mongo/shell/db.js:1523:1
shellHelper.show@src/mongo/shell/utils.js:764:9
shellHelper@src/mongo/shell/utils.js:671:15
@(shellhelp2):1:1
> db.auth('admin', 'admin123')
1
> show users
{
"_id" : "admin.admin",
"user" : "admin",
"db" : "admin",
"roles" : [
{
"role" : "userAdminAnyDatabase",
"db" : "admin"
}
]
}
{
"_id" : "admin.syam",
"user" : "syam",
"db" : "admin",
"roles" : [
{
"role" : "userAdminAnyDatabase",
"db" : "admin"
}
]
}
>
Thats it…
Connect with root is not advisable. It’s better todo connect as unpriviledge user and use sudo.