Difference between revisions of "MongoDB"

From RHS Wiki
Jump to navigation Jump to search
 
(25 intermediate revisions by the same user not shown)
Line 1: Line 1:
 
== Installation ==
 
== Installation ==
=== Ubuntu 14.04 ===
+
=== Ubuntu 14.04, 15.10 ===
 
  sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv EA312927
 
  sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv EA312927
 
  echo "deb http://repo.mongodb.org/apt/ubuntu trusty/mongodb-org/3.2 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-3.2.list
 
  echo "deb http://repo.mongodb.org/apt/ubuntu trusty/mongodb-org/3.2 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-3.2.list
 
  sudo apt-get update
 
  sudo apt-get update
 +
==== Client and Server ====
 
  sudo apt-get install -y mongodb-org
 
  sudo apt-get install -y mongodb-org
  # Specific version install: sudo apt-get install -y mongodb-org=3.2.1 mongodb-org-server=3.2.1 mongodb-org-shell=3.2.1 mongodb-org-mongos=3.2.1 mongodb-org-tools=3.2.1
+
==== Client only ====
 +
sudo apt-get install mongodb-clients
 +
Check if service is active
 +
sudo systemctl status mongd
 +
If it's not working
 +
sudo reboot
 +
If it still not working, create and run the script enable_mongo.sh with:<br />
 +
<source lang="bash">echo '[Unit]
 +
Description=High-performance, schema-free document-oriented database
 +
After=syslog.target network.target
 +
 +
[Service]
 +
User=mongodb
 +
Group=mongodb
 +
ExecStart=/usr/bin/mongod -f /etc/mongod.conf
 +
 +
[Install]
 +
WantedBy=multi-user.target' > /lib/systemd/system/mongod.service
 +
 
 +
# Setup the required directories
 +
mkdir -p /var/run/mongodb/
 +
mkdir -p /var/log/mongodb/
 +
mkdir -p /var/lib/mongodb/
 +
mkdir -p /data/db/
 +
 
 +
chown mongodb:mongodb /var/run/mongodb/
 +
chown mongodb:mongodb /var/log/mongodb/
 +
chown mongodb:mongodb /var/lib/mongodb/
 +
chown mongodb:mongodb /data/db
 +
 
 +
chmod 0755 /var/log/mongodb/
 +
chmod 0755 /var/run/mongodb/
 +
chmod 0755 /var/lib/mongodb/
 +
chmod 0755 /data/db/
 +
 
 +
# Start the new service and enable it on boot
 +
systemctl --system daemon-reload
 +
systemctl enable mongod.service
 +
 
 +
echo "Starting"
 +
systemctl start mongod.service</source>
 +
 
 +
  # Specific version install: sudo apt-get install -y mongodb-org=3.2.1 mongodb-org-server=3.2.1 mongodb-org-shell=3.2.1 mongodb-org-mongos=3.2.1 mongodb-org-tools=3.2.1<br />
 +
 
 +
=== Enable authentication ===
 +
* Connect to mongo instance:
 +
mongo
 +
* Add an admin user:
 +
<nowiki>
 +
use admin
 +
db.createUser(
 +
  {
 +
    user: "myUserAdmin",
 +
    pwd: "abc123",
 +
    roles: [ { role: "userAdminAnyDatabase", db: "admin" } ]
 +
  }
 +
)</nowiki>
 +
 
 +
* Edit configuration file
 +
sudo nano /etc/mongod.conf
 +
 
 +
* Restart mongoDB server:
 +
sudo service mongod restart
 +
 
 +
* connect to your instance:
 +
<nowiki>security:
 +
  authorization: enabled</nowiki>
 +
==== Add user roles ====
 +
<nowiki>use reporting
 +
db.grantRolesToUser(
 +
    "reportsUser",
 +
    [
 +
      { role: "read", db: "accounts" }
 +
    ]
 +
)</nowiki>
 +
==== Revoke user roles ====
 +
<nowiki>use reporting
 +
db.revokeRolesFromUser(
 +
    "reportsUser",
 +
    [
 +
      { role: "readWrite", db: "accounts" }
 +
    ]
 +
)</nowiki>
 +
 
 +
==== Create User ====
 +
<nowiki>use test
 +
db.createUser(
 +
    {
 +
      user: "tester",
 +
      pwd: "password",
 +
      roles: [
 +
        { role: "read", db: "test1" },
 +
        { role: "read", db: "test2" },
 +
        { role: "read", db: "test3" },
 +
        { role: "readWrite", db: "test" }
 +
      ]
 +
    }
 +
);</nowiki>
 +
or
 +
<nowiki>use products
 +
db.addUser( { user: "Alice",
 +
              pwd: "Moon1234",
 +
              roles: [ "readWrite", "dbAdmin" ]
 +
            } )</nowiki>
 +
or
 +
<nowiki>db.createUser(
 +
...        {
 +
...          user: "....",
 +
...          pwd: ".........",
 +
...          roles: [ "readWrite" ]
 +
...        }
 +
... )
 +
</nowiki>
 +
 
 +
==== Drop User ====
 +
<nowiki>db.dropUser(username)}</nowiki>
 +
 
 +
=== Enable remote connections ===
 +
* Edit /etc/mongodb.conf
 +
* Add the ip's you whish to enable for remote access to bind_ip separated by ',' (Dont remove 127.0.0.1!!)
 +
bind_ip = 127.0.0.1,192.168.56.222
 +
 
 +
=== Disable Transparent Huge Pages (THP) ===
 +
Create the init.d script.<br />
 +
Create the following file at /etc/init.d/disable-transparent-hugepages:
 +
<source lang="bash">#!/bin/sh
 +
### BEGIN INIT INFO
 +
# Provides:          disable-transparent-hugepages
 +
# Required-Start:    $local_fs
 +
# Required-Stop:
 +
# X-Start-Before:    mongod mongodb-mms-automation-agent
 +
# Default-Start:    2 3 4 5
 +
# Default-Stop:      0 1 6
 +
# Short-Description: Disable Linux transparent huge pages
 +
# Description:      Disable Linux transparent huge pages, to improve
 +
#                    database performance.
 +
### END INIT INFO
 +
 
 +
case $1 in
 +
  start)
 +
    if [ -d /sys/kernel/mm/transparent_hugepage ]; then
 +
      thp_path=/sys/kernel/mm/transparent_hugepage
 +
    elif [ -d /sys/kernel/mm/redhat_transparent_hugepage ]; then
 +
      thp_path=/sys/kernel/mm/redhat_transparent_hugepage
 +
    else
 +
      return 0
 +
    fi
 +
 
 +
    echo 'never' > ${thp_path}/enabled
 +
    echo 'never' > ${thp_path}/defrag
 +
 
 +
    unset thp_path
 +
    ;;
 +
esac</source>
 +
Make it executable:
 +
sudo chmod 755 /etc/init.d/disable-transparent-hugepages
 +
Configure your operating system to run it on boot.<br />
 +
 
 +
Use the appropriate command to configure the new init script on your Linux distribution.<br />
 +
 
 +
Distribution Command<br />
 +
 
 +
Ubuntu and Debian <nowiki>sudo update-rc.d disable-transparent-hugepages defaults</nowiki><br />
 +
SUSE <nowiki>sudo insserv /etc/init.d/disable-transparent-hugepages</nowiki><br />
 +
Red Hat, CentOS, Amazon Linux, and derivatives <nowiki>sudo chkconfig --add disable-transparent-hugepages</nowiki><br />
  
 
== Start/Stop/Restart MongoDB ==
 
== Start/Stop/Restart MongoDB ==
Line 15: Line 180:
  
 
== Guides ==
 
== Guides ==
 +
[https://docs.mongodb.org/manual/tutorial/enable-authentication/ Enable authentication]<br />
 
[https://docs.mongodb.org/manual/#getting-started Getting Started]<br />
 
[https://docs.mongodb.org/manual/#getting-started Getting Started]<br />
 
[https://docs.mongodb.org/manual/administration/production-notes/ Before deploying MongoDB in a production environment]<br />
 
[https://docs.mongodb.org/manual/administration/production-notes/ Before deploying MongoDB in a production environment]<br />
Line 58: Line 224:
 
| Not Equals || {<key>:{$ne:<value>}} || db.mycol.find({"likes":{$ne:50}}).pretty() || where likes != 50
 
| Not Equals || {<key>:{$ne:<value>}} || db.mycol.find({"likes":{$ne:50}}).pretty() || where likes != 50
 
|}
 
|}
 +
 +
AND / OR Example:<br />
 +
Likes greater than 100 and whose title is either 'MongoDB Overview' or by is 'tutorials point'.<br />
 +
Equivalent sql where clause is 'where likes>10 AND (by = 'tutorials point' OR title = 'MongoDB Overview')'
 +
db.mycol.find({"likes": {$gt:10}, $or: [{"by": "tutorials point"}, {"title": "MongoDB Overview"}]}).pretty()
 +
 +
== Security ==
 +
To enable Client Access Control follow this steps:
 +
# Start the mongod service if not already running
 +
#:<pre>sudo service mongod start
 +
#:: or if runnig mongo directly:
 +
#::mongod --port 27017 --dbpath /data/db1</pre>
 +
# Connect to the mongo instance without access control
 +
#:<pre>mongo --port 27017</pre>
 +
# Create the user administrator
 +
#:<pre>
 +
#::use admin
 +
#::db.createUser(
 +
#::{
 +
#::    user: "myUserAdmin",
 +
#::    pwd: "abc123",
 +
#::    roles: [ { role: "root", db: "admin" } ]
 +
#::  }
 +
#::)</pre>
 +
# Edit /etc/mongod.conf, add:
 +
#:<pre>security:
 +
#::  authorization: enabled</pre>
 +
# Restart mongo service
 +
#:<pre> sudo service mongod restart</pre>
 +
# Connect to the mongo instance as the administrator:
 +
#:<pre>mongo --port 27017 -u "myUserAdmin" -p "abc123" --authenticationDatabase "admin"</pre>
 +
# Create Additional users as needed. Example:
 +
#:<pre>use reporting
 +
#::db.createUser(
 +
#::    {
 +
#::      user: "reportsUser",
 +
#::      pwd: "12345678",
 +
#::      roles: [
 +
#::        { role: "read", db: "reporting" },
 +
#::        { role: "read", db: "products" },
 +
#::        { role: "read", db: "sales" },
 +
#::        { role: "readWrite", db: "accounts" }
 +
#::      ]
 +
#::    }
 +
#::)</pre>

Latest revision as of 23:33, 8 April 2016

Installation[edit]

Ubuntu 14.04, 15.10[edit]

sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv EA312927
echo "deb http://repo.mongodb.org/apt/ubuntu trusty/mongodb-org/3.2 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-3.2.list
sudo apt-get update

Client and Server[edit]

sudo apt-get install -y mongodb-org

Client only[edit]

sudo apt-get install mongodb-clients

Check if service is active 

sudo systemctl status mongd

If it's not working 

sudo reboot

If it still not working, create and run the script enable_mongo.sh with:

echo '[Unit]
Description=High-performance, schema-free document-oriented database
After=syslog.target network.target
 
[Service]
User=mongodb
Group=mongodb
ExecStart=/usr/bin/mongod -f /etc/mongod.conf
 
[Install]
WantedBy=multi-user.target' > /lib/systemd/system/mongod.service

# Setup the required directories
mkdir -p /var/run/mongodb/
mkdir -p /var/log/mongodb/
mkdir -p /var/lib/mongodb/
mkdir -p /data/db/

chown mongodb:mongodb /var/run/mongodb/
chown mongodb:mongodb /var/log/mongodb/
chown mongodb:mongodb /var/lib/mongodb/
chown mongodb:mongodb /data/db

chmod 0755 /var/log/mongodb/
chmod 0755 /var/run/mongodb/
chmod 0755 /var/lib/mongodb/
chmod 0755 /data/db/

# Start the new service and enable it on boot
systemctl --system daemon-reload
systemctl enable mongod.service

echo "Starting"
systemctl start mongod.service

# Specific version install: sudo apt-get install -y mongodb-org=3.2.1 mongodb-org-server=3.2.1 mongodb-org-shell=3.2.1 mongodb-org-mongos=3.2.1 mongodb-org-tools=3.2.1

Enable authentication[edit]

  • Connect to mongo instance:
mongo
  • Add an admin user:
use admin
db.createUser(
  {
    user: "myUserAdmin",
    pwd: "abc123",
    roles: [ { role: "userAdminAnyDatabase", db: "admin" } ]
  }
)
  • Edit configuration file
sudo nano /etc/mongod.conf
  • Restart mongoDB server:
sudo service mongod restart
  • connect to your instance:
security:
  authorization: enabled

Add user roles[edit]

use reporting
db.grantRolesToUser(
    "reportsUser",
    [
      { role: "read", db: "accounts" }
    ]
)

Revoke user roles[edit]

use reporting
db.revokeRolesFromUser(
    "reportsUser",
    [
      { role: "readWrite", db: "accounts" }
    ]
)

Create User[edit]

use test
db.createUser(
    {
      user: "tester",
      pwd: "password",
      roles: [
         { role: "read", db: "test1" },
         { role: "read", db: "test2" },
         { role: "read", db: "test3" },
         { role: "readWrite", db: "test" }
      ]
    }
);

or 

use products
db.addUser( { user: "Alice",
              pwd: "Moon1234",
              roles: [ "readWrite", "dbAdmin" ]
            } )

or 

db.createUser(
...        {
...           user: "....",
...           pwd: ".........",
...           roles: [ "readWrite" ]
...        }
... )

Drop User[edit]

db.dropUser(username)}

Enable remote connections[edit]

  • Edit /etc/mongodb.conf
  • Add the ip's you whish to enable for remote access to bind_ip separated by ',' (Dont remove 127.0.0.1!!)
bind_ip = 127.0.0.1,192.168.56.222

Disable Transparent Huge Pages (THP)[edit]

Create the init.d script.
Create the following file at /etc/init.d/disable-transparent-hugepages: 

#!/bin/sh
### BEGIN INIT INFO
# Provides:          disable-transparent-hugepages
# Required-Start:    $local_fs
# Required-Stop:
# X-Start-Before:    mongod mongodb-mms-automation-agent
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Disable Linux transparent huge pages
# Description:       Disable Linux transparent huge pages, to improve
#                    database performance.
### END INIT INFO

case $1 in
  start)
    if [ -d /sys/kernel/mm/transparent_hugepage ]; then
      thp_path=/sys/kernel/mm/transparent_hugepage
    elif [ -d /sys/kernel/mm/redhat_transparent_hugepage ]; then
      thp_path=/sys/kernel/mm/redhat_transparent_hugepage
    else
      return 0
    fi

    echo 'never' > ${thp_path}/enabled
    echo 'never' > ${thp_path}/defrag

    unset thp_path
    ;;
esac

Make it executable: 

sudo chmod 755 /etc/init.d/disable-transparent-hugepages

Configure your operating system to run it on boot.

Use the appropriate command to configure the new init script on your Linux distribution.

Distribution Command

Ubuntu and Debian sudo update-rc.d disable-transparent-hugepages defaults
SUSE sudo insserv /etc/init.d/disable-transparent-hugepages
Red Hat, CentOS, Amazon Linux, and derivatives sudo chkconfig --add disable-transparent-hugepages

Start/Stop/Restart MongoDB[edit]

sudo service mongod start | stop | restart

Verify that MongoDB has started successfully[edit]

Verify that the mongod process has started successfully by checking the contents of the log file at /var/log/mongodb/mongod.log for a line reading 

[initandlisten] waiting for connections on port <port>

Guides[edit]

Enable authentication
Getting Started
Before deploying MongoDB in a production environment
Manage user accounts and roles

Data directories[edit]

/var/log/mongodb
/var/lib/mongodb

Create Database[edit]

use DATABASE_NAME

Show databases[edit]

show dbs
db.adminCommand('listDatabases')
db.getMongo().getDBNames()
  • To view databases they must have data

To show the current database type: 

db

Insert[edit]

db.COLLECTION_NAME.insert({"name":"data1"})

Get Colection Names[edit]

db.getCollectionNames()

Query[edit]

db.COLLECTION_NAME.find()
db.COLLECTION_NAME.find({"name": "data1"})

RDBMS Where Clause Equivalents in MongoDB

Operation Syntax Example RDBMS Equivalent
Equality {<key>:<value>} db.mycol.find({"by":"tutorials point"}).pretty() where by = 'tutorials point'
Less Than {<key>:{$lt:<value>}} db.mycol.find({"likes":{$lt:50}}).pretty() where likes < 50
Less Than Equals {<key>:{$lte:<value>}} db.mycol.find({"likes":{$lte:50}}).pretty() where likes <= 50
Greater Than {<key>:{$gt:<value>}} db.mycol.find({"likes":{$gt:50}}).pretty() where likes > 50
Greater Than Equals {<key>:{$gte:<value>}} db.mycol.find({"likes":{$gte:50}}).pretty() where likes >= 50
Not Equals {<key>:{$ne:<value>}} db.mycol.find({"likes":{$ne:50}}).pretty() where likes != 50

AND / OR Example:
Likes greater than 100 and whose title is either 'MongoDB Overview' or by is 'tutorials point'.
Equivalent sql where clause is 'where likes>10 AND (by = 'tutorials point' OR title = 'MongoDB Overview')' 

db.mycol.find({"likes": {$gt:10}, $or: [{"by": "tutorials point"}, {"title": "MongoDB Overview"}]}).pretty()

Security[edit]

To enable Client Access Control follow this steps:

  1. Start the mongod service if not already running 
    sudo service mongod start

    or if runnig mongo directly:
    

    mongod --port 27017 --dbpath /data/db1
  2. Connect to the mongo instance without access control 
    mongo --port 27017
  3. Create the user administrator 
    use admin
    

    db.createUser(
    

    {
    

    user: "myUserAdmin",
    

    pwd: "abc123",
    

    roles: [ { role: "root", db: "admin" } ]
    

    }
    

    )
  4. Edit /etc/mongod.conf, add: 
    security:

    authorization: enabled
  5. Restart mongo service 
     sudo service mongod restart
  6. Connect to the mongo instance as the administrator: 
    mongo --port 27017 -u "myUserAdmin" -p "abc123" --authenticationDatabase "admin"
  7. Create Additional users as needed. Example: 
    use reporting

    db.createUser(
    

    {
    

    user: "reportsUser",
    

    pwd: "12345678",
    

    roles: [
    

    { role: "read", db: "reporting" },
    

    { role: "read", db: "products" },
    

    { role: "read", db: "sales" },
    

    { role: "readWrite", db: "accounts" }
    

    ]
    

    }
    

    )
Retrieved from "https://wiki.herrerosolis.com/index.php?title=MongoDB&oldid=856"