InstallMongoDBCommunityEditiononRedHatorCentOS
Install MongoDB Community Edition on Red Hat or CentOS
On this page
- Overview
- Considerations
- Install MongoDB Community Edition
- Run MongoDB Community Edition
- Uninstall MongoDB Community Edition
- Additional Information
Overview
Use this tutorial to install MongoDB 3.6 Community Edition on Red Hat Enterprise Linux, CentOS Linux, or Oracle Linux [1] using the yum
package manager.
MongoDB Version
This tutorial installs MongoDB 3.6 Community Edition. To install a different version of MongoDB Community, use the version drop-down menu in the upper-left corner of this page to select the documentation for that version.
Considerations
Platform Support
MongoDB 3.6 Community Edition supports the following 64-bit versions of Red Hat Enterprise Linux (RHEL), CentOS Linux, and Oracle Linux [1] on x86_64 architecture:
- RHEL / CentOS / Oracle 8 (Starting in MongoDB Enterprise 3.6.17)
- RHEL / CentOS / Oracle 7
- RHEL / CentOS / Oracle 6
MongoDB only supports the 64-bit versions of these platforms.
See Supported Platforms for more information.
[1]
(1, 2) MongoDB only supports Oracle Linux running the Red Hat Compatible Kernel (RHCK). MongoDB does not support the Unbreakable Enterprise Kernel (UEK).
Windows Subsystem for Linux (WSL) - Unsupported
MongoDB does not support the Windows Subsystem for Linux (WSL).
Production Notes
Before deploying MongoDB in a production environment, consider the Production Notes document which offers performance considerations and configuration recommendations for production MongoDB deployments.
Install MongoDB Community Edition
Follow these steps to install MongoDB Community Edition using the yum
package manager.
1
Configure the package management system (yum
).
Create a /etc/yum.repos.d/mongodb-org-3.6.repo
file so that you can install MongoDB directly using yum
:
Changed in version 3.0: MongoDB Linux packages are in a new repository beginning with 3.0.
For MongoDB 3.6
Use the following repository file:
[mongodb-org-3.6]name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/3.6/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-3.6.asc
For versions of MongoDB earlier than 3.6
To install the packages from an earlier release series such as 3.4, you can specify the release series in the repository configuration. For example, to restrict your system to the 3.4 release series, create a /etc/yum.repos.d/mongodb-org-3.4.repo
file to hold the following configuration information for the MongoDB 3.4 repository:
[mongodb-org-3.4]name=MongoDB 3.4 Repository
baseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/3.4/x86_64/
gpgcheck=0
enabled=1
You can also download the .rpm
files directly from the MongoDB repository. Downloads are organized by Red Hat / CentOS version (e.g. 7
), then MongoDB release version (e.g. 3.6
), then architecture (e.g. x86_64
). Odd-numbered MongoDB release versions, such as 3.7
, are development versions and are unsuitable for production deployment.
2
Install the MongoDB packages.
To install the latest stable version of MongoDB, issue the following command:
sudo yum install -y mongodb-org
To install a specific release of MongoDB, specify each component package individually and append the version number to the package name, as in the following example:
sudo yum install -y mongodb-org-3.6.19 mongodb-org-server-3.6.19 mongodb-org-shell-3.6.19 mongodb-org-mongos-3.6.19 mongodb-org-tools-3.6.19
You can specify any available version of MongoDB. However yum
will upgrade the packages when a newer version becomes available. To prevent unintended upgrades, pin the package. To pin a package, add the following exclude
directive to your /etc/yum.conf
file:
exclude=mongodb-org,mongodb-org-server,mongodb-org-shell,mongodb-org-mongos,mongodb-org-tools
Run MongoDB Community Edition
Prerequisites
ulimit
Most Unix-like operating systems limit the system resources that a session may use. These limits may negatively impact MongoDB operation. See
UNIX ulimit Settings for more information.
Directory Paths
To Use Default Directories
By default, MongoDB runs using the mongod
user account and uses the following default directories:
/var/lib/mongo
(the data directory)/var/log/mongodb
(the log directory)
➤ If you installed via the package manager,
The default directories are created, and the owner and group for these directories are set to mongod
.
➤ If you installed by downloading the tarballs,
The default MongoDB directories are not created. To create the MongoDB data and log directories:
sudo mkdir -p /var/lib/mongosudo mkdir -p /var/log/mongodb
By default, MongoDB runs using the mongod
user account. Once created, set the owner and group of these directories to mongod
:
sudo chown -R mongod:mongod <directory>
To Use Non-Default Directories
To use a data directory and/or log directory other than the default directories:
Create the new directory or directories.
Edit the configuration file
/etc/mongod.conf
and modify the following fields accordingly:storage.dbPath
to specify a new data directory path (e.g./some/data/directory
)systemLog.path
to specify a new log file path (e.g./some/log/directory/mongod.log
)
Ensure that the user running MongoDB has access to the directory or directories:
sudo chown -R mongod:mongod <directory>
If you change the user that runs the MongoDB process, you must give the new user access to these directories.
Configure SELinux if enforced. See Configure SELinux.
Configure SELinux
Important
If SELinux is in enforcing
mode, you must customize your SELinux policy for MongoDB.
The current SELinux Policy does not allow the MongoDB process to access /sys/fs/cgroup
, which is required to determine the available memory on your system. If you intend to run SELinux in enforcing
mode, you will need to make the following adjustment to your SELinux policy:
Ensure your system has the
checkpolicy
package installed:
sudo yum install checkpolicy
Create a custom policy file
mongodb_cgroup_memory.te
:cat > mongodb_cgroup_memory.te <<EOF
module mongodb_cgroup_memory 1.0;
require {
type cgroup_t;
type mongod_t;
class dir search;
class file { getattr open read };
}
#============= mongod_t ==============
allow mongod_t cgroup_t:dir search;
allow mongod_t cgroup_t:file { getattr open read };
EOF
Once created, compile and load the custom policy module by running these three commands:
checkmodule -M -m -o mongodb_cgroup_memory.mod mongodb_cgroup_memory.te
semodule_package -o mongodb_cgroup_memory.pp -m mongodb_cgroup_memory.mod
sudo semodule -i mongodb_cgroup_memory.pp
The MongoDB process is now able to access the correct files with SELinux set to enforcing
.
Important
You will also need to further customize your SELinux policy in the following two cases if SELinux is in enforcing
mode:
- You are not using the default MongoDB directories (for RHEL 7.0), and/or
- You are not using default MongoDB ports.
Non-Default MongoDB Directory Path(s)
Update the SELinux policy to allow the
mongod
service to use the new directory:
semanage fcontext -a -t <type> </some/MongoDB/directory.*>
where specify one of the following types as appropriate:
mongod_var_lib_t
for data directorymongod_log_t
for log file directorymongod_var_run_t
for pid file directory
Note
Be sure to include the
.*
at the end of the directory.Update the SELinux user policy for the new directory:
chcon -Rv -u system_u -t <type> </some/MongoDB/directory>
where specify one of the following types as appropriate:
mongod_var_lib_t
for data directorymongod_log_t
for log directorymongod_var_run_t
for pid file directory
Apply the updated SELinux policies to the directory:
restorecon -R -v </some/MongoDB/directory>
For examples:
Tip
- Depending on your user permission, you may need to use
sudo
to perform these operations. - Be sure to include the
.*
at the end of the directory for thesemanagefcontext
operations.
If using a non-default MongoDB data path of
/mongodb/data
:
semanage fcontext -a -t mongod_var_lib_t "/mongodb/data.*"
chcon -Rv -u system_u -t mongod_var_lib_t "/mongodb/data"
restorecon -R -v "/mongodb/data"
If using a non-default MongoDB log directory of
/mongodb/log
(e.g. if the log file path is/mongodb/log/mongod.log
):
semanage fcontext -a -t mongod_log_t "/mongodb/log.*"
chcon -Rv -u system_u -t mongod_log_t "/mongodb/log"
restorecon -R -v "/mongodb/log"
Non-Default MongoDB Ports
Tip
Depending on your user permission, you may need to use sudo
to perform the operation.
semanage port -a -t mongod_port_t -p tcp <portnumber>
Optional. Suppress FTDC
Warnings
The current SELinux Policy does not allow the MongoDB process to open and read /proc/net/netstat
for Diagnostic Parameters (FTDC). As such, the audit log may include numerous messages regarding lack of access to this path.
To track the proposed fix, see https://github.com/fedora-selinux/selinux-policy-contrib/pull/79.
Optionally, as a temporary fix, you can manually adjust the SELinux Policy:
Ensure your system has the
checkpolicy
package installed:
sudo yum install checkpolicy
Create a custom policy file
mongodb_proc_net.te
:cat > mongodb_proc_net.te <<EOF
module mongodb_proc_net 1.0;
require {
type proc_net_t;
type mongod_t;
class file { open read };
}
#============= mongod_t ==============
allow mongod_t proc_net_t:file { open read };
EOF
Once created, compile and load the custom policy module by running these three commands:
Tip
Depending on your user permission, you may need to use
sudo
to perform thesemodule
operation.
checkmodule -M -m -o mongodb_proc_net.mod mongodb_proc_net.te
semodule_package -o mongodb_proc_net.pp -m mongodb_proc_net.mod
semodule -i mongodb_proc_net.pp
Procedure
Follow these steps to run MongoDB Community Edition on your system. These instructions assume that you are using the default settings.
Init System
To run and manage your mongod
process, you will be using your operating system’s built-in init system. Recent versions of Linux tend to use systemd (which uses the systemctl
command), while older versions of Linux tend to use System V init (which uses the service
command).
If you are unsure which init system your platform uses, run the following command:
ps --no-headers -o comm 1
Then select the appropriate tab below based on the result:
systemd
- select the systemd (systemctl) tab below.init
- select the System V Init (service) tab below.
- systemd (systemctl)
- System V Init (service)
1
Start MongoDB.
You can start the mongod
process by issuing the following command:
sudo systemctl start mongod
If you receive an error similar to the following when starting mongod
:
Failedtostartmongod.service:Unitmongod.servicenotfound.
Run the following command first:
sudo systemctl daemon-reload
Then run the start command above again.
2
Verify that MongoDB has started successfully.
You can verify that the mongod
process has started successfully by issuing the following command:
sudo systemctl status mongod
You can optionally ensure that MongoDB will start following a system reboot by issuing the following command:
sudo systemctl enable mongod
3
Stop MongoDB.
As needed, you can stop the mongod
process by issuing the following command:
sudo systemctl stop mongod
4
Restart MongoDB.
You can restart the mongod
process by issuing the following command:
sudo systemctl restart mongod
You can follow the state of the process for errors or important messages by watching the output in the /var/log/mongodb/mongod.log
file.
5
Begin using MongoDB.
Start a mongo
shell on the same host machine as the mongod
. Use the --host
command line option to specify the localhost address and port that the mongod
listens on:
mongo --host 127.0.0.1:27017
Later, to stop MongoDB, press Control+C
in the terminal where the mongod
instance is running.
Uninstall MongoDB Community Edition
To completely remove MongoDB from a system, you must remove the MongoDB applications themselves, the configuration files, and any directories containing data and logs. The following section guides you through the necessary steps.
Warning
This process will completely remove MongoDB, its configuration, and all databases. This process is not reversible, so ensure that all of your configuration and data is backed up before proceeding.
1
Stop MongoDB.
Stop the mongod
process by issuing the following command:
sudo service mongod stop
2
Remove Packages.
Remove any MongoDB packages that you had previously installed.
sudo yum erase $(rpm -qa | grep mongodb-org)
3
Remove Data Directories.
Remove MongoDB databases and log files.
sudo rm -r /var/log/mongodbsudo rm -r /var/lib/mongo
Additional Information
Localhost Binding by Default
By default, MongoDB launches with bindIp
set to 127.0.0.1
, which binds to the localhost network interface. This means that the mongod
can only accept connections from clients that are running on the same machine. Remote clients will not be able to connect to the mongod
, and the mongod
will not be able to initialize a replica set unless this value is set to a valid network interface.
This value can be configured either:
- in the MongoDB configuration file with
bindIp
, or - via the command-line argument
--bind_ip
Warning
Before binding to a non-localhost (e.g. publicly accessible) IP address, ensure you have secured your cluster from unauthorized access. For a complete list of security recommendations, see Security Checklist. At minimum, consider enabling authentication and hardening network infrastructure.
For more information on configuring bindIp
, see MongoDB Configuration Hardening.
MongoDB Community Edition Packages
MongoDB Community Edition is available from its own dedicated repository, and contains the following officially-supported packages:
mongodb-org
A metapackage
that will automatically install the four component packages listed below.
mongodb-org-server
Contains the mongod
daemon and associated configuration and init scripts.
mongodb-org-mongos
Contains the mongos
daemon.
mongodb-org-shell
Contains the mongo
shell.
mongodb-org-tools
Contains the following MongoDB tools: mongoimport
bsondump
, mongodump
, mongoexport
, mongofiles
, mongoperf
, mongorestore
, mongostat
, and mongotop
.
The mongodb-org-server
package provides an initialization script that starts mongod
with the /etc/mongod.conf
configuration file.
See Run MongoDB Community Edition for details on using this initialization script.
←
Install MongoDB Community Edition on Linux
Install MongoDB Community on Red Hat or CentOS using .tgz Tarball
→
© MongoDB, Inc 2008-present. MongoDB, Mongo, and the leaf logo are registered trademarks of MongoDB, Inc.
以上是 InstallMongoDBCommunityEditiononRedHatorCentOS 的全部内容, 来源链接: utcz.com/z/535086.html