Difference between revisions of "MongoDB"
Jump to navigation
Jump to search
Rafahsolis (talk | contribs) |
Rafahsolis (talk | contribs) |
||
| (26 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
== Installation == | == Installation == | ||
| − | === Ubuntu 14.04 === | + | === Ubuntu 14.04, 15.10 === |
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv EA312927 | sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv EA312927 | ||
echo "deb http://repo.mongodb.org/apt/ubuntu trusty/mongodb-org/3.2 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-3.2.list | echo "deb http://repo.mongodb.org/apt/ubuntu trusty/mongodb-org/3.2 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-3.2.list | ||
sudo apt-get update | sudo apt-get update | ||
| + | ==== Client and Server ==== | ||
sudo apt-get install -y mongodb-org | sudo apt-get install -y mongodb-org | ||
| − | # Specific version install: sudo apt-get install -y mongodb-org=3.2.1 mongodb-org-server=3.2.1 mongodb-org-shell=3.2.1 mongodb-org-mongos=3.2.1 mongodb-org-tools=3.2.1 | + | ==== Client only ==== |
| + | sudo apt-get install mongodb-clients | ||
| + | Check if service is active | ||
| + | sudo systemctl status mongd | ||
| + | If it's not working | ||
| + | sudo reboot | ||
| + | If it still not working, create and run the script enable_mongo.sh with:<br /> | ||
| + | <source lang="bash">echo '[Unit] | ||
| + | Description=High-performance, schema-free document-oriented database | ||
| + | After=syslog.target network.target | ||
| + | |||
| + | [Service] | ||
| + | User=mongodb | ||
| + | Group=mongodb | ||
| + | ExecStart=/usr/bin/mongod -f /etc/mongod.conf | ||
| + | |||
| + | [Install] | ||
| + | WantedBy=multi-user.target' > /lib/systemd/system/mongod.service | ||
| + | |||
| + | # Setup the required directories | ||
| + | mkdir -p /var/run/mongodb/ | ||
| + | mkdir -p /var/log/mongodb/ | ||
| + | mkdir -p /var/lib/mongodb/ | ||
| + | mkdir -p /data/db/ | ||
| + | |||
| + | chown mongodb:mongodb /var/run/mongodb/ | ||
| + | chown mongodb:mongodb /var/log/mongodb/ | ||
| + | chown mongodb:mongodb /var/lib/mongodb/ | ||
| + | chown mongodb:mongodb /data/db | ||
| + | |||
| + | chmod 0755 /var/log/mongodb/ | ||
| + | chmod 0755 /var/run/mongodb/ | ||
| + | chmod 0755 /var/lib/mongodb/ | ||
| + | chmod 0755 /data/db/ | ||
| + | |||
| + | # Start the new service and enable it on boot | ||
| + | systemctl --system daemon-reload | ||
| + | systemctl enable mongod.service | ||
| + | |||
| + | echo "Starting" | ||
| + | systemctl start mongod.service</source> | ||
| + | |||
| + | # Specific version install: sudo apt-get install -y mongodb-org=3.2.1 mongodb-org-server=3.2.1 mongodb-org-shell=3.2.1 mongodb-org-mongos=3.2.1 mongodb-org-tools=3.2.1<br /> | ||
| + | |||
| + | === Enable authentication === | ||
| + | * Connect to mongo instance: | ||
| + | mongo | ||
| + | * Add an admin user: | ||
| + | <nowiki> | ||
| + | use admin | ||
| + | db.createUser( | ||
| + | { | ||
| + | user: "myUserAdmin", | ||
| + | pwd: "abc123", | ||
| + | roles: [ { role: "userAdminAnyDatabase", db: "admin" } ] | ||
| + | } | ||
| + | )</nowiki> | ||
| + | |||
| + | * Edit configuration file | ||
| + | sudo nano /etc/mongod.conf | ||
| + | |||
| + | * Restart mongoDB server: | ||
| + | sudo service mongod restart | ||
| + | |||
| + | * connect to your instance: | ||
| + | <nowiki>security: | ||
| + | authorization: enabled</nowiki> | ||
| + | ==== Add user roles ==== | ||
| + | <nowiki>use reporting | ||
| + | db.grantRolesToUser( | ||
| + | "reportsUser", | ||
| + | [ | ||
| + | { role: "read", db: "accounts" } | ||
| + | ] | ||
| + | )</nowiki> | ||
| + | ==== Revoke user roles ==== | ||
| + | <nowiki>use reporting | ||
| + | db.revokeRolesFromUser( | ||
| + | "reportsUser", | ||
| + | [ | ||
| + | { role: "readWrite", db: "accounts" } | ||
| + | ] | ||
| + | )</nowiki> | ||
| + | |||
| + | ==== Create User ==== | ||
| + | <nowiki>use test | ||
| + | db.createUser( | ||
| + | { | ||
| + | user: "tester", | ||
| + | pwd: "password", | ||
| + | roles: [ | ||
| + | { role: "read", db: "test1" }, | ||
| + | { role: "read", db: "test2" }, | ||
| + | { role: "read", db: "test3" }, | ||
| + | { role: "readWrite", db: "test" } | ||
| + | ] | ||
| + | } | ||
| + | );</nowiki> | ||
| + | or | ||
| + | <nowiki>use products | ||
| + | db.addUser( { user: "Alice", | ||
| + | pwd: "Moon1234", | ||
| + | roles: [ "readWrite", "dbAdmin" ] | ||
| + | } )</nowiki> | ||
| + | or | ||
| + | <nowiki>db.createUser( | ||
| + | ... { | ||
| + | ... user: "....", | ||
| + | ... pwd: ".........", | ||
| + | ... roles: [ "readWrite" ] | ||
| + | ... } | ||
| + | ... ) | ||
| + | </nowiki> | ||
| + | |||
| + | ==== Drop User ==== | ||
| + | <nowiki>db.dropUser(username)}</nowiki> | ||
| + | |||
| + | === Enable remote connections === | ||
| + | * Edit /etc/mongodb.conf | ||
| + | * Add the ip's you whish to enable for remote access to bind_ip separated by ',' (Dont remove 127.0.0.1!!) | ||
| + | bind_ip = 127.0.0.1,192.168.56.222 | ||
| + | |||
| + | === Disable Transparent Huge Pages (THP) === | ||
| + | Create the init.d script.<br /> | ||
| + | Create the following file at /etc/init.d/disable-transparent-hugepages: | ||
| + | <source lang="bash">#!/bin/sh | ||
| + | ### BEGIN INIT INFO | ||
| + | # Provides: disable-transparent-hugepages | ||
| + | # Required-Start: $local_fs | ||
| + | # Required-Stop: | ||
| + | # X-Start-Before: mongod mongodb-mms-automation-agent | ||
| + | # Default-Start: 2 3 4 5 | ||
| + | # Default-Stop: 0 1 6 | ||
| + | # Short-Description: Disable Linux transparent huge pages | ||
| + | # Description: Disable Linux transparent huge pages, to improve | ||
| + | # database performance. | ||
| + | ### END INIT INFO | ||
| + | |||
| + | case $1 in | ||
| + | start) | ||
| + | if [ -d /sys/kernel/mm/transparent_hugepage ]; then | ||
| + | thp_path=/sys/kernel/mm/transparent_hugepage | ||
| + | elif [ -d /sys/kernel/mm/redhat_transparent_hugepage ]; then | ||
| + | thp_path=/sys/kernel/mm/redhat_transparent_hugepage | ||
| + | else | ||
| + | return 0 | ||
| + | fi | ||
| + | |||
| + | echo 'never' > ${thp_path}/enabled | ||
| + | echo 'never' > ${thp_path}/defrag | ||
| + | |||
| + | unset thp_path | ||
| + | ;; | ||
| + | esac</source> | ||
| + | Make it executable: | ||
| + | sudo chmod 755 /etc/init.d/disable-transparent-hugepages | ||
| + | Configure your operating system to run it on boot.<br /> | ||
| + | |||
| + | Use the appropriate command to configure the new init script on your Linux distribution.<br /> | ||
| + | |||
| + | Distribution Command<br /> | ||
| + | |||
| + | Ubuntu and Debian <nowiki>sudo update-rc.d disable-transparent-hugepages defaults</nowiki><br /> | ||
| + | SUSE <nowiki>sudo insserv /etc/init.d/disable-transparent-hugepages</nowiki><br /> | ||
| + | Red Hat, CentOS, Amazon Linux, and derivatives <nowiki>sudo chkconfig --add disable-transparent-hugepages</nowiki><br /> | ||
== Start/Stop/Restart MongoDB == | == Start/Stop/Restart MongoDB == | ||
| Line 15: | Line 180: | ||
== Guides == | == Guides == | ||
| + | [https://docs.mongodb.org/manual/tutorial/enable-authentication/ Enable authentication]<br /> | ||
[https://docs.mongodb.org/manual/#getting-started Getting Started]<br /> | [https://docs.mongodb.org/manual/#getting-started Getting Started]<br /> | ||
[https://docs.mongodb.org/manual/administration/production-notes/ Before deploying MongoDB in a production environment]<br /> | [https://docs.mongodb.org/manual/administration/production-notes/ Before deploying MongoDB in a production environment]<br /> | ||
| Line 41: | Line 207: | ||
db.COLLECTION_NAME.find() | db.COLLECTION_NAME.find() | ||
db.COLLECTION_NAME.find({"name": "data1"}) | db.COLLECTION_NAME.find({"name": "data1"}) | ||
| + | RDBMS Where Clause Equivalents in MongoDB | ||
| + | {| class="wikitable" | ||
| + | |- | ||
| + | ! Operation !! Syntax !! Example !! RDBMS Equivalent | ||
| + | |- | ||
| + | | Equality || {<key>:<value>} || db.mycol.find({"by":"tutorials point"}).pretty() || where by = 'tutorials point' | ||
| + | |- | ||
| + | | Less Than || {<key>:{$lt:<value>}} || db.mycol.find({"likes":{$lt:50}}).pretty() || where likes < 50 | ||
| + | |- | ||
| + | | Less Than Equals || {<key>:{$lte:<value>}} || db.mycol.find({"likes":{$lte:50}}).pretty() || where likes <= 50 | ||
| + | |- | ||
| + | | Greater Than || {<key>:{$gt:<value>}} || db.mycol.find({"likes":{$gt:50}}).pretty() || where likes > 50 | ||
| + | |- | ||
| + | | Greater Than Equals || {<key>:{$gte:<value>}} || db.mycol.find({"likes":{$gte:50}}).pretty() || where likes >= 50 | ||
| + | |- | ||
| + | | Not Equals || {<key>:{$ne:<value>}} || db.mycol.find({"likes":{$ne:50}}).pretty() || where likes != 50 | ||
| + | |} | ||
| + | |||
| + | AND / OR Example:<br /> | ||
| + | Likes greater than 100 and whose title is either 'MongoDB Overview' or by is 'tutorials point'.<br /> | ||
| + | Equivalent sql where clause is 'where likes>10 AND (by = 'tutorials point' OR title = 'MongoDB Overview')' | ||
| + | db.mycol.find({"likes": {$gt:10}, $or: [{"by": "tutorials point"}, {"title": "MongoDB Overview"}]}).pretty() | ||
| + | |||
| + | == Security == | ||
| + | To enable Client Access Control follow this steps: | ||
| + | # Start the mongod service if not already running | ||
| + | #:<pre>sudo service mongod start | ||
| + | #:: or if runnig mongo directly: | ||
| + | #::mongod --port 27017 --dbpath /data/db1</pre> | ||
| + | # Connect to the mongo instance without access control | ||
| + | #:<pre>mongo --port 27017</pre> | ||
| + | # Create the user administrator | ||
| + | #:<pre> | ||
| + | #::use admin | ||
| + | #::db.createUser( | ||
| + | #::{ | ||
| + | #:: user: "myUserAdmin", | ||
| + | #:: pwd: "abc123", | ||
| + | #:: roles: [ { role: "root", db: "admin" } ] | ||
| + | #:: } | ||
| + | #::)</pre> | ||
| + | # Edit /etc/mongod.conf, add: | ||
| + | #:<pre>security: | ||
| + | #:: authorization: enabled</pre> | ||
| + | # Restart mongo service | ||
| + | #:<pre> sudo service mongod restart</pre> | ||
| + | # Connect to the mongo instance as the administrator: | ||
| + | #:<pre>mongo --port 27017 -u "myUserAdmin" -p "abc123" --authenticationDatabase "admin"</pre> | ||
| + | # Create Additional users as needed. Example: | ||
| + | #:<pre>use reporting | ||
| + | #::db.createUser( | ||
| + | #:: { | ||
| + | #:: user: "reportsUser", | ||
| + | #:: pwd: "12345678", | ||
| + | #:: roles: [ | ||
| + | #:: { role: "read", db: "reporting" }, | ||
| + | #:: { role: "read", db: "products" }, | ||
| + | #:: { role: "read", db: "sales" }, | ||
| + | #:: { role: "readWrite", db: "accounts" } | ||
| + | #:: ] | ||
| + | #:: } | ||
| + | #::)</pre> | ||
Latest revision as of 23:33, 8 April 2016
Installation[edit]
Ubuntu 14.04, 15.10[edit]
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv EA312927 echo "deb http://repo.mongodb.org/apt/ubuntu trusty/mongodb-org/3.2 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-3.2.list sudo apt-get update
Client and Server[edit]
sudo apt-get install -y mongodb-org
Client only[edit]
sudo apt-get install mongodb-clients
Check if service is active
sudo systemctl status mongd
If it's not working
sudo reboot
If it still not working, create and run the script enable_mongo.sh with:
echo '[Unit]
Description=High-performance, schema-free document-oriented database
After=syslog.target network.target
[Service]
User=mongodb
Group=mongodb
ExecStart=/usr/bin/mongod -f /etc/mongod.conf
[Install]
WantedBy=multi-user.target' > /lib/systemd/system/mongod.service
# Setup the required directories
mkdir -p /var/run/mongodb/
mkdir -p /var/log/mongodb/
mkdir -p /var/lib/mongodb/
mkdir -p /data/db/
chown mongodb:mongodb /var/run/mongodb/
chown mongodb:mongodb /var/log/mongodb/
chown mongodb:mongodb /var/lib/mongodb/
chown mongodb:mongodb /data/db
chmod 0755 /var/log/mongodb/
chmod 0755 /var/run/mongodb/
chmod 0755 /var/lib/mongodb/
chmod 0755 /data/db/
# Start the new service and enable it on boot
systemctl --system daemon-reload
systemctl enable mongod.service
echo "Starting"
systemctl start mongod.service
# Specific version install: sudo apt-get install -y mongodb-org=3.2.1 mongodb-org-server=3.2.1 mongodb-org-shell=3.2.1 mongodb-org-mongos=3.2.1 mongodb-org-tools=3.2.1
Enable authentication[edit]
- Connect to mongo instance:
mongo
- Add an admin user:
use admin
db.createUser(
{
user: "myUserAdmin",
pwd: "abc123",
roles: [ { role: "userAdminAnyDatabase", db: "admin" } ]
}
)
- Edit configuration file
sudo nano /etc/mongod.conf
- Restart mongoDB server:
sudo service mongod restart
- connect to your instance:
security: authorization: enabled
Add user roles[edit]
use reporting
db.grantRolesToUser(
"reportsUser",
[
{ role: "read", db: "accounts" }
]
)
Revoke user roles[edit]
use reporting
db.revokeRolesFromUser(
"reportsUser",
[
{ role: "readWrite", db: "accounts" }
]
)
Create User[edit]
use test
db.createUser(
{
user: "tester",
pwd: "password",
roles: [
{ role: "read", db: "test1" },
{ role: "read", db: "test2" },
{ role: "read", db: "test3" },
{ role: "readWrite", db: "test" }
]
}
);
or
use products
db.addUser( { user: "Alice",
pwd: "Moon1234",
roles: [ "readWrite", "dbAdmin" ]
} )
or
db.createUser(
... {
... user: "....",
... pwd: ".........",
... roles: [ "readWrite" ]
... }
... )
Drop User[edit]
db.dropUser(username)}
Enable remote connections[edit]
- Edit /etc/mongodb.conf
- Add the ip's you whish to enable for remote access to bind_ip separated by ',' (Dont remove 127.0.0.1!!)
bind_ip = 127.0.0.1,192.168.56.222
Disable Transparent Huge Pages (THP)[edit]
Create the init.d script.
Create the following file at /etc/init.d/disable-transparent-hugepages:
#!/bin/sh
### BEGIN INIT INFO
# Provides: disable-transparent-hugepages
# Required-Start: $local_fs
# Required-Stop:
# X-Start-Before: mongod mongodb-mms-automation-agent
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Disable Linux transparent huge pages
# Description: Disable Linux transparent huge pages, to improve
# database performance.
### END INIT INFO
case $1 in
start)
if [ -d /sys/kernel/mm/transparent_hugepage ]; then
thp_path=/sys/kernel/mm/transparent_hugepage
elif [ -d /sys/kernel/mm/redhat_transparent_hugepage ]; then
thp_path=/sys/kernel/mm/redhat_transparent_hugepage
else
return 0
fi
echo 'never' > ${thp_path}/enabled
echo 'never' > ${thp_path}/defrag
unset thp_path
;;
esac
Make it executable:
sudo chmod 755 /etc/init.d/disable-transparent-hugepages
Configure your operating system to run it on boot.
Use the appropriate command to configure the new init script on your Linux distribution.
Distribution Command
Ubuntu and Debian sudo update-rc.d disable-transparent-hugepages defaults
SUSE sudo insserv /etc/init.d/disable-transparent-hugepages
Red Hat, CentOS, Amazon Linux, and derivatives sudo chkconfig --add disable-transparent-hugepages
Start/Stop/Restart MongoDB[edit]
sudo service mongod start | stop | restart
Verify that MongoDB has started successfully[edit]
Verify that the mongod process has started successfully by checking the contents of the log file at /var/log/mongodb/mongod.log for a line reading
[initandlisten] waiting for connections on port <port>
Guides[edit]
Enable authentication
Getting Started
Before deploying MongoDB in a production environment
Manage user accounts and roles
Data directories[edit]
/var/log/mongodb /var/lib/mongodb
Create Database[edit]
use DATABASE_NAME
Show databases[edit]
show dbs
db.adminCommand('listDatabases')
db.getMongo().getDBNames()
- To view databases they must have data
To show the current database type:
db
Insert[edit]
db.COLLECTION_NAME.insert({"name":"data1"})
Get Colection Names[edit]
db.getCollectionNames()
Query[edit]
db.COLLECTION_NAME.find()
db.COLLECTION_NAME.find({"name": "data1"})
RDBMS Where Clause Equivalents in MongoDB
| Operation | Syntax | Example | RDBMS Equivalent |
|---|---|---|---|
| Equality | {<key>:<value>} | db.mycol.find({"by":"tutorials point"}).pretty() | where by = 'tutorials point' |
| Less Than | {<key>:{$lt:<value>}} | db.mycol.find({"likes":{$lt:50}}).pretty() | where likes < 50 |
| Less Than Equals | {<key>:{$lte:<value>}} | db.mycol.find({"likes":{$lte:50}}).pretty() | where likes <= 50 |
| Greater Than | {<key>:{$gt:<value>}} | db.mycol.find({"likes":{$gt:50}}).pretty() | where likes > 50 |
| Greater Than Equals | {<key>:{$gte:<value>}} | db.mycol.find({"likes":{$gte:50}}).pretty() | where likes >= 50 |
| Not Equals | {<key>:{$ne:<value>}} | db.mycol.find({"likes":{$ne:50}}).pretty() | where likes != 50 |
AND / OR Example:
Likes greater than 100 and whose title is either 'MongoDB Overview' or by is 'tutorials point'.
Equivalent sql where clause is 'where likes>10 AND (by = 'tutorials point' OR title = 'MongoDB Overview')'
db.mycol.find({"likes": {$gt:10}, $or: [{"by": "tutorials point"}, {"title": "MongoDB Overview"}]}).pretty()
Security[edit]
To enable Client Access Control follow this steps:
- Start the mongod service if not already running
sudo service mongod start
- or if runnig mongo directly:
- mongod --port 27017 --dbpath /data/db1
- Connect to the mongo instance without access control
mongo --port 27017
- Create the user administrator
- use admin
- db.createUser(
- {
- user: "myUserAdmin",
- pwd: "abc123",
- roles: [ { role: "root", db: "admin" } ]
- }
- )
- Edit /etc/mongod.conf, add:
security:
- authorization: enabled
- Restart mongo service
sudo service mongod restart
- Connect to the mongo instance as the administrator:
mongo --port 27017 -u "myUserAdmin" -p "abc123" --authenticationDatabase "admin"
- Create Additional users as needed. Example:
use reporting
- db.createUser(
- {
- user: "reportsUser",
- pwd: "12345678",
- roles: [
- { role: "read", db: "reporting" },
- { role: "read", db: "products" },
- { role: "read", db: "sales" },
- { role: "readWrite", db: "accounts" }
- ]
- }
- )