MongoDB is an object-oriented, simple and dynamic database. It is based on NoSQL document store, where data objects are stored as separate documents in a collection. MongoDB is implemented in C++ language and is available for Windows, Mac OS and Linux Operating systems supported by both 32 and 64-bit systems. This guide provides a systematic illustration on how to install MongoDB 4.4 on Rocky Linux 8.

MongoDB is simple to install, it uses JSON or BSOn to store data. There is a collection of concepts in MongoDB such as:

SQL ServerMongoDB
1. DatabaseDatabase
2. IndexIndex
3. ColumnField
4. TableCollection
5. JoiningLinking & Embedding
6. PartitionSharding (Range Partition)
7. ReplicationReplSet
8. RowDocument

MongoDB is good for:

  • configuration management
  • Evolving data requirements.
  • Blogs and content management.
  • Maintaining Geo-spatial data.
  • Mobile and social networking sites
  • E-commerce product catalogue.
  • Real-time analytics and high-speed logging

MongoDB has many amazing features such as:

  1. Load balancing
  2. Sharding
  3. Proper indexing
  4. Has Ad-hoc queries for real time analytics
  5. Replication for data stability and availability.

Install MongoDB 4.4 on Rocky Linux 8

Before we do the installation, we first need to add MongoDB repositories to our system.

Step 1: Add MongoDB repository to Rocky Linux 8

During the time of this documentation, default repositories do not provide MongoDB packages. Therefore, we need to create the repositories before we can download MongoDB packages. This repository installs MongoDB 4.4 stable version.

sudo tee /etc/yum.repos.d/mongodb-org-4.4.repo<<EOF
[mongodb-org-4.4]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/4.4/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-4.4.asc
EOF

Step 2: Install MongoDB 4.4 on Rocky Linux 8

With repositories successfully added, we now install MongoDB 4.4 on Rocky Linux 8 as below.

sudo dnf install mongodb-org

Here is the installation dependency tree, accept installation:

Dependencies resolved.
================================================================================
 Package                           Arch    Version       Repository        Size
================================================================================
Installing:
 mongodb-org                       x86_64  4.4.6-1.el8   mongodb-org-4.4   11 k
Installing dependencies:
 mongodb-database-tools            x86_64  100.3.1-1     mongodb-org-4.4   54 M
 mongodb-org-database-tools-extra  x86_64  4.4.6-1.el8   mongodb-org-4.4   23 k
 mongodb-org-mongos                x86_64  4.4.6-1.el8   mongodb-org-4.4   17 M
 mongodb-org-server                x86_64  4.4.6-1.el8   mongodb-org-4.4   22 M
 mongodb-org-shell                 x86_64  4.4.6-1.el8   mongodb-org-4.4   14 M
 mongodb-org-tools                 x86_64  4.4.6-1.el8   mongodb-org-4.4   11 k

Transaction Summary
================================================================================
Install  7 Packages

Total download size: 106 M
Installed size: 342 M
Is this ok [y/N]: y

Once the installation is complete, confirm your installed version by executing:

$ mongod --version
db version v4.4.6
Build Info: {
    "version": "4.4.6",
    "gitVersion": "72e66213c2c3eab37d9358d5e78ad7f5c1d0d0d7",
    "openSSLVersion": "OpenSSL 1.1.1g FIPS  21 Apr 2020",
    "modules": [],
    "allocator": "tcmalloc",
    "environment": {
        "distmod": "rhel80",
        "distarch": "x86_64",
        "target_arch": "x86_64"
    }
}

Configure MongoDB on Rocky Linux 8

Now that we have installed MongoDB, we need to make a few configurations.

Step 1: Start and Enable Service.

Ensure MongoDb starts and runs automatically on boot.

sudo systemctl start mongod
sudo systemctl enable mongod

Check the status of the service.

$ sudo systemctl status mongod
 mongod.service - MongoDB Database Server
   Loaded: loaded (/usr/lib/systemd/system/mongod.service; enabled; vendor pres>
   Active: active (running) since Wed 2021-07-07 16:49:35 EAT; 12s ago
     Docs: https://docs.mongodb.org/manual
 Main PID: 6224 (mongod)
   Memory: 62.9M
   CGroup: /system.slice/mongod.service
           └─6224 /usr/bin/mongod -f /etc/mongod.conf

Step 2: Secure MongoDB instance

MongoDB database after installation has no security. One can access it without a password and alter the database. Therefore there is need to create a username and a password in MongoDB.

First connect to MongoDB database by executing:

mongo

Then add a user mongouser which you can alter with your desired user name. After adding the below script, you will be required to set a password for the created user.

use admin
db.createUser(
{
user: "mongouser",
pwd: passwordPrompt(), // or cleartext password
roles: [ { role: "userAdminAnyDatabase", db: "admin" }, "readWriteAnyDatabase" ]
}
)

Sample output for the above code:

> use admin
switched to db admin
> db.createUser(
... {
... user: "mongouser",
... pwd: passwordPrompt(), // or cleartext password
... roles: [ { role: "userAdminAnyDatabase", db: "admin" }, "readWriteAnyDatabase" ]
... }
... )
Enter password: 
Successfully added user: {
	"user" : "mongouser",
	"roles" : [
		{
			"role" : "userAdminAnyDatabase",
			"db" : "admin"
		},
		"readWriteAnyDatabase"
	]
}
> exit
bye

Edit MongoDB configuration file and enable authentication

sudo vi /etc/mongod.conf

While in the file, find the #security line, uncomment it and add authentication as below.

security:
authorization: enabled

Save the file and reload MongoDB service.

sudo systemctl restart mongod

The clients now need to authenticate themselves before connecting to the database. They will use the following syntax

mongo --port 27017 --authenticationDatabase "admin" -u "your-user" -p

Using MongoDB 4.4 on Rocky Linux 8

MongoDB has a default listening port 27017. From the localhost, you start MongoDB shell by executing this command:

$ mongo

While in MongoDB shell you can do the following:

1. List available databases

> db
test

2. To create a database

In MongoDB, databases are created by simply switching to a non existing database and specifying the name of the database to create as below (the new database is mongodbtest)

use mongodbtest

You can now add data to the database as below

db.userdetails.insertOne(
   { "F_Name" : "fname",
     "L_NAME" : "lname",
     "ID_NO" : "12345",
     "AGE" : "19",
     "TEL" : "654321"
   }
)

show collections in the database

show collections

3. Create a user with read and write privileges

use testdatabase

Assign permissions to the user.

db.createUser(
   {
     user: 'testuser',
     pwd: '[email protected]',
     roles: [ { role: 'readWrite', db: 'testdatabase' } ]
   }
 );

4. Use a specific database

use database-name

5. Create an admin for a specific database

use testdatabase

create the admin

db.createUser(
  {
    user: 'testadmin',
    pwd: '[email protected]',
    roles: [ { role: 'userAdmin', db: 'testdatabase' } ]
  }
);

6. Create an overall admin

use admin

assign privileges and password

db.createUser(
  {
    user: 'admin',
    pwd: '[email protected]',
    roles: [ { role: 'userAdminAnyDatabase', db: 'admin' } ]
  }
);

Change MongoDB default Path

By default MongoDB stores data in /var/lib/mongo. However, this directory can be changed as below.

1. Stop MongoDB service

sudo systemctl stop mongod.service

2. Create a new directory to store MongoDB data.

sudo mkdir -p /data/techviewleo/mongo

Set the owner of the directory to MongoDB

sudo chown -R mongod:mongod /data/techviewleo/mongo

3. Modify /etc/mongod.conf as below

sudo vi /etc/mongod.conf

Edit the paths as below

path: /data/techviewleo/log/mongodb/mongod.log   #where to write logging data.
dbPath: /data/techviewleo/mongo    #Where and how to store data.
 pidFilePath: /data/techviewleo/mongodb/mongod.pid  # location of pidfile

4. Ensure that Mongod user has access to the directory

sudo chown -R mongod:mongod /data/techviewleo/mongo/

5. conigure SELinux and its enforcing mode. When MongoDB path is changed, SELinux does not allow MongoDB to access /sys/fs/cgroup. Ensure check policy is installed to run SELinux in enforce mode

$ sudo yum install checkpolicy
# or
$ sudo yum install policycoreutils-python

Now create a policy file named mongodb_cgroup_memory.te this information as below:

cat > mongodb_cgroup_memory.te <<EOF
module mongodb_cgroup_memory 1.0;

require {
    type cgroup_t;
    type mongod_t;
    class dir search;
    class file { getattr open read };
}

#============= mongod_t ==============
allow mongod_t cgroup_t:dir search;
allow mongod_t cgroup_t:file { getattr open read };
EOF

Compile and load the above created policy.

checkmodule -M -m -o mongodb_cgroup_memory.mod mongodb_cgroup_memory.te
semodule_package -o mongodb_cgroup_memory.pp -m mongodb_cgroup_memory.mod
sudo semodule -i mongodb_cgroup_memory.pp

With custom policy compiled, load 3 directories i.e data directory, log file directory and pid file directory with the following commands:

1. Data Directory

The data directory is loaded with these commands:

semanage fcontext -a -t mongod_var_lib_t '/data/techviewleo/mongo.*'
chcon -Rv -u system_u -t mongod_var_lib_t '/data/techviewleo/mongo'
restorecon -R -v '/data/techviewleo/mongo'

2. Log File Directory

The log file Directory is loaded with these commands.

semanage fcontext -a -t mongod_log_t '/data/techviewleo/log/mongodb/mongod.*'
chcon -Rv -u system_u -t mongod_log_t '/data/techviewleo/log/mongodb/mongod.log'
restorecon -R -v '/data/techviewleo/log/mongodb/mongod.log'

3. PID Directory

Finally load the PID directory with:

semanage fcontext -a -t mongod_var_run_t '/data/techviewleo/mongodb/mongod.*'
chcon -Rv -u system_u -t mongod_var_run_t '/data/techviewleo/mongodb/mongod.pid'
restorecon -R -v '/data/techviewleo/mongodb/mongod.pid'

4. Finally update the firewall and iptables as below:

For firewalld use:

firewall-cmd --zone=public --add-port=27017/tcp --permanent
firewall-cmd --reload

For Iptables use:

iptables -A INPUT -p tcp --dport 27017 -j ACCEPT
iptables-save | grep 27017

Now reload and restart MongoDB service.

sudo systemctl daemon-reload
sudo systemctl start mongod.service

If MongoDB fails, reload the daemon and start it again.

sudo systemctl daemon-reload
sudo systemctl start mongod

Now your MongoDB directory has been changed to (/data/techviewleo/mongo)

Conclusion

In the above article, I have demonstrated how to install MongoDB 4.4 on Rocky Linux 8. I have also illustrated how to secure, configure and use MongoDB.

Find related articles on our website:

How To Install MongoDB on Oracle Linux 8

Install MongoDB on Amazon Linux 2

LEAVE A REPLY

Please enter your comment!
Please enter your name here