vim /etc/mongod.conf# 官网
移至- Resources
选择- Launch and Manage MongoDB,点击MongoDB Manual,选择左侧版本
点击- Installation
选择# Install MongoDB Enterprise,点击- Install on Linux,点击- Install on Red Hat,点击## Install MongoDB Enterprise Edition
配置存储库
创建/etc/yum.repos.d/MongoDB-enterprise-4.2. repo 文件,这样就可以直接使用 yum
vim /etc/yum.repos.d/mongodb-enterprise-4.2.repo
[mongodb-enterprise-4.2]
name=MongoDB Enterprise Repository
baseurl=https://repo.mongodb.com/yum/redhat/$releasever/mongodb-enterprise/4.2/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-4.2.asc
安装
如果您只安装 MongoDB-enterprise = 4.2.18,并且不包含组件包,那么无论您指定了哪个版本,都将安装每个 MongoDB 包的最新版本
[root@localhost ~]# sudo yum install -y mongodb-enterprise
#若执行下面命令,须移除
[root@localhost ~]# sudo yum remove -y mongodb-enterprise
已加载插件:fastestmirror
正在解决依赖关系
--> 正在检查事务
---> 软件包 mongodb-enterprise.x86_64.0.4.2.18-1.el7 将被 删除
--> 解决依赖关系完成
#要安装特定的版本,必须分别指定每个组件包和版本号
[root@localhost ~]# sudo yum install -y mongodb-enterprise-4.2.18 mongodb-enterprise-server-4.2.18 mongodb-enterprise-shell-4.2.18 mongodb-enterprise-mongos-4.2.18 mongodb-enterprise-tools-4.2.18
固定包
尽管可以指定任何可用的 MongoDB Enterprise 版本,但是 yum 会在有新版本可用时升级包。为了防止意外升级,在/etc/yum.conf 文件中添加以下 exclude 指令来固定包
[root@localhost ~]# vim /etc/yum.conf
#添加如下
exclude=mongodb-enterprise,mongodb-enterprise-server,mongodb-enterprise-shell,mongodb-enterprise-mongos,mongodb-enterprise-tools
#保存退出
启动
通过观察/var/log/mongodb/mongod.log 文件中的输出,可以了解错误或重要消息的流程状态
默认目录: /etc/mongod.conf (配置文件) /var/lib/mongo (数据目录) /var/log/mongodb (日志目录)
#启动
sudo systemctl start mongod
#如果你在启动 mongod 时收到类似下面的错误:
#Failed to start mongod.service: Unit mongod.service not found.
#首先运行以下命令,然后再次运行上面的 start 命令
sudo systemctl daemon-reload
#开机自启
sudo systemctl enable mongod
#停止
sudo systemctl stop mongod
#重启
sudo systemctl restart mongod
测试
#验证 mongod 进程已经成功启动
[root@localhost ~]# systemctl status mongod
● mongod.service - MongoDB Database Server
Loaded: loaded (/usr/lib/systemd/system/mongod.service; enabled; vendor preset: disabled)
Active: active (running) since 五 2022-02-25 10:21:33 CST; 8s ago
Docs: https://docs.mongodb.org/manual
Process: 25454 ExecStart=/usr/bin/mongod $OPTIONS (code=exited, status=0/SUCCESS)
Process: 25448 ExecStartPre=/usr/bin/chmod 0755 /var/run/mongodb (code=exited, status=0/SUCCESS)
Process: 25444 ExecStartPre=/usr/bin/chown mongod:mongod /var/run/mongodb (code=exited, status=0/SUCCESS)
Process: 25442 ExecStartPre=/usr/bin/mkdir -p /var/run/mongodb (code=exited, status=0/SUCCESS)
Main PID: 25468 (mongod)
CGroup: /system.slice/mongod.service
└─25468 /usr/bin/mongod -f /etc/mongod.conf
使用 MongoDB
在与 mongod 相同的主机上启动一个 mongo shell。你可以在没有任何命令行选项的情况下运行 mongo shell,以连接到默认端口为27017的本地主机上运行的 mongod
[root@localhost mongodb]# mongo 192.168.0.136:27017
MongoDB shell version v4.2.18
connecting to: mongodb://192.168.0.136:27017/test?compressors=disabled&gssapiServiceName=mongodb
2022-02-25T11:44:51.421+0800 E QUERY [js] Error: couldn't connect to server 192.168.0.136:27017, connection attempt failed: SocketException: Error connecting to 192.168.0.136:27017 :: caused by :: Connection refused :
connect@src/mongo/shell/mongo.js:353:17
@(connect):2:6
2022-02-25T11:44:51.423+0800 F - [main] exception: connect failed
2022-02-25T11:44:51.423+0800 E - [main] exiting with code 1
解决bindIp
vim /etc/mongod.conf
#修改bindIp如下
# network interfaces
net:
port: 27017
bindIp: 0.0.0.0 # Enter 0.0.0.0,:: to bind to all IPv4 and IPv6 addresses or, alternatively, use the net.bindIpAll setting.
#保存退出
重启
[root@localhost mongodb]# mongo 192.168.0.136:27017
MongoDB shell version v4.2.18
connecting to: mongodb://192.168.0.136:27017/test?compressors=disabled&gssapiServiceName=mongodb
Implicit session: session { "id" : UUID("65502cc7-5ada-44cd-82f9-98ad147b8c1b") }
MongoDB server version: 4.2.18
Server has startup warnings:
2022-02-25T11:51:31.495+0800 I CONTROL [initandlisten]
2022-02-25T11:51:31.495+0800 I CONTROL [initandlisten] ** WARNING: Access control is not enabled for the database.
2022-02-25T11:51:31.495+0800 I CONTROL [initandlisten] ** Read and write access to data and configuration is unrestricted.
2022-02-25T11:51:31.495+0800 I CONTROL [initandlisten]
2022-02-25T11:51:31.496+0800 I CONTROL [initandlisten]
2022-02-25T11:51:31.496+0800 I CONTROL [initandlisten] ** WARNING: You are running on a NUMA machine.
2022-02-25T11:51:31.496+0800 I CONTROL [initandlisten] ** We suggest launching mongod like this to avoid performance problems:
2022-02-25T11:51:31.496+0800 I CONTROL [initandlisten] ** numactl --interleave=all mongod [other options]
2022-02-25T11:51:31.497+0800 I CONTROL [initandlisten]
2022-02-25T11:51:31.497+0800 I CONTROL [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/enabled is 'always'.
2022-02-25T11:51:31.497+0800 I CONTROL [initandlisten] ** We suggest setting it to 'never'
2022-02-25T11:51:31.497+0800 I CONTROL [initandlisten]
2022-02-25T11:51:31.497+0800 I CONTROL [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/defrag is 'always'.
2022-02-25T11:51:31.497+0800 I CONTROL [initandlisten] ** We suggest setting it to 'never'
2022-02-25T11:51:31.497+0800 I CONTROL [initandlisten]
MongoDB Enterprise >
警告
** WARNING: Access control is not enabled for the database. Read and write access to data and configuration is unrestricted
MongDB增加了安全性设计,推荐用户创建使用数据库时进行验证
解决- Security Checklist. ,在点击- Enable Access Control
#执行模板
use admin
db.createUser(
{
user: "myUserAdmin",
pwd: passwordPrompt(), // or cleartext password
roles: [ { role: "userAdminAnyDatabase", db: "admin" }, "readWriteAnyDatabase" ]
}
)
#具体执行
MongoDB Enterprise > use admin
switched to db admin
MongoDB Enterprise > db.createUser(
... {
... user: "admin",
... pwd: "123456",
... roles: [ { role: "userAdminAnyDatabase", db: "admin" }, "readWriteAnyDatabase" ]
... }
... )
Successfully added user: {
"user" : "admin",
"roles" : [
{
"role" : "userAdminAnyDatabase",
"db" : "admin"
},
"readWriteAnyDatabase"
]
}
启用验证
在配置文件追加security.authorization
security:
authorization: enabled
重启
#重启
[root@localhost mongodb]# sudo systemctl restart mongod
#验证
[root@localhost mongodb]# mongo 192.168.0.136:27017
MongoDB shell version v4.2.18
connecting to: mongodb://192.168.0.136:27017/test?compressors=disabled&gssapiServiceName=mongodb
Implicit session: session { "id" : UUID("539af98a-cac8-4749-8ba0-3ab12ba7c294") }
MongoDB server version: 4.2.18
MongoDB Enterprise >
验证安全
MongoDB Enterprise > use admin
switched to db admin
MongoDB Enterprise > db.foo.insert( { x: 1, y: 1 } )
WriteCommandError({
"ok" : 0,
"errmsg" : "command insert requires authentication",
"code" : 13,
"codeName" : "Unauthorized"
})
MongoDB Enterprise > db.auth("admin", "123456")
1
MongoDB Enterprise > db.foo.insert( { x: 1, y: 1 } )
WriteResult({ "nInserted" : 1 })
MongoDB Enterprise >
