Overview

• MongoDB is a document-oriented database
• Shines with document-based design. Supporting sub-documents as values instead of the usual data types, it can be perfect for retrieving a record and a sub-detail or list of records in one query.

 

Prerequisites

• Operating System: Ubuntu 18
  • For production environments use from the following : Amazon Linux, Debian 8, RHEL / CentOS 6.2 +, SLES, Ubuntu LTS 16.04 and Windows Server 2012 R2
• Command Line Interface or Terminal

 

Installation

01. Open a terminal window

 

02. Check if MongoDB is already installed. Execute the following to determine.

$ mongo

# and

$ mongod

 

It should show some suggestion on how to install MongoDB.

 

03. At the CLI, import the public key used by the package management system. This will install an official version of MongoDB.

$ sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 9DA31620334BD75D9DCB49F368818C72E52529D4

 

04. Create a list file for MongoDB

$ echo "deb [ arch=amd64 ] https://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/4.0 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-4.0.list

 

05. Reload local package database.

$ sudo apt update

 

06. Install the MongoDB packages.

$ sudo apt install mongodb-org -y

 

07. Check the version. If the version is returned, this means that MongoDB has been installed correctly.

$ mongod --version

# or

$ mongo --version

 

08. Configure MongoDB to start on system boot.

$ sudo systemctl enable mongod.service

 

09. Connect to the Mongo shell.

$ mongo

 

If you are unable to connect to the mongo shell. Try restarting the mongod service.

$ sudo service mongod restart

 

Changing the MongoDB Port

Changing the default port of MongoDB provides a first line of defense against unwanted intruders. While it isn’t a sure-way for deferring against bots that sweep through ports that tries to access database, it prevents them trying to access the database using the default port. For security it is better to enable other mechanisms such as creating database users that have specific roles and access to database with credentials.

01. Edit the MongoDB configuration file

$ sudo nano /etc/mongod.conf

 

02. While on the nano interface, press Ctrl+W (or command for Mac)  to search for the text, network interfaces. Then press Enter.

In this example change the port to 29999. After changing the port, Press Ctrl+O (or command for Mac), then Enter. Ctrl+X to exit the nano editor.

 

03. Restart MongoDB service to apply the changes

$ sudo service mongod restart

 

04. After restart, you cannot connect to the MongoDB using the default mongod command. Instead you have to identify the port.

$ mongo --port 29999

 

Adding Security and Authentication

While for development purpose the current setup will suffice. But for production it is recommended to enable authentication and add user with password for security.

01. Edit the MongoDB configuration file

$ sudo nano /etc/mongod.conf

 

02. While on the nano interface, press Ctrl+W (or command for Mac)  to search for the text, “security”. Then press Enter.

 

03. Add the following lines after the #security comment.

# security:
security:
  authorization: enabled

 

04. Restart the MongoDB service.

$ sudo service mongod restart

 

05. Access the MongoDB shell

$ mongo

# or if port has been changed

$ mongo --port

 

06. Switch to the admin database

> use admin

 

07. Create a Root user account. On the MongoDB shell, execute the following. Replace the dotlah and dotlah-password with your preferred credentials.

Note that roles here should be configured as needed. In this example, we are using the root role. For the list of roles see the following link : https://docs.mongodb.com/manual/reference/built-in-roles/

db.createUser(
  {
    user: "dotlah",
    pwd: "dotlah-password",
    roles: [ 
      { role: "root", db: "admin" } 
    ]
  }
)

It should show something similar. This shows that the user has been added.

 

08. Restart the MongoDB instance with access control

> db.adminCommand({shutdown:1})

 

09. Exit from the MongoDB shell.

> exit

 

10. Test the new user by using the following authentication command.

$ mongo --port 27017 --username dotlah --password dotlah-password --authenticationDatabase admin

 

Appendix

01. Start MongoDB service

$ sudo service mongod start

 

02. Restart MongoDB service

$ sudo service mongod restart

 

03. Stop MongoDB service

$ sudo service mongod stop

 

References

For production deployment see the following resource

— https://docs.mongodb.com/manual/administration/production-notes