mongodb安裝4.0（rpm）

虛擬機客戶端vmware player

linux版本：CentOS Linux release 7.4.1708 (Core)

CentOS安裝類型：Basic Web Server

參照官網最新文檔描述安裝

https://docs.mongodb.com/manual/tutorial/install-mongodb-on-red-hat/

一、安裝

1、配置下載mongodb的倉庫文件

vi /etc/yum.repos.d/mongodb-org-4.0.repo

填充內容

[mongodb-org-4.0]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/4.0/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-4.0.asc

2、下載安裝包到/home/mongodb-rpm-package下

yum install --downloaddir=/home/mongodb-rpm-package/ --downloadonly mongodb-org

3、安裝

rpm -ivh /home/mongodb-rpm-package/*

4、啟動mongo

systemctl start mongod.service

5、登陸，查詢

[root@localhost ~]# mongo
MongoDB shell version v4.0.6
connecting to: mongodb://127.0.0.1:27017/?gssapiServiceName=mongodb
Implicit session: session { "id" : UUID("b2bdeeaa-dbcc-4cd2-a12c-681c6e10d83b") }
MongoDB server version: 4.0.6
Welcome to the MongoDB shell.
For interactive help, type "help".
For more comprehensive documentation, see
    http://docs.mongodb.org/
Questions? Try the support group
    http://groups.google.com/group/mongodb-user
Server has startup warnings: 
2019-02-23T11:05:19.118+0800 I CONTROL  [initandlisten] 
2019-02-23T11:05:19.118+0800 I CONTROL  [initandlisten] ** WARNING: Access control is not enabled for the database.
2019-02-23T11:05:19.118+0800 I CONTROL  [initandlisten] **          Read and write access to data and configuration is unrestricted.
2019-02-23T11:05:19.118+0800 I CONTROL  [initandlisten] 
2019-02-23T11:05:19.118+0800 I CONTROL  [initandlisten] 
2019-02-23T11:05:19.118+0800 I CONTROL  [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/enabled is 'always'.
2019-02-23T11:05:19.118+0800 I CONTROL  [initandlisten] **        We suggest setting it to 'never'
2019-02-23T11:05:19.119+0800 I CONTROL  [initandlisten] 
2019-02-23T11:05:19.119+0800 I CONTROL  [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/defrag is 'always'.
2019-02-23T11:05:19.119+0800 I CONTROL  [initandlisten] **        We suggest setting it to 'never'
2019-02-23T11:05:19.119+0800 I CONTROL  [initandlisten] 
---
Enable MongoDB's free cloud-based monitoring service, which will then receive and display
metrics about your deployment (disk utilization, CPU, operation statistics, etc).

The monitoring data will be available on a MongoDB website with a unique URL accessible to you
and anyone you share the URL with. MongoDB may use this information to make product
improvements and to suggest MongoDB products and deployment options to you.

To enable free monitoring, run the following command: db.enableFreeMonitoring()
To permanently disable this reminder, run the following command: db.disableFreeMonitoring()
---

> show dbs
admin   0.000GB
config  0.000GB
local   0.000GB
>

可以看到，mongodb默認有三個db，分別為admin，config，local

到此，通過默認安裝方式已經完成，

二、修改配置

通過默認安裝，mongodb不允許遠程登陸，也沒有訪問控制，默認mongodb的日志和db路徑分別被放到了/var/log/mongodb/和/var/lib/mongo下（如果需要，則自定義日志和db路徑）

1、停止mongod

systemctl stop mongod.service

2、配置訪問控制

Security – Role-Based Access Control中對訪問控制有明確描述，我們通過在配置文件中添加security.authorization參數進行訪問控制，該值默認為disabled

vim /etc/mongod.conf

添加如下配置

3、配置mongodb日志和db路徑

新建mongodb日志和db路徑（PS:最初將db和log放入/home/mongodb下，但使用開機服務一直都無法啟動mongodb，建議自定義log和db時不要使用上述路徑）

mkdir -p /home/mongodb-home/log
mkdir -p /home/mongodb-home/db
chown -R mongod:mongod /home/mongodb-home

vim /etc/mongod.conf

修改配置

systemLog.path修改為/home/mongodb-home/mongod.log

storage.dbPath修改為/home/mongodb-home/db

移動數據庫

mv /var/lib/mongo/* /home/mongodb-home/db/

5、配置遠程訪問

vim /etc/mongod.conf

bindIp修改為0.0.0.0，即允許所有的ip地址訪問

5、其他配置修改

如需其他配置修改，可參考該官方文檔

https://docs.mongodb.com/manual/reference/configuration-options/

6、啟動mongodb實例

systemctl start mongod.service

正常登陸，但此時show dbs已經不能查詢出數據庫

PS：

如果沒有使用默認的mongodb安裝路徑或者端口，並且SELinux是enforceing模式，則需要配置下SELinux，否則將不能夠正常訪問mongodb，最簡單的方式就是配置/etc/selinux/config中SELINUX=disabled

本例中虛擬機安裝完成之后，該模式已經為disabled，所以並未影響使用

三、初始化超級用戶

1、可以通過mongo登陸后，執行如下命令

use admin
db.createUser(
         {
                 user: "root",
                 pwd: "mongo",
                 roles: [ { role: "root", db: "admin" } ]
   }
 )

2、將以上命令放入js文件執行,如js名稱為initUser.js，或者直接在客戶端執行

cat ./initUser.js | mongo --shell

 3、也可以直接使用mongo 文件名執行js腳本

 

4、測試（登陸並查詢數據庫）

mongo -u root -p mongo

[root@localhost work]# mongo -u root -p mongo
MongoDB shell version v4.0.6
connecting to: mongodb://127.0.0.1:27017/?gssapiServiceName=mongodb
Implicit session: session { "id" : UUID("1fcc117d-5c26-448d-9363-ad1bcadf3e93") }
MongoDB server version: 4.0.6
Server has startup warnings: 
2019-02-24T09:37:46.920+0800 I CONTROL  [initandlisten] 
2019-02-24T09:37:46.920+0800 I CONTROL  [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/enabled is 'always'.
2019-02-24T09:37:46.920+0800 I CONTROL  [initandlisten] **        We suggest setting it to 'never'
2019-02-24T09:37:46.921+0800 I CONTROL  [initandlisten] 
2019-02-24T09:37:46.921+0800 I CONTROL  [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/defrag is 'always'.
2019-02-24T09:37:46.921+0800 I CONTROL  [initandlisten] **        We suggest setting it to 'never'
2019-02-24T09:37:46.921+0800 I CONTROL  [initandlisten] 
---
Enable MongoDB's free cloud-based monitoring service, which will then receive and display
metrics about your deployment (disk utilization, CPU, operation statistics, etc).

The monitoring data will be available on a MongoDB website with a unique URL accessible to you
and anyone you share the URL with. MongoDB may use this information to make product
improvements and to suggest MongoDB products and deployment options to you.

To enable free monitoring, run the following command: db.enableFreeMonitoring()
To permanently disable this reminder, run the following command: db.disableFreeMonitoring()
---

> show dbs
admin   0.000GB
config  0.000GB
local   0.000GB
> 

正常

 

PS:

   1、需要注意的是，一旦設置了訪問控制，即將配置文件中security.authorization設置為enabled，則mongo會提供一個localhost exception以便用於創建第一個用戶，當然，也可以在設置訪問控制前新建用戶，但是必須要有一個具有超級權限的用戶

   2、Security -- Authentication中有一段描述需要關注下

    

   3、root角色具有最大權限，一下為內置用戶角色

     https://docs.mongodb.com/manual/reference/built-in-roles/

四、腳本安裝

將以上步驟整合成shell腳本安裝mongodb

提前獲取到mongod.conf，將所需參數進行修改，拷貝到默認路徑/etc下，mongodb安裝時會根據該配置配置數據庫，日志等信息

mongod.conf

# mongod.conf

# for documentation of all options, see:
#   http://docs.mongodb.org/manual/reference/configuration-options/

# where to write logging data.
systemLog:
  destination: file
  logAppend: true
  path: /home/mongodb-home/log/mongod.log

# Where and how to store data.
storage:
  dbPath: /home/mongodb-home/db
  journal:
    enabled: true
#  engine:
#  mmapv1:
#  wiredTiger:

# how the process runs
processManagement:
  fork: true  # fork and run in background
  pidFilePath: /var/run/mongodb/mongod.pid  # location of pidfile
  timeZoneInfo: /usr/share/zoneinfo

# network interfaces
net:
  port: 27017
  bindIp: 0.0.0.0  # Enter 0.0.0.0,:: to bind to all IPv4 and IPv6 addresses or, alternatively, use the net.bindIpAll setting.


#security:

#operationProfiling:

#replication:

#sharding:

## Enterprise-Only Options

#auditLog:

#snmp:

腳本installMongo.sh

#!/bin/bash

nowpath=$(cd "$(dirname "$0")";pwd)

## 設置SENLINUX Mode為disabled
setenforce 0
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config

## 將已經修改后的配置文件拷貝到/etc/下,mongodb啟動后將會根據該配置文件安裝數據庫等操作
cp ./mongod.conf /etc/
## 安裝
rpm -ivh ./mongodb-rpm-package/*

## 新建mongodb日志和數據庫地址路徑，並設置其組合用戶為mongod
mkdir -p /home/mongodb-home/log
mkdir -p /home/mongodb-home/db
chown -R mongod:mongod /home/mongodb-home

## 啟動mongodb
systemctl start mongod

## 初始化用戶
cat ./initUser.js | mongo --shell

五、卸載mongo

mongodb的卸載很簡單

1、停止服務

2、執行如下卸載命令

sudo yum erase $(rpm -qa | grep mongodb-org)

3、刪除日志和db文件，對應/etc/mongod.conf中的systemLog.path和storage.dbPath路徑