在 CentOS 7 下安装 MongoDB 4

关键字

CentOS, MongoDB, CentOS 7, MongoDB 4

背景概述

MongoDB 是最流行的 NoSQL,其分片集群横向扩展能在一定数量级解决了大数据量增长问题,异构的文档数据也更适合存储实体属性不一致的数据,比如不同类商品及其属性,相比关系数据库,在一定场景下常能用更少的机器支持更重的业务。

本文旨在指导你在 CentOS 7 下安装 MongoDB 4。本安装过程应已经过笔者反复测试,以确保成功。

如果按本文安装时遇到任何问题,请留言或通过【桃花岛】官方联系我们。

软件依赖

  • CentOS 7
  • MongoDB 4

具体步骤

配置软件源

如果阅读过《在 CentOS 7 下安装 MySQL 8 及配置》,会了解到配置软件仓库的两种方法,此文采用简单方法直接编辑 .repo 文件:

vim /etc/yum.repos.d/mongodb-enterprise.repo

将下列内容粘贴后保存

[mongodb-enterprise]
name=MongoDB Enterprise Repository
baseurl=https://repo.mongodb.com/yum/redhat/$releasever/mongodb-enterprise/4.0/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-4.0.asc

yum 安装:

yum -y install mongodb-enterprise

创建数据目录和日志目录,赋权限

  • /var/lib/mongo :数据目录
  • /var/log/mongodb:日志目录
mkdir -p /var/lib/mongo
mkdir -p /var/log/mongodb
chown -R mongod:mongod /var/lib/mongo
chown -R mongod:mongod /var/log/mongodb

激活并启动 MongoDB 服务

systemctl enable mongod
systemctl start mongod

初步验证

运行

[root@carbon ~]# mongod -v

返回如下

[root@carbon ~]# mongod -v
2019-08-04T04:10:40.503+0800 I CONTROL  [main] Automatically disabling TLS 1.0, to force-enable TLS 1.0 specify --sslDisabledProtocols 'none'
2019-08-04T04:10:40.508+0800 D NETWORK  [main] fd limit hard:4096 soft:1024 max conn: 819
2019-08-04T04:10:40.509+0800 I CONTROL  [initandlisten] MongoDB starting : pid=28114 port=27017 dbpath=/data/db 64-bit host=carbon
2019-08-04T04:10:40.509+0800 I CONTROL  [initandlisten] db version v4.0.11
2019-08-04T04:10:40.509+0800 I CONTROL  [initandlisten] git version: 417d1a712e9f040d54beca8e4943edce218e9a8c
2019-08-04T04:10:40.509+0800 I CONTROL  [initandlisten] OpenSSL version: OpenSSL 1.0.1e-fips 11 Feb 2013
2019-08-04T04:10:40.509+0800 I CONTROL  [initandlisten] allocator: tcmalloc
2019-08-04T04:10:40.509+0800 I CONTROL  [initandlisten] modules: enterprise 
2019-08-04T04:10:40.509+0800 I CONTROL  [initandlisten] build environment:
2019-08-04T04:10:40.509+0800 I CONTROL  [initandlisten]     distmod: rhel70
2019-08-04T04:10:40.509+0800 I CONTROL  [initandlisten]     distarch: x86_64
2019-08-04T04:10:40.509+0800 I CONTROL  [initandlisten]     target_arch: x86_64
2019-08-04T04:10:40.509+0800 I CONTROL  [initandlisten] options: { systemLog: { verbosity: 1 } }
2019-08-04T04:10:40.509+0800 D NETWORK  [initandlisten] fd limit hard:4096 soft:1024 max conn: 819
2019-08-04T04:10:40.510+0800 E STORAGE  [initandlisten] Failed to set up listener: SocketException: Address already in use
2019-08-04T04:10:40.510+0800 D -        [initandlisten] User Assertion: NotMaster: not primary so can't step down src/mongo/db/db.cpp 901
2019-08-04T04:10:40.510+0800 I CONTROL  [initandlisten] now exiting
2019-08-04T04:10:40.510+0800 I CONTROL  [initandlisten] shutting down with code:48

此时提示的监听失败,因为默认9200端口被占用,此时先停止 mongd,再运行如下:

[root@carbon ~]# systemctl stop mongod  
[root@carbon ~]# mongod -v            
2019-08-04T04:11:06.290+0800 I CONTROL  [main] Automatically disabling TLS 1.0, to force-enable TLS 1.0 specify --sslDisabledProtocols 'none'
2019-08-04T04:11:06.295+0800 D NETWORK  [main] fd limit hard:4096 soft:1024 max conn: 819
2019-08-04T04:11:06.295+0800 I CONTROL  [initandlisten] MongoDB starting : pid=28124 port=27017 dbpath=/data/db 64-bit host=carbon
2019-08-04T04:11:06.295+0800 I CONTROL  [initandlisten] db version v4.0.11
2019-08-04T04:11:06.295+0800 I CONTROL  [initandlisten] git version: 417d1a712e9f040d54beca8e4943edce218e9a8c
2019-08-04T04:11:06.295+0800 I CONTROL  [initandlisten] OpenSSL version: OpenSSL 1.0.1e-fips 11 Feb 2013
2019-08-04T04:11:06.295+0800 I CONTROL  [initandlisten] allocator: tcmalloc
2019-08-04T04:11:06.295+0800 I CONTROL  [initandlisten] modules: enterprise 
2019-08-04T04:11:06.295+0800 I CONTROL  [initandlisten] build environment:
2019-08-04T04:11:06.295+0800 I CONTROL  [initandlisten]     distmod: rhel70
2019-08-04T04:11:06.295+0800 I CONTROL  [initandlisten]     distarch: x86_64
2019-08-04T04:11:06.295+0800 I CONTROL  [initandlisten]     target_arch: x86_64
2019-08-04T04:11:06.295+0800 I CONTROL  [initandlisten] options: { systemLog: { verbosity: 1 } }
2019-08-04T04:11:06.295+0800 D NETWORK  [initandlisten] fd limit hard:4096 soft:1024 max conn: 819
2019-08-04T04:11:06.296+0800 D -        [initandlisten] User Assertion: NonExistentPath: Data directory /data/db not found. src/mongo/db/storage/storage_engine_init.cpp 243
2019-08-04T04:11:06.296+0800 I STORAGE  [initandlisten] exception in initAndListen: NonExistentPath: Data directory /data/db not found., terminating
2019-08-04T04:11:06.296+0800 D -        [initandlisten] User Assertion: NotMaster: not primary so can't step down src/mongo/db/db.cpp 901
2019-08-04T04:11:06.296+0800 I NETWORK  [initandlisten] shutdown: going to close listening sockets...
2019-08-04T04:11:06.296+0800 I NETWORK  [initandlisten] removing socket file: /tmp/mongodb-27017.sock
2019-08-04T04:11:06.296+0800 I CONTROL  [initandlisten] now exiting
2019-08-04T04:11:06.296+0800 I CONTROL  [initandlisten] shutting down with code:100

即表示 MongoDB 4.0 已安装成功。

添加用户并开启授权

启动 mongo 命令行,添加用户

[root@carbon ~]# systemctl start mongod
[root@carbon ~]# mongo
MongoDB shell version v4.0.11
connecting to: mongodb://127.0.0.1:27017/?gssapiServiceName=mongodb
Implicit session: session { "id" : UUID("bf1a80fb-6a70-4bdb-86c7-8b3587400f87") }
MongoDB server version: 4.0.11
Welcome to the MongoDB shell.
For interactive help, type "help".
For more comprehensive documentation, see
        http://docs.mongodb.org/

在授权表 admin 中添加 用户 admin,密码 admin,再输入 exit 退出

MongoDB Enterprise > use admin
switched to db admin
MongoDB Enterprise > db.createUser(
...   {
...     user: "admin",
...     pwd: "admin",
...     roles: [ { role: "userAdminAnyDatabase", db: "admin" }, "readWriteAnyDatabase" ]
...   }

MongoDB 默认只在本机可以访问,未开授权验证。我们通过编辑其配置文件添加授权

vim /etc/mongod.conf

修改 bindIp: 127.0.0.1 为 0.0.0.0,并在 #secruity 行下加入授权启用的配置,保存,退出

# network interfaces
net:
  port: 27017
  bindIp: 0.0.0.0  # Enter 0.0.0.0,:: to bind to all IPv4 and IPv6 addresses or, alternatively, use the net.bindIpAll setting.

#security:
security:
  authorization: enabled

重启 mongod

systemctl restart mongod

此时,已经可以用客户端远程连接了。客户端配置:

  • IP:<MongoDB IP>
  • 端口:27017
  • 授权表:admin
  • 用户:admin
  • 密码:admin

安装验证

在 mongo 命令行中试试增删查

[root@carbon ~]# mongo --port 27017 -u "admin" --authenticationDatabase "admin" -p
MongoDB shell version v4.0.11
Enter password: 
connecting to: mongodb://127.0.0.1:27017/?authSource=admin&gssapiServiceName=mongodb
Implicit session: session { "id" : UUID("dfe7aba3-9c0c-45cb-bf7b-457453c218ce") }
MongoDB server version: 4.0.11
MongoDB Enterprise > db.foo.insert( { x: 1, y: 1 } )
WriteResult({ "nInserted" : 1 })
MongoDB Enterprise > db.foo.find()
{ "_id" : ObjectId("5d45f6e21d57d1717b175746"), "x" : 1, "y" : 1 }
MongoDB Enterprise > db.foo.deleteOne({_id: ObjectId("5d45f6e21d57d1717b175746")})
{ "acknowledged" : true, "deletedCount" : 1 }
MongoDB Enterprise > db.foo.find()
MongoDB Enterprise > db.foo.drop()
true
MongoDB Enterprise > exit
bye

问题汇总

问题:设置了授权验证,建立了用户和密码,但客户端无法连接?

解决:停止防火墙

systemctl stop firewalld
systemctl stop iptables

问题:启动 MongDB 时失败,看日志提示 Mongodb Unregistered Authentication Agent for unix-process

解决:如果使用默认端口 27017

rm -f /tmp/mongodb-27017.sock

相关文章

暂无

发表评论

电子邮件地址不会被公开。 必填项已用*标注