Difference between revisions of "MongoDB"

From SME Server
Jump to navigationJump to search
 
(27 intermediate revisions by 3 users not shown)
Line 1: Line 1:
== How to install MongoDB 4.0 ==
+
==How to install MongoDB==
  
=== Install Official Repository ===
+
{{Note box| Manual configuration required}}
db yum_repositories set mongodb repository \
+
 
                BaseURL https://repo.mongodb.org/yum/redhat/\$releasever/mongodb-org/4.0/x86_64/ \
+
MongoDB 5.0+ requires the AVX CPU instruction set
                EnableGroups no \
+
 
                GPGCheck yes \
+
lscpu |grep avx
                Name "MongoDB" \
+
 
                GPGKkey https://www.mongodb.org/static/pgp/server-4.0.asc \
+
===Install Official Repository===
                Visible no \
+
 
                status disabled
+
Use ExtraRepositories from here
 +
 
 +
https://wiki.koozali.org/Extrarepositories
 +
 
 +
Note that versions are available from 4.0/1/2/3/4 -> 5.0 -> 6.0
 +
 
 +
Please check which versions are deprecated - they should not be used.
 +
 
 +
https://www.mongodb.com/support-policy/lifecycles
 +
 
 +
As of July 2022 the oldest supported version is 4.2 until April 2023
 +
 
 +
yum install smeserver-extrarepositories-mongodb
  
 
  signal-event yum-modify
 
  signal-event yum-modify
  
  yum install mongodb-org --enablerepo=mongodb
+
Install your chosen version:
 +
 
 +
  yum --enablerepo=mongodb4.2 install mongodb-org
  
 
If refuses to install because of no GPG Key you can change '''GPGCheck''' above from '''Yes''' to '''No''' and try '''yum install...'''  again or
 
If refuses to install because of no GPG Key you can change '''GPGCheck''' above from '''Yes''' to '''No''' and try '''yum install...'''  again or
Line 21: Line 35:
 
Or
 
Or
  
yum install mongodb-org --enablerepo=mongodb --nogpgcheck
+
  yum --enablerepo=mongodb4.2 install mongodb-org --nogpgcheck
 +
 
 +
===Starting Mongo===
 +
 
 +
{{Warning box|Please check additional notes below before trying this section}}
 +
{{Warning box| Complete work in progress - here be Dragons!}}
 +
 
 +
We need a db config entry for SME to recognise it:
 +
 
 +
config set mongod service status enabled access private
 +
 
 +
We will need a file
 +
 
 +
mkdir -p /usr/lib/systemd/system/mongod.service.d
 +
 
 +
nano /usr/lib/systemd/system/mongod.service.d/50koozali.conf
 +
 
 +
Something like:
 +
 
 +
[Unit]
 +
After=network.target network.service wan.service
 +
[Install]
 +
WantedBy=sme-server.target
 +
 
 +
===Configuration File===
 +
 
 +
Minimal config I use for Rocket.Chat
 +
 
 +
<nowiki>grep '^[[:blank:]]*[^[:blank:]#;]' /etc/mongod.conf</nowiki>
 +
 
 +
systemLog:
 +
  verbosity: 0
 +
  destination: file
 +
  logAppend: true
 +
  path: /var/log/mongodb/mongod.log
 +
storage:
 +
  dbPath: /var/lib/mongo
 +
  journal:
 +
    enabled: true
 +
processManagement:
 +
  fork: true  # fork and run in background
 +
  pidFilePath: /var/run/mongodb/mongod.pid  # location of pidfile
 +
  timeZoneInfo: /usr/share/zoneinfo
 +
net:
 +
  port: 27017
 +
  bindIp: 127.0.0.1  # Enter 0.0.0.0,:: to bind to all IPv4 and IPv6 addresses or, alternatively, use the net.bindIpAll setting.
 +
# Enable replication for Rocket.Chat
 +
replication:
 +
  replSetName: rs0
 +
 
 +
 
 +
Once started you need to initialise the replicaset. Make sure to exit from the mongo instance and run from the cli:
 +
 
 +
mongo --eval "printjson(rs.initiate())"
 +
 
 +
You should now have a working mongoDB good enough to use with Rocket.Chat
 +
 
 +
 
 +
===Other settings===
 +
 
 +
nano /etc/security/limits.conf
 +
 
 +
These settings are automatically added during installation
 +
 
 +
@mongod      soft        nproc      unlimited
 +
@mongod      hard      nproc        unlimited
 +
@mongod      soft      nofile      64000
 +
@mongod      hard      nofile      64000
 +
 
 +
Adding a user
 +
 
 +
https://www.linode.com/docs/guides/install-mongodb-on-centos-7/
 +
 
 +
use admin
 +
 +
db.createUser(
 +
  {
 +
    user: "admin",
 +
    pwd: "admin123",
 +
    roles: [ { role: "userAdminAnyDatabase", db: "admin" } ]
 +
  }
 +
)
 +
 
 +
show users
 +
 
 +
We can then set Mongo to force authentication when connecting.
 +
 
 +
nano /usr/lib/systemd/system/mongod.service.d/50koozali.conf
 +
 
 +
Add:
 +
 
 +
[Service]
 +
Environment="OPTIONS=--auth -f /etc/mongod.conf"
 +
 
 +
Restart Mongo
 +
 
 +
systemctl restart mongod
 +
 
 +
You should now need a password to login.
 +
 
 +
===Templating mongod.conf===
 +
 
 +
This is possible but we need to create a new file so we do not overwrite the original - otherwise yum/rpm will complain.
 +
 
 +
Something like /etc/mongod/mongod.conf
 +
 
 +
Template fragments in
 +
 
 +
/etc/e-smith/templates/etc/mongod/mongod.conf
 +
 
 +
We can then amend the systemd overrride
 +
 
 +
nano /usr/lib/systemd/system/mongod.service.d/50koozali.conf
 +
 
 +
Add this:
 +
 
 +
[Service]
 +
Environment="OPTIONS=-f /etc/mongod/mongod.conf"
 +
 
 +
===Dump and restore===
 +
 
 +
Samples - YMMV.
 +
 
 +
Quick little script to dump the Rocket.Chat collection:
 +
 
 +
#!bin/bash
 +
echo "Dump with Users/Roles"
 +
mongodump --dumpDbUsersAndRoles -d rocketchat -o /root/backup/rocketchatmongo
 +
echo "dump all"
 +
mongodump -d rocketchat -o /root/backup/rocketchatmongo-all
 +
 
 +
 
 +
{{Warning box| Do not restore between versions!!}}
 +
 
 +
If you export from a version eg 4.0 then restore to that version. Do not try and restore 4.0 to 4.2 or higher.
 +
 
 +
Then change your repo, and then upgrade mongo.
 +
 
 +
To restore:
 +
 
 +
mongorestore /root/backup/rocketchatmongo-all
 +
 
 +
===Backup with system===
 +
 
 +
With credit to Daniel Berteaud
 +
 
 +
Action script to dump the mongo DB on pre-backup event
 +
 
 +
mkdir -p /home/e-smith/db/mongo
 +
 
 +
cat <<_EOF > /etc/e-smith/events/actions/mongodb-dump
 +
#!/bin/bash -e
 +
/usr/bin/mongodump --quiet --out /home/e-smith/db/mongo/
 +
_EOF
 +
 
 +
chmod +x /etc/e-smith/events/actions/mongodb-dump
 +
cd /etc/e-smith/events/pre-backup
 +
ln -s ../actions/mongodb-dump ./S60mongodb-dump
 +
 
 +
===Vaporise or reinitialise the database===
  
===Start Mongo===
+
{{Warning box| This will totally and utterly vaporise your data. Got a backup?? You have been warned}}
/etc/init.d/mongod start
 
  
Add the symlinks to start automatically:
+
Remove the directory contents:
  
  ln -s /etc/init.d/mongod /etc/rc.d/rc6.d/K03mongodb
+
  rm -rf /var/lib/mongo/*
ln -s /etc/init.d/mongod /etc/rc.d/rc7.d/S57mongodb
 
  
Optional: create symlink to use mongo or mongodb as service name
+
Or remove the entire directory and recreate it with the correct ownership:
  
  ln /etc/init.d/mongod /etc/init.d/mongodb
+
  rm -rf /var/lib/mongo
 +
mkdir -p /var/lib/mongo
 +
chown -R mongod:mongod /var/lib/mongo
  
To ensure everything is all right:
+
If you have a replicaset set in /etc/mongod.conf make sure you initiate it:
  
  signal-event post-upgrade
+
  mongo --eval "printjson(rs.initiate())"
signal-event reboot
 
  
 
----
 
----
 
[[Category:Howto]]
 
[[Category:Howto]]
 
[[Category:Administration]]
 
[[Category:Administration]]
 +
[[Category:Database]]

Latest revision as of 16:57, 26 July 2023

How to install MongoDB

Important.png Note:
Manual configuration required


MongoDB 5.0+ requires the AVX CPU instruction set

lscpu |grep avx

Install Official Repository

Use ExtraRepositories from here

https://wiki.koozali.org/Extrarepositories

Note that versions are available from 4.0/1/2/3/4 -> 5.0 -> 6.0

Please check which versions are deprecated - they should not be used.

https://www.mongodb.com/support-policy/lifecycles

As of July 2022 the oldest supported version is 4.2 until April 2023

yum install smeserver-extrarepositories-mongodb
signal-event yum-modify

Install your chosen version:

yum --enablerepo=mongodb4.2 install mongodb-org 

If refuses to install because of no GPG Key you can change GPGCheck above from Yes to No and try yum install... again or

rpm --import https://www.mongodb.org/static/pgp/server-4.0.asc

Or

 yum --enablerepo=mongodb4.2 install mongodb-org --nogpgcheck

Starting Mongo

Warning.png Warning:
Please check additional notes below before trying this section


Warning.png Warning:
Complete work in progress - here be Dragons!


We need a db config entry for SME to recognise it:

config set mongod service status enabled access private

We will need a file

mkdir -p /usr/lib/systemd/system/mongod.service.d
nano /usr/lib/systemd/system/mongod.service.d/50koozali.conf

Something like:

[Unit]
After=network.target network.service wan.service
[Install]
WantedBy=sme-server.target

Configuration File

Minimal config I use for Rocket.Chat

grep '^[[:blank:]]*[^[:blank:]#;]' /etc/mongod.conf
systemLog:
 verbosity: 0
 destination: file
 logAppend: true
 path: /var/log/mongodb/mongod.log
storage:
 dbPath: /var/lib/mongo
 journal:
   enabled: true
processManagement:
 fork: true  # fork and run in background
 pidFilePath: /var/run/mongodb/mongod.pid  # location of pidfile
 timeZoneInfo: /usr/share/zoneinfo
net:
 port: 27017
 bindIp: 127.0.0.1  # Enter 0.0.0.0,:: to bind to all IPv4 and IPv6 addresses or, alternatively, use the net.bindIpAll setting.
  1. Enable replication for Rocket.Chat
replication:
 replSetName: rs0


Once started you need to initialise the replicaset. Make sure to exit from the mongo instance and run from the cli:

mongo --eval "printjson(rs.initiate())"

You should now have a working mongoDB good enough to use with Rocket.Chat


Other settings

nano /etc/security/limits.conf

These settings are automatically added during installation

@mongod       soft        nproc      unlimited
@mongod       hard      nproc        unlimited
@mongod       soft       nofile      64000
@mongod       hard      nofile      64000

Adding a user

https://www.linode.com/docs/guides/install-mongodb-on-centos-7/

use admin

db.createUser(
 {
   user: "admin",
   pwd: "admin123",
   roles: [ { role: "userAdminAnyDatabase", db: "admin" } ]
 }
)
show users

We can then set Mongo to force authentication when connecting.

nano /usr/lib/systemd/system/mongod.service.d/50koozali.conf

Add:

[Service]
Environment="OPTIONS=--auth -f /etc/mongod.conf"

Restart Mongo

systemctl restart mongod 

You should now need a password to login.

Templating mongod.conf

This is possible but we need to create a new file so we do not overwrite the original - otherwise yum/rpm will complain.

Something like /etc/mongod/mongod.conf

Template fragments in

/etc/e-smith/templates/etc/mongod/mongod.conf

We can then amend the systemd overrride

nano /usr/lib/systemd/system/mongod.service.d/50koozali.conf

Add this:

[Service]
Environment="OPTIONS=-f /etc/mongod/mongod.conf"

Dump and restore

Samples - YMMV.

Quick little script to dump the Rocket.Chat collection:

#!bin/bash
echo "Dump with Users/Roles"
mongodump --dumpDbUsersAndRoles -d rocketchat -o /root/backup/rocketchatmongo
echo "dump all"
mongodump -d rocketchat -o /root/backup/rocketchatmongo-all


Warning.png Warning:
Do not restore between versions!!


If you export from a version eg 4.0 then restore to that version. Do not try and restore 4.0 to 4.2 or higher.

Then change your repo, and then upgrade mongo.

To restore:

mongorestore /root/backup/rocketchatmongo-all

Backup with system

With credit to Daniel Berteaud

Action script to dump the mongo DB on pre-backup event

mkdir -p /home/e-smith/db/mongo
cat <<_EOF > /etc/e-smith/events/actions/mongodb-dump
#!/bin/bash -e
/usr/bin/mongodump --quiet --out /home/e-smith/db/mongo/
_EOF
chmod +x /etc/e-smith/events/actions/mongodb-dump
cd /etc/e-smith/events/pre-backup
ln -s ../actions/mongodb-dump ./S60mongodb-dump

Vaporise or reinitialise the database

Warning.png Warning:
This will totally and utterly vaporise your data. Got a backup?? You have been warned


Remove the directory contents:

rm -rf /var/lib/mongo/*

Or remove the entire directory and recreate it with the correct ownership:

rm -rf /var/lib/mongo
mkdir -p /var/lib/mongo
chown -R mongod:mongod /var/lib/mongo

If you have a replicaset set in /etc/mongod.conf make sure you initiate it:

mongo --eval "printjson(rs.initiate())"