For the correct operation of the system, MongoDB version 3.6 to 6.0 is required. This article describes the installation of MongoDB 6.0 for Ubuntu Linux 22.04. You can also refer to the brief guide in the official MongoDB documentation.
начало внимание
In this example, the database name is elma365, the user is elma365, and the password is SecretPassword.
When configuring MongoDB, set these data according to the security policy adopted in your organization.
конец внимание
Installation consists of six steps:
- Install MongoDB.
- Configure MongoDB.
- Configure connection to MongoDB.
- Initialize the replica.
- Connect to MongoDB.
Step 1: Install MongoDB
To install MongoDB, add the official repository:
sudo apt-get install gnupg
curl -fsSL https://pgp.mongodb.com/server-6.0.asc | sudo gpg -o /usr/share/keyrings/mongodb-server-6.0.gpg --dearmor
echo "deb [ arch=amd64,arm64 signed-by=/usr/share/keyrings/mongodb-server-6.0.gpg ] https://repo.mongodb.org/apt/ubuntu jammy/mongodb-org/6.0 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-6.0.list
sudo apt-get update
Then install MongoDB:
sudo apt install mongodb-org
Run MongoDB:
sudo systemctl enable --now mongod
Step 2: Configure MongoDB
Начало внимание
The password can contain the following characters:
- Uppercase Latin letters: A to Z
- Lowercase Latin letters: a to z
- Digits: 0 to 9
- Symbols: -_
Reserved (invalid) characters: ! * ' ( ) ; : @ & = + $ , / ? % # [ ]
Конец внимание
- Access mongosh (Command Line Interface) and create a database:
mongosh
- Use the ELMA365 database. If it doesn't exist, create it:
use elma365
- Create a dedicated user, elma365, to work with the database, with the password SecretPassword. Username and password are provided as an example:
db.createUser({user:'elma365', pwd:'SecretPassword', roles:[{role:"readWrite", db:"elma365"},{"role":"root", "db":"admin"}]})
- Make sure that the user is created:
show users
- To enable authentication, create a superuser:
use admin
db.createUser({user:'superuser', pwd:'SecretPassword', roles: ["root"]})
- Make sure that the user is created:
show users
- Complete the configuration:
exit
- Create a file with a general authentication key, set access to the file:
openssl rand -base64 756 > /var/lib/mongodb/keyfile
chmod 400 /var/lib/mongodb/keyfile
chown mongodb:mongodb /var/lib/mongodb/keyfile
- Enable secure access to the MongoDB server.
To do that, edit the /etc/mongod.conf
file:
. . .
setParameter:
enableLocalhostAuthBypass: false
security:
authorization: "enabled"
keyFile: /var/lib/mongodb/keyfile
. . .
- Restart MongoDB:
sudo systemctl restart mongod
Step 3: Configure connection to MongoDB
Make changes to the configuration file /etc/mongod.conf
:
sudo nano /etc/mongod.conf
Configure the values for:
bindIp
is a list of addresses from which connections on port 27017 can be accepted (in this case, it makes the MongoDB service available from all external addresses);replSetName
is the name of the replica set, by default it is "rs0"
. . .
# network interfaces
net:
port: 27017
bindIp: 0.0.0.0
. . .
replication:
replSetName: "rs0"
enableMajorityReadConcern: true
. . .
Configuring TLS/SSL in MongoDB
To enable TLS/SSL support in MongoDB, follow these steps:
cat your_domain.key > mongodb.pem
cat fullchain_your_domain.pem >> mongodb.pem
net: For more detailed information on configuring TLS/SSL in MongoDB, refer to the official MongoDB documentation. |
Restart MongoDB to apply the changes:
sudo systemctl restart mongod
Step 4: Initialize the replica
- Open the mongosh console for configuration.
To connect to MongoDB:
sudo mongosh
To connect to MongoDB with TLS/SSL enabled:
sudo mongosh --tls --host mongodb-server1.your_domain --tlsCAFile /etc/ssl/CA.pem
- Initialize the replica:
rs.initiate({ _id: "rs0", members: [{ _id: 0, host: "<mongodb-server-address>" }]})
- Check the replicaSet configuration:
rs.conf()
- Check the state of MongoDB:
rs.status()
Step 5: Connect to MongoDB
Connection string for MongoDB:
mongodb://elma365:SecretPassword@<mongodb-server-address>:27017/elma365?ssl=false&replicaSet=rs0&readPreference=nearest
Connection string for MongoDB with TLS/SSL:
mongodb://elma365:SecretPassword@mongodb-server.your_domain:27017/elma365?ssl=true&replicaSet=rs0&readPreference=nearest
Found a typo? Highlight the text, press ctrl + enter and notify us