How to Install and Secure MongoDB 3.6 on Ubuntu 17.10

in #mongodb7 years ago

This tutorial guides you through the installation of MongoDB. MongoDB is an open-source document database (NoSQL) that provides high performance and is commonly used for scalable web applications.

We will assume that you already setup a user with superuser permission. If you haven’t, check out my other tutorial. Use this user going forward.

1. Import the public key used by the package management system

The Ubuntu package management tools (i.e. dpkg and apt) ensure package consistency and authenticity by requiring that distributors sign packages with GPG keys.

Issue the following command to import the MongoDB public GPG Key:

$ sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 2930ADAE8CAF5059EE73BB4B58712A2291FA4AD5

2. Create a list file for MongoDB

Create the /etc/apt/sources.list.d/mongodb-org-3.6.list list file using the command appropriate for Ubuntu 17.10:

$ echo "deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu xenial/mongodb-org/3.6 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-3.6.list

3. Reload local package database and install MongoDB

Reload the local package database with this command:

$ sudo apt-get update

Then install MongoDB:

$ sudo apt-get install -y mongodb-org

4. Verify that MongoDB runs and starts at system reboot

Next, start MongoDB with systemctl.

$ sudo systemctl start mongod

You can also use systemctl to check that the service has started properly.

$ sudo systemctl status mongod

The output is likely going to look something like this:

 mongod.service - High-performance, schema-free document-oriented database
   Loaded: loaded (/lib/systemd/system/mongod.service; disabled; vendor preset: enabled)
   Active: active (running) since Sat 2018-01-06 09:33:09 UTC; 1min 31s ago
     Docs: https://docs.mongodb.org/manual
 Main PID: 16479 (mongod)
    Tasks: 23
   Memory: 68.8M
      CPU: 393ms
   CGroup: /system.slice/mongod.service
           └─16479 /usr/bin/mongod --config /etc/mongod.conf

If the previous status check command runs into any errors, check if mongod.service exists in the system’s services directory by using ls /lib/systemd/system

The last step of the installation process is to enable the automatic launch of MongoDB when the system starts.

$ sudo systemctl enable mongod

The MongoDB server is now installed and running. You can manage the MongoDB service using the systemctl commands. For example sudo systemctl mongod stop to stop the service or sudo systemctl mongod start to start it again.

5. Create a new MongoDB admin user

If you were to run the mongo command in the terminal, you will most likely notice a warning looking something like this:

20180106T09:33:09.397+0000 I CONTROL [initandlisten] ** WARNING: Access control is not enabled for the database.
20180106T09:33:09.397+0000 I CONTROL [initandlisten] ** Read and write access to data and configuration is unrestricted.

We will now create a new MongoDB admin user to rectify the situation. If not already done, connect to your MongoDB again using the mongo command and after the > sign, add these queries (replace the user and pwd values with your own):

use admin
db.createUser({
  user: "matt",
  pwd: "yourPassword",
  roles: [{ role: "dbAdminAnyDatabase", db: "admin" }]
})

This switches to the admin database and creates a new user with dbAdminAnyDatabase role therein. Find out more about this role in the official MongoDB documentation.

Optionally, you may want to give the user root permission. You can do so using the root role by replacing dbAdminAnyDatabase with root in the above query.

6. Secure database access control on MongoDB

To remove the aforementioned warning message, we will now modify the MongoDB configuration slightly. Edit the mongod.conf with this command:

$ sudo nano /etc/mongod.conf

Below the #security comment, add the following lines:

security:
  authorization: "enabled"

Then restart the MongoDB service:

$ sudo service mongod restart

Now your database is secured with username and password and the warning message should have disappeared upon your next connection to MongoDB. Try to connect to your database using the new user we created earlier. Replace with your login credentials, but leave the quotation marks intact:

$ mongo -u “matt” -p “yourPassword” --authenticationDatabase “admin”

Congratulations! You have now installed and secured your MongoDB service.

#devops #database #installation #ubuntu
7 years ago in #mongodb by
$0.08
  • Past Payouts $0.08
  • - Author $0.08
  • - Curators $0.00
5 votes
Reply 3
Sort:  
  • Trending
    • [-]
     7 years ago  

    @matthagemann, let me be the first to welcome you to Steemit! Congratulations on making your first post!

    I gave you a $.05 vote!

    Would you be so kind as to follow me back in return?

    $0.07
    • Past Payouts $0.07
    • - Author $0.07
    • - Curators $0.00
    1 vote
    Reply
    [-]
     7 years ago  

    Hi! I am a robot. I just upvoted you! I found similar content that readers might be interested in:
    https://medium.com/gatemill/how-to-install-mongodb-3-6-on-ubuntu-17-10-ac0bc225e648

    $0.00
      Reply
      [-]
       6 years ago  

      Congratulations @matthagemann! You received a personal award!

      Happy Birthday! - You are on the Steem blockchain for 1 year!

      You can view your badges on your Steem Board and compare to others on the Steem Ranking

      Vote for @Steemitboard as a witness to get one more award and increased upvotes!
      $0.00
        Reply