install mongodb

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
cat /etc/yum.repos.d/mongodb.repo
[mongodb]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/9Server/mongodb-org/6.0/x86_64/
gpgcheck=0
enabled=1

sudo dnf install mongodb-org mongodb-org-server

sudo systemctl enable mongod.service
sudo systemctl start mongod.service

edit config

1
2
3
4
5
6
7
8
9
vim /etc/mongod.conf
systemctl restart mongod

# enable internal connection
bindIp: 0.0.0.0

# enable auth
security:
  authorization: enabled

add users

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
$ mongo
> use admin
> db.createUser({user:"admin",pwd:"123456",roles:["root"]})
> db.system.users.find()
> db.auth("admin", "123456")

> use net
> db.createUser({user:"root",pwd:"123456",roles:[{role:"dbOwner",db:"net"}]})
> use admin
> db.system.users.find()
> use net
> db.dropUser("root")

> use test
> db.createUser({user:"test",pwd:"test",roles:[{role:"readWrite",db:"test"}]})

$ cat /etc/mongod.conf
security:
  authorization: enabled

> exit

Reference: Enable Access Control

Change permission

1
2
3
4
5
6
7
8
9
$ mongo
> use admin
> db.auth('admin', 'password')
> use test
> db.updateUser('user_name', { roles : [{ role : 'readWrite',  db : 'test'}]})

> use admin
> db.system.users.find()

Install MongoDB Charts

  1. Install mongodb and start the service
  2. Get Charts Docker compose file from MongoDB Download Center
1
2
3
mkdir mongodb-charts
cd mongodb-charts
wget https://webassets.mongodb.com/com-download-center/charts/charts-docker-swarm-19.09.yml
  1. Install docker
1
2
3
4
5
dnf -y install docker
# disable --live-restore for swarm mode
sed -i '/--live-restore/d' /etc/sysconfig/docker
systemctl start docker
systemctl enable docker
  1. Add user to docker group
1
2
3
4
5
sudo groupadd docker
sudo usermod -aG docker $USER
sudo systemctl restart docker
sudo grubby --update-kernel=ALL --args="systemd.unified_cgroup_hierarchy=0"
sudo reboot
  1. Start config mongodb chart
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
docker swarm init
docker pull quay.io/mongodb/charts:19.12.1

# disable Feedback and Support widget
# CHARTS_SUPPORT_WIDGET_AND_METRICS: "off"
vim charts-docker-swarm-19.12.1.yml

# Check connection, make sure selinux, firewalld and iptables are stopped, mongod config enable global connection
docker run --rm quay.io/mongodb/charts:19.12.1 charts-cli test-connection 'mongodb://<user>:<pass>@172.17.0.1'

echo "mongodb://172.17.0.1" | docker secret create charts-mongodb-uri -
# rnv18mrmt13b1cqoy5sqvdu7n


docker stack deploy -c charts-docker-swarm-19.12.1.yml mongodb-charts
docker service ls

# Add user
docker exec -it \
  $(docker container ls --filter name=_charts -q) \
  charts-cli add-user --first-name "<First>" --last-name "<Last>" \
  --email "<user@example.com>" --password "<Password>" \
  --role "<UserAdmin|User>"

# Connect data source
mongodb://<user>:<pass>@172.17.0.1/<db_name>

DB Migrate (do not use admin)

$ mongodump -h dbhost -d dbname -u -p -o dbdirectory $ mongodump -h localhost:27017 -d test -o /tmp/ $ mongodump -u -p –authenticationMechanism=SCRAM-SHA-256 –gzip -d test -o /tmp/

$ mongorestore -h <:port> -d dbname $ mongorestore -h 111.231.84.43:27017 -d test /tmp/back.db

issues

Q: docker: Error response from daemon: OCI runtime create failed: this version of runc doesn’t work on cgroups v2: unknown. A: This is because the cgroup version on fedora is too high, we need to downgrade to small version by

1
2
dnf install -y grubby
grubby --update-kernel=ALL --args="systemd.unified_cgroup_hierarchy=0"