Difference between revisions of "MongoDB"

From SME Server
Jump to navigationJump to search
 
(18 intermediate revisions by 3 users not shown)
Line 1: Line 1:
==How to install MongoDB 4.0==
+
==How to install MongoDB==
  
{{Note box| All info is based on SME Server 9 only but I have just started to test on v10 - see notes below}}
+
{{Note box| Manual configuration required}}
 +
 
 +
MongoDB 5.0+ requires the AVX CPU instruction set
 +
 
 +
lscpu |grep avx
  
 
===Install Official Repository===
 
===Install Official Repository===
  
This should work for every version of Koozali SME
+
Use ExtraRepositories from here
 +
 
 +
https://wiki.koozali.org/Extrarepositories
 +
 
 +
Note that versions are available from 4.0/1/2/3/4 -> 5.0 -> 6.0
  
You may need to change the mongodb version as required
+
Please check which versions are deprecated - they should not be used.
  
db yum_repositories set mongodb repository \
+
https://www.mongodb.com/support-policy/lifecycles
                BaseURL https://repo.mongodb.org/yum/redhat/\$releasever/mongodb-org/4.0/\$basearch/ \
+
 
                EnableGroups no \
+
As of July 2022 the oldest supported version is 4.2 until April 2023
                GPGCheck yes \
+
 
                Name "MongoDB" \
+
yum install smeserver-extrarepositories-mongodb
                GPGKkey https://www.mongodb.org/static/pgp/server-4.0.asc \
 
                Visible no \
 
                status disabled
 
  
 
  signal-event yum-modify
 
  signal-event yum-modify
  
  yum install mongodb-org --enablerepo=mongodb
+
Install your chosen version:
 +
 
 +
  yum --enablerepo=mongodb4.2 install mongodb-org
  
 
If refuses to install because of no GPG Key you can change '''GPGCheck''' above from '''Yes''' to '''No''' and try '''yum install...'''  again or
 
If refuses to install because of no GPG Key you can change '''GPGCheck''' above from '''Yes''' to '''No''' and try '''yum install...'''  again or
Line 28: Line 35:
 
Or
 
Or
  
yum install mongodb-org --enablerepo=mongodb --nogpgcheck
+
  yum --enablerepo=mongodb4.2 install mongodb-org --nogpgcheck
  
===Start Mongo===
+
===Starting Mongo===
  
 
{{Warning box|Please check additional notes below before trying this section}}
 
{{Warning box|Please check additional notes below before trying this section}}
 +
{{Warning box| Complete work in progress - here be Dragons!}}
  
{{Note box|If you start mongo like this you will run mongo as root.
+
We need a db config entry for SME to recognise it:
When mongo later tries to start automatically it may fail because it will be started as the mongod user and won't be able to access the DB files.}}
 
  
  /etc/init.d/mongod start
+
  config set mongod service status enabled access private
  
Add the symlinks to start automatically:
+
We will need a file
  
  ln -s /etc/init.d/mongod /etc/rc.d/rc6.d/K03mongodb
+
  mkdir -p /usr/lib/systemd/system/mongod.service.d
ln -s /etc/init.d/mongod /etc/rc.d/rc7.d/S57mongodb
 
  
Optional: create symlink to use mongo or mongodb as service name
+
nano /usr/lib/systemd/system/mongod.service.d/50koozali.conf
  
ln /etc/init.d/mongod /etc/init.d/mongodb
+
Something like:
  
To ensure everything is all right:
+
[Unit]
 +
After=network.target network.service wan.service
 +
[Install]
 +
WantedBy=sme-server.target
  
signal-event post-upgrade
+
===Configuration File===
signal-event reboot
 
  
===Additional Notes===
+
Minimal config I use for Rocket.Chat
  
Note - I need to test this again This is my initial observation.
+
<nowiki>grep '^[[:blank:]]*[^[:blank:]#;]' /etc/mongod.conf</nowiki>
 +
 
 +
systemLog:
 +
  verbosity: 0
 +
  destination: file
 +
  logAppend: true
 +
  path: /var/log/mongodb/mongod.log
 +
storage:
 +
  dbPath: /var/lib/mongo
 +
  journal:
 +
    enabled: true
 +
processManagement:
 +
  fork: true  # fork and run in background
 +
  pidFilePath: /var/run/mongodb/mongod.pid  # location of pidfile
 +
  timeZoneInfo: /usr/share/zoneinfo
 +
net:
 +
  port: 27017
 +
  bindIp: 127.0.0.1  # Enter 0.0.0.0,:: to bind to all IPv4 and IPv6 addresses or, alternatively, use the net.bindIpAll setting.
 +
# Enable replication for Rocket.Chat
 +
replication:
 +
  replSetName: rs0
  
As far as I can see, the link above to mongodb is not necessary.
 
  
It may need this to set on and off correctly in other service levels:
+
Once started you need to initialise the replicaset. Make sure to exit from the mongo instance and run from the cli:
  
  chkconfig mongod on
+
  mongo --eval "printjson(rs.initiate())"
  
Create a service link in in rc7.d:
+
You should now have a working mongoDB good enough to use with Rocket.Chat
  
ln -s /etc/init.d/mongod /etc/rc.d/rc7.d/S57mongod
 
  
To use e-smith-service it will need a key:
+
===Other settings===
  
  config set mongod service status enabled
+
  nano /etc/security/limits.conf
  
You should now be able to do:
+
These settings are automatically added during installation
  
service mongod start|stop|restart etc
+
@mongod       soft        nproc      unlimited
 +
@mongod      hard      nproc        unlimited
 +
@mongod      soft      nofile      64000
 +
@mongod      hard      nofile      64000
  
Mongo should come up on boot.
+
Adding a user
  
 +
https://www.linode.com/docs/guides/install-mongodb-on-centos-7/
  
==Koozali SME v10==
+
use admin
 +
 +
db.createUser(
 +
  {
 +
    user: "admin",
 +
    pwd: "admin123",
 +
    roles: [ { role: "userAdminAnyDatabase", db: "admin" } ]
 +
  }
 +
)
  
{{Warning box| Complete work in progress - here be Dragons!}}
+
show users
 +
 
 +
We can then set Mongo to force authentication when connecting.
 +
 
 +
nano /usr/lib/systemd/system/mongod.service.d/50koozali.conf
 +
 
 +
Add:
 +
 
 +
[Service]
 +
Environment="OPTIONS=--auth -f /etc/mongod.conf"
 +
 
 +
Restart Mongo
 +
 
 +
systemctl restart mongod
 +
 
 +
You should now need a password to login.
 +
 
 +
===Templating mongod.conf===
 +
 
 +
This is possible but we need to create a new file so we do not overwrite the original - otherwise yum/rpm will complain.
 +
 
 +
Something like /etc/mongod/mongod.conf
 +
 
 +
Template fragments in  
 +
 
 +
/etc/e-smith/templates/etc/mongod/mongod.conf
 +
 
 +
We can then amend the systemd overrride
 +
 
 +
nano /usr/lib/systemd/system/mongod.service.d/50koozali.conf
  
===Install===
+
Add this:
  
WIP
+
[Service]
 +
Environment="OPTIONS=-f /etc/mongod/mongod.conf"
  
db yum_repositories set mongodb42 repository \
+
===Dump and restore===
              BaseURL [https://repo.mongodb.org/yum/redhat/\$releasever/mongodb-org/4.2/$basearch/ https://repo.mongodb.org/yum/redhat/\$releasever/mongodb-org/4.2/\$basearch/] \
 
              EnableGroups no \
 
              GPGCheck yes \
 
              Name "MongoDB" \
 
              GPGKkey https://www.mongodb.org/static/pgp/server-4.2.asc \
 
              Visible no \
 
              status disabled
 
  
 +
Samples - YMMV.
  
Use the above method to add the repo and then:
+
Quick little script to dump the Rocket.Chat collection:
  
  yum --enablerepo=mongodb install mongodb-org
+
  #!bin/bash
 +
echo "Dump with Users/Roles"
 +
mongodump --dumpDbUsersAndRoles -d rocketchat -o /root/backup/rocketchatmongo
 +
echo "dump all"
 +
mongodump -d rocketchat -o /root/backup/rocketchatmongo-all
  
We need a db config entry for SME to recognise it:
 
  
config set mongod service status enabled access private
+
{{Warning box| Do not restore between versions!!}}
  
We will need a file
+
If you export from a version eg 4.0 then restore to that version. Do not try and restore 4.0 to 4.2 or higher.
  
/usr/lib/systemd/system/mongod.service/50koozali.conf
+
Then change your repo, and then upgrade mongo.
  
Something like:
+
To restore:
  
  [Unit]
+
  mongorestore /root/backup/rocketchatmongo-all
After=network.target network.service wan.service
 
[Install]
 
WantedBy=sme-server.target
 
  
 +
===Backup with system===
  
===Using keys===
+
With credit to Daniel Berteaud
  
config setprop mongod service status enabled
+
Action script to dump the mongo DB on pre-backup event
  
Minimal config I use for Rocket.Chat
+
mkdir -p /home/e-smith/db/mongo
  
  <nowiki>grep '^[[:blank:]]*[^[:blank:]#;]' /etc/mongod.conf</nowiki>
+
  cat <<_EOF > /etc/e-smith/events/actions/mongodb-dump
 +
#!/bin/bash -e
 +
/usr/bin/mongodump --quiet --out /home/e-smith/db/mongo/
 +
_EOF
  
  systemLog:
+
  chmod +x /etc/e-smith/events/actions/mongodb-dump
  verbosity: 0
+
  cd /etc/e-smith/events/pre-backup
  destination: file
+
  ln -s ../actions/mongodb-dump ./S60mongodb-dump
  logAppend: true
 
  path: /var/log/mongodb/mongod.log
 
  storage:
 
  dbPath: /var/lib/mongo
 
  journal:
 
    enabled: true
 
  processManagement:
 
  fork: true  # fork and run in background
 
  pidFilePath: /var/run/mongodb/mongod.pid  # location of pidfile
 
  timeZoneInfo: /usr/share/zoneinfo
 
net:
 
  port: 27017
 
  bindIp: 127.0.0.1  # Enter 0.0.0.0,:: to bind to all IPv4 and IPv6 addresses or, alternatively, use the net.bindIpAll setting.
 
replication:
 
  replSetName: rs0
 
  
 
===Vaporise or reinitialise the database===
 
===Vaporise or reinitialise the database===
Line 164: Line 215:
 
[[Category:Howto]]
 
[[Category:Howto]]
 
[[Category:Administration]]
 
[[Category:Administration]]
 +
[[Category:Database]]

Latest revision as of 16:57, 26 July 2023

How to install MongoDB

Important.png Note:
Manual configuration required


MongoDB 5.0+ requires the AVX CPU instruction set

lscpu |grep avx

Install Official Repository

Use ExtraRepositories from here

https://wiki.koozali.org/Extrarepositories

Note that versions are available from 4.0/1/2/3/4 -> 5.0 -> 6.0

Please check which versions are deprecated - they should not be used.

https://www.mongodb.com/support-policy/lifecycles

As of July 2022 the oldest supported version is 4.2 until April 2023

yum install smeserver-extrarepositories-mongodb
signal-event yum-modify

Install your chosen version:

yum --enablerepo=mongodb4.2 install mongodb-org 

If refuses to install because of no GPG Key you can change GPGCheck above from Yes to No and try yum install... again or

rpm --import https://www.mongodb.org/static/pgp/server-4.0.asc

Or

 yum --enablerepo=mongodb4.2 install mongodb-org --nogpgcheck

Starting Mongo

Warning.png Warning:
Please check additional notes below before trying this section


Warning.png Warning:
Complete work in progress - here be Dragons!


We need a db config entry for SME to recognise it:

config set mongod service status enabled access private

We will need a file

mkdir -p /usr/lib/systemd/system/mongod.service.d
nano /usr/lib/systemd/system/mongod.service.d/50koozali.conf

Something like:

[Unit]
After=network.target network.service wan.service
[Install]
WantedBy=sme-server.target

Configuration File

Minimal config I use for Rocket.Chat

grep '^[[:blank:]]*[^[:blank:]#;]' /etc/mongod.conf
systemLog:
 verbosity: 0
 destination: file
 logAppend: true
 path: /var/log/mongodb/mongod.log
storage:
 dbPath: /var/lib/mongo
 journal:
   enabled: true
processManagement:
 fork: true  # fork and run in background
 pidFilePath: /var/run/mongodb/mongod.pid  # location of pidfile
 timeZoneInfo: /usr/share/zoneinfo
net:
 port: 27017
 bindIp: 127.0.0.1  # Enter 0.0.0.0,:: to bind to all IPv4 and IPv6 addresses or, alternatively, use the net.bindIpAll setting.
  1. Enable replication for Rocket.Chat
replication:
 replSetName: rs0


Once started you need to initialise the replicaset. Make sure to exit from the mongo instance and run from the cli:

mongo --eval "printjson(rs.initiate())"

You should now have a working mongoDB good enough to use with Rocket.Chat


Other settings

nano /etc/security/limits.conf

These settings are automatically added during installation

@mongod       soft        nproc      unlimited
@mongod       hard      nproc        unlimited
@mongod       soft       nofile      64000
@mongod       hard      nofile      64000

Adding a user

https://www.linode.com/docs/guides/install-mongodb-on-centos-7/

use admin

db.createUser(
 {
   user: "admin",
   pwd: "admin123",
   roles: [ { role: "userAdminAnyDatabase", db: "admin" } ]
 }
)
show users

We can then set Mongo to force authentication when connecting.

nano /usr/lib/systemd/system/mongod.service.d/50koozali.conf

Add:

[Service]
Environment="OPTIONS=--auth -f /etc/mongod.conf"

Restart Mongo

systemctl restart mongod 

You should now need a password to login.

Templating mongod.conf

This is possible but we need to create a new file so we do not overwrite the original - otherwise yum/rpm will complain.

Something like /etc/mongod/mongod.conf

Template fragments in

/etc/e-smith/templates/etc/mongod/mongod.conf

We can then amend the systemd overrride

nano /usr/lib/systemd/system/mongod.service.d/50koozali.conf

Add this:

[Service]
Environment="OPTIONS=-f /etc/mongod/mongod.conf"

Dump and restore

Samples - YMMV.

Quick little script to dump the Rocket.Chat collection:

#!bin/bash
echo "Dump with Users/Roles"
mongodump --dumpDbUsersAndRoles -d rocketchat -o /root/backup/rocketchatmongo
echo "dump all"
mongodump -d rocketchat -o /root/backup/rocketchatmongo-all


Warning.png Warning:
Do not restore between versions!!


If you export from a version eg 4.0 then restore to that version. Do not try and restore 4.0 to 4.2 or higher.

Then change your repo, and then upgrade mongo.

To restore:

mongorestore /root/backup/rocketchatmongo-all

Backup with system

With credit to Daniel Berteaud

Action script to dump the mongo DB on pre-backup event

mkdir -p /home/e-smith/db/mongo
cat <<_EOF > /etc/e-smith/events/actions/mongodb-dump
#!/bin/bash -e
/usr/bin/mongodump --quiet --out /home/e-smith/db/mongo/
_EOF
chmod +x /etc/e-smith/events/actions/mongodb-dump
cd /etc/e-smith/events/pre-backup
ln -s ../actions/mongodb-dump ./S60mongodb-dump

Vaporise or reinitialise the database

Warning.png Warning:
This will totally and utterly vaporise your data. Got a backup?? You have been warned


Remove the directory contents:

rm -rf /var/lib/mongo/*

Or remove the entire directory and recreate it with the correct ownership:

rm -rf /var/lib/mongo
mkdir -p /var/lib/mongo
chown -R mongod:mongod /var/lib/mongo

If you have a replicaset set in /etc/mongod.conf make sure you initiate it:

mongo --eval "printjson(rs.initiate())"