Table of Contents
Introduction
This blog is about installing MongoDB on a CentOS 8 server step-by-step in this tutorial. With its high performance, scalability, and flexibility, MongoDB is a well-liked NoSQL database system and a great option for many applications. This guide will assist you in getting MongoDB up and running on CentOS 8 whether you are setting up a new server or updating an existing one.
MongoDB
Prerequisites
Before we proceed with the installation, there are a few prerequisites you should have in place:
- CentOS 8 Server: Ensure you have a CentOS 8 server with root access or a user with sudo privileges.
- Update System Packages: It’s always a good practice to update the system packages to the latest versions. You can do this by running the following command:
sudo yum update -y
Step 1: Add Repository
The first step is to add the official MongoDB repository to your CentOS 8 system. This provides the necessary packages to ensure a smooth installation process. Here’s how to add the repository:
Create a repository :
sudo nano /etc/yum.repos.d/mongodb-org-6.0.repo Now, paste the following content into the file:
[mongodb-org-6.0]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/6.0/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-6.0.ascSave and close the file.
Step 2: Install :
With the above repository added, it’s time to install MongoDB on your CentOS 8 system:
Install with the following command:
sudo yum install -y mongodb-orgAfter the installation is complete, start the database service and enable it to start on boot:
sudo systemctl start mongod
sudo systemctl enable mongodVerify that database is running by checking its status:
sudo systemctl status mongodStep 3: Secure MongoDB
Securing your database installation is crucial to protect your data and server. By default, MongoDB does not have authentication enabled. Let’s enable authentication to ensure the safety of your database:
Access the MongoDB shell:
In previous version we used mongo as command to access mongo shell but in new version it’s now mongosh.
mongoshSwitch to the admin database:
use adminCreate an administrative user with a strong password:
db.createUser(
{
user: "mdbadmin",
pwd: "password",
roles: [ { role: "userAdminAnyDatabase", db: "admin" } ]
}
)Exit the shell:
exitUpdate the database configuration file to enable authentication:
sudo nano /etc/mongod.confFind the line #security: and remove the ‘#’ symbol at the beginning.
security:
authorization: "enabledremember two space before authorization. Save and close the file.
Restart to apply the changes:
sudo systemctl restart mongodStep 4: Test MongoDB
To ensure that database is functioning correctly and that you can access it with the administrative user, follow these steps:
Access the shell with the admin user:
mongo -u admin -p --authenticationDatabase adminYou should now be logged in and ready to perform administrative tasks within database.
Roles in MongoDB
Before assigning any role to any user you must understand the privileges of role. So that you can control access and secure your database.
Database user roles
Database user roles are normal user roles that are useful in regular database interactions.
| Role | Description |
|---|---|
| read | Read all non-system collections and the system.js collection |
| readWrite | Both Read and Write functionality on non-system collections and the system.js collection |
Database administration roles
These are roles that are used to carry out administrative operations on databases.
| Role | Description |
|---|---|
| dbAdmin | Perform administrative tasks such as indexing and gathering statistics, but cannot manage users or roles |
| userAdmin | Provides the ability to create and modify roles and users of a specific database |
| dbOwner | This is the owner of the database who can perform any action. It is equal to combining all the roles mentioned above: readWrite, dbAdmin, and userAdmin roles |
All database roles
These are database roles that provide privileges to interact with all databases, excluding local and config databases.
| Role | Description |
|---|---|
| readAnyDatabase | Read any database |
| readWriteAnyDatabase | Provides read and write privileges to all databases |
| userAdminAnyDatabase | Create and Modify users and roles across all databases |
| dbAdminAnyDatabase | Perform database administrative functions on all databases |
Cluster admin roles
These roles enable users to interact and administrate MongoDB clusters.
| Role | Description |
|---|---|
| clusterManager | Enables management and monitoring functionality on the cluster. Provides access to config and local databases used in sharding and replication |
| clusterMonitor | Provide read-only access to MongoDB monitoring tools such as Cloud Manager or Ops Manager monitoring agent |
| hostManager | Provides the ability to monitor and manage individual servers |
| clusterAdmin | This role includes the highest number of cluster administrative privileges allowing a user to do virtually anything. This functionality is equal to the combination of clusterManager, clusterMonitor, hostManager roles, and dropDatabase action |
Create Normal User
Create a user for a specific database this user can access only database assigned to him. For example we want to create a database sales and for that we need a specific user who can access this database and modify and delete documents from database. Authentication in database is very important it will help you and protect from different kind cyber attacks if you want to learn about RCE you can check out.
db.createUser(
{
user: "salesadmin",
pwd: "password",
roles:[{role: "userAdmin" , db:"Sales"}]}
)
