Changes

Jump to navigation Jump to search

MongoDB (edit)

Revision as of 23:33, 8 April 2016

6,864 bytes added ,  23:33, 8 April 2016
→‎Create User
Line 1: Line 1:  
== Installation ==
 
== Installation ==
=== Ubuntu 14.04 ===
+
=== Ubuntu 14.04, 15.10 ===
 
  sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv EA312927
 
  sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv EA312927
 
  echo "deb http://repo.mongodb.org/apt/ubuntu trusty/mongodb-org/3.2 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-3.2.list
 
  echo "deb http://repo.mongodb.org/apt/ubuntu trusty/mongodb-org/3.2 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-3.2.list
 
  sudo apt-get update
 
  sudo apt-get update
 +
==== Client and Server ====
 
  sudo apt-get install -y mongodb-org
 
  sudo apt-get install -y mongodb-org
  # Specific version install: sudo apt-get install -y mongodb-org=3.2.1 mongodb-org-server=3.2.1 mongodb-org-shell=3.2.1 mongodb-org-mongos=3.2.1 mongodb-org-tools=3.2.1
+
==== Client only ====
 +
sudo apt-get install mongodb-clients
 +
Check if service is active
 +
sudo systemctl status mongd
 +
If it's not working
 +
sudo reboot
 +
If it still not working, create and run the script enable_mongo.sh with:<br />
 +
<source lang="bash">echo '[Unit]
 +
Description=High-performance, schema-free document-oriented database
 +
After=syslog.target network.target
 +
 +
[Service]
 +
User=mongodb
 +
Group=mongodb
 +
ExecStart=/usr/bin/mongod -f /etc/mongod.conf
 +
 +
[Install]
 +
WantedBy=multi-user.target' > /lib/systemd/system/mongod.service
 +
 
 +
# Setup the required directories
 +
mkdir -p /var/run/mongodb/
 +
mkdir -p /var/log/mongodb/
 +
mkdir -p /var/lib/mongodb/
 +
mkdir -p /data/db/
 +
 
 +
chown mongodb:mongodb /var/run/mongodb/
 +
chown mongodb:mongodb /var/log/mongodb/
 +
chown mongodb:mongodb /var/lib/mongodb/
 +
chown mongodb:mongodb /data/db
 +
 
 +
chmod 0755 /var/log/mongodb/
 +
chmod 0755 /var/run/mongodb/
 +
chmod 0755 /var/lib/mongodb/
 +
chmod 0755 /data/db/
 +
 
 +
# Start the new service and enable it on boot
 +
systemctl --system daemon-reload
 +
systemctl enable mongod.service
 +
 
 +
echo "Starting"
 +
systemctl start mongod.service</source>
 +
 
 +
  # Specific version install: sudo apt-get install -y mongodb-org=3.2.1 mongodb-org-server=3.2.1 mongodb-org-shell=3.2.1 mongodb-org-mongos=3.2.1 mongodb-org-tools=3.2.1<br />
 +
 
 +
=== Enable authentication ===
 +
* Connect to mongo instance:
 +
mongo
 +
* Add an admin user:
 +
<nowiki>
 +
use admin
 +
db.createUser(
 +
  {
 +
    user: "myUserAdmin",
 +
    pwd: "abc123",
 +
    roles: [ { role: "userAdminAnyDatabase", db: "admin" } ]
 +
  }
 +
)</nowiki>
 +
 
 +
* Edit configuration file
 +
sudo nano /etc/mongod.conf
 +
 
 +
* Restart mongoDB server:
 +
sudo service mongod restart
 +
 
 +
* connect to your instance:
 +
<nowiki>security:
 +
  authorization: enabled</nowiki>
 +
==== Add user roles ====
 +
<nowiki>use reporting
 +
db.grantRolesToUser(
 +
    "reportsUser",
 +
    [
 +
      { role: "read", db: "accounts" }
 +
    ]
 +
)</nowiki>
 +
==== Revoke user roles ====
 +
<nowiki>use reporting
 +
db.revokeRolesFromUser(
 +
    "reportsUser",
 +
    [
 +
      { role: "readWrite", db: "accounts" }
 +
    ]
 +
)</nowiki>
 +
 
 +
==== Create User ====
 +
<nowiki>use test
 +
db.createUser(
 +
    {
 +
      user: "tester",
 +
      pwd: "password",
 +
      roles: [
 +
        { role: "read", db: "test1" },
 +
        { role: "read", db: "test2" },
 +
        { role: "read", db: "test3" },
 +
        { role: "readWrite", db: "test" }
 +
      ]
 +
    }
 +
);</nowiki>
 +
or
 +
<nowiki>use products
 +
db.addUser( { user: "Alice",
 +
              pwd: "Moon1234",
 +
              roles: [ "readWrite", "dbAdmin" ]
 +
            } )</nowiki>
 +
or
 +
<nowiki>db.createUser(
 +
...        {
 +
...          user: "....",
 +
...          pwd: ".........",
 +
...          roles: [ "readWrite" ]
 +
...        }
 +
... )
 +
</nowiki>
 +
 
 +
==== Drop User ====
 +
<nowiki>db.dropUser(username)}</nowiki>
 +
 
 +
=== Enable remote connections ===
 +
* Edit /etc/mongodb.conf
 +
* Add the ip's you whish to enable for remote access to bind_ip separated by ',' (Dont remove 127.0.0.1!!)
 +
bind_ip = 127.0.0.1,192.168.56.222
 +
 
 +
=== Disable Transparent Huge Pages (THP) ===
 +
Create the init.d script.<br />
 +
Create the following file at /etc/init.d/disable-transparent-hugepages:
 +
<source lang="bash">#!/bin/sh
 +
### BEGIN INIT INFO
 +
# Provides:          disable-transparent-hugepages
 +
# Required-Start:    $local_fs
 +
# Required-Stop:
 +
# X-Start-Before:    mongod mongodb-mms-automation-agent
 +
# Default-Start:    2 3 4 5
 +
# Default-Stop:      0 1 6
 +
# Short-Description: Disable Linux transparent huge pages
 +
# Description:      Disable Linux transparent huge pages, to improve
 +
#                    database performance.
 +
### END INIT INFO
 +
 
 +
case $1 in
 +
  start)
 +
    if [ -d /sys/kernel/mm/transparent_hugepage ]; then
 +
      thp_path=/sys/kernel/mm/transparent_hugepage
 +
    elif [ -d /sys/kernel/mm/redhat_transparent_hugepage ]; then
 +
      thp_path=/sys/kernel/mm/redhat_transparent_hugepage
 +
    else
 +
      return 0
 +
    fi
 +
 
 +
    echo 'never' > ${thp_path}/enabled
 +
    echo 'never' > ${thp_path}/defrag
 +
 
 +
    unset thp_path
 +
    ;;
 +
esac</source>
 +
Make it executable:
 +
sudo chmod 755 /etc/init.d/disable-transparent-hugepages
 +
Configure your operating system to run it on boot.<br />
 +
 
 +
Use the appropriate command to configure the new init script on your Linux distribution.<br />
 +
 
 +
Distribution Command<br />
 +
 
 +
Ubuntu and Debian <nowiki>sudo update-rc.d disable-transparent-hugepages defaults</nowiki><br />
 +
SUSE <nowiki>sudo insserv /etc/init.d/disable-transparent-hugepages</nowiki><br />
 +
Red Hat, CentOS, Amazon Linux, and derivatives <nowiki>sudo chkconfig --add disable-transparent-hugepages</nowiki><br />
    
== Start/Stop/Restart MongoDB ==
 
== Start/Stop/Restart MongoDB ==
Line 15: Line 180:     
== Guides ==
 
== Guides ==
 +
[https://docs.mongodb.org/manual/tutorial/enable-authentication/ Enable authentication]<br />
 
[https://docs.mongodb.org/manual/#getting-started Getting Started]<br />
 
[https://docs.mongodb.org/manual/#getting-started Getting Started]<br />
 
[https://docs.mongodb.org/manual/administration/production-notes/ Before deploying MongoDB in a production environment]<br />
 
[https://docs.mongodb.org/manual/administration/production-notes/ Before deploying MongoDB in a production environment]<br />
Line 35: Line 201:     
== Insert ==
 
== Insert ==
  db.movie.insert({"name":"tutorials point"})
+
  db.COLLECTION_NAME.insert({"name":"data1"})
 
== Get Colection Names ==
 
== Get Colection Names ==
 
  db.getCollectionNames()
 
  db.getCollectionNames()
 +
== Query ==
 +
db.COLLECTION_NAME.find()
 +
db.COLLECTION_NAME.find({"name": "data1"})
 +
RDBMS Where Clause Equivalents in MongoDB
 +
{| class="wikitable"
 +
|-
 +
! Operation !! Syntax !! Example !! RDBMS Equivalent
 +
|-
 +
| Equality || {<key>:<value>} || db.mycol.find({"by":"tutorials point"}).pretty() || where by = 'tutorials point'
 +
|-
 +
| Less Than || {<key>:{$lt:<value>}} || db.mycol.find({"likes":{$lt:50}}).pretty() || where likes < 50
 +
|-
 +
| Less Than Equals || {<key>:{$lte:<value>}} || db.mycol.find({"likes":{$lte:50}}).pretty() || where likes <= 50
 +
|-
 +
| Greater Than || {<key>:{$gt:<value>}} || db.mycol.find({"likes":{$gt:50}}).pretty() || where likes > 50
 +
|-
 +
| Greater Than Equals || {<key>:{$gte:<value>}} || db.mycol.find({"likes":{$gte:50}}).pretty() || where likes >= 50
 +
|-
 +
| Not Equals || {<key>:{$ne:<value>}} || db.mycol.find({"likes":{$ne:50}}).pretty() || where likes != 50
 +
|}
 +
 +
AND / OR Example:<br />
 +
Likes greater than 100 and whose title is either 'MongoDB Overview' or by is 'tutorials point'.<br />
 +
Equivalent sql where clause is 'where likes>10 AND (by = 'tutorials point' OR title = 'MongoDB Overview')'
 +
db.mycol.find({"likes": {$gt:10}, $or: [{"by": "tutorials point"}, {"title": "MongoDB Overview"}]}).pretty()
 +
 +
== Security ==
 +
To enable Client Access Control follow this steps:
 +
# Start the mongod service if not already running
 +
#:<pre>sudo service mongod start
 +
#:: or if runnig mongo directly:
 +
#::mongod --port 27017 --dbpath /data/db1</pre>
 +
# Connect to the mongo instance without access control
 +
#:<pre>mongo --port 27017</pre>
 +
# Create the user administrator
 +
#:<pre>
 +
#::use admin
 +
#::db.createUser(
 +
#::{
 +
#::    user: "myUserAdmin",
 +
#::    pwd: "abc123",
 +
#::    roles: [ { role: "root", db: "admin" } ]
 +
#::  }
 +
#::)</pre>
 +
# Edit /etc/mongod.conf, add:
 +
#:<pre>security:
 +
#::  authorization: enabled</pre>
 +
# Restart mongo service
 +
#:<pre> sudo service mongod restart</pre>
 +
# Connect to the mongo instance as the administrator:
 +
#:<pre>mongo --port 27017 -u "myUserAdmin" -p "abc123" --authenticationDatabase "admin"</pre>
 +
# Create Additional users as needed. Example:
 +
#:<pre>use reporting
 +
#::db.createUser(
 +
#::    {
 +
#::      user: "reportsUser",
 +
#::      pwd: "12345678",
 +
#::      roles: [
 +
#::        { role: "read", db: "reporting" },
 +
#::        { role: "read", db: "products" },
 +
#::        { role: "read", db: "sales" },
 +
#::        { role: "readWrite", db: "accounts" }
 +
#::      ]
 +
#::    }
 +
#::)</pre>
Retrieved from "https://wiki.herrerosolis.com/index.php/Special:MobileDiff/712...856"

Navigation menu