Edit /etc/hosts file in 3 nodes, add with 3 node ips:
192.168.0.1 mongo-db1.example.com
192.168.0.2 mongo-db2.example.com
192.168.0.3 mongo-db3.example.comIn terminal, set root password:
mongosh
use admin
db.createUser({user:"root", pwd:"yourRootPassword", roles:[{role:"root", db:"admin"}]})Create ssl key then COPY folder to all members for same key.
mkdir -p /etc/mongodb/keys/
openssl rand -base64 756 > /etc/mongodb/keys/mongo-key
chmod 400 /etc/mongodb/keys/mongo-key
chown -R mongod:mongod /etc/mongodb && chown -R mongod:mongod /var/lib/mongoDisable THP:
echo never > /sys/kernel/mm/transparent_hugepage/enabledEdit file /etc/mongod.conf, add:
systemLog:
destination: file
logAppend: true
path: /var/log/mongodb/mongod.log
storage:
dbPath: /var/lib/mongo
journal:
enabled: true
processManagement:
timeZoneInfo: /usr/share/zoneinfo
net:
port: 27017
bindIp: 0.0.0.0 # for all network interface. Custom this.
security:
authorization: "enabled"
keyFile: /etc/mongodb/keys/mongo-key
replication:
replSetName: "yourSetNameForcluster"Restart mongod for all nodes:
sudo systemctl restart mongodConnect to primary node (node 1) with your yourRootPassword
mongosh --authenticationDatabase "admin" -u root -pSetup replication:
use admin
rs.initiate({ _id: "yourSetNameForcluster", members: [ { _id: 0, host: "mongo-db1.example.com:27017" }, { _id: 1, host: "mongo-db2.example.com:27017" }, { _id: 2, host: "mongo-db3.example.com:27017" }] })Check it:
rs.status()Create new user for client with some roles:
use admin
db.createUser(
{
user: "myTester",
pwd: passwordPrompt(), // or cleartext password
roles: [ { role: "readWrite", db: "test1" },
{ role: "read", db: "test2" } ] // assign to some databases with some roles
}
)We can create other role with combine some default roles. This is like as group ^^ :
db.createRole({role:"testRole", privileges:[], roles:[ { role: "readWrite", db: "test1" }, { role: "read", db: "test2" } ]})Update role for user:
db.updateUser("myTester", {roles: [ { role: 'testRole', db: 'test1'}]})Backup and restore:
# Move a collection from a DB to other DB:
mongodump --username=root --password=yourRootPassword --authenticationDatabase=admin --db=oldDbname --collection=oldCollection --out=data/ && mongorestore --db=newDbname --collection=newCollection data/oldDbname/oldCollection.bson
# Or just backup
mongodump --username=root --password=yourRootPassword --authenticationDatabase=admin --db=dbname --collection=collectionName --out=/home/dbbackup/20xx-xx-xx
# Any username with true roles can do itCompress it if you need to download:
tar -czvf -9 /home/dbbackup/20xx-xx-xx.tar.gz /home/dbbackup/20xx-xx-xx
# or this if error
cd /home/dbbackup
tar -czf 20xx-xx-xx.tar.gz 20xx-xx-xxExtract it:
tar -xzvf /home/dbbackup/20xx-xx-xx.tar.gz -C /home/dbbackup
Restore all:
(use –drop if want to delete old data before insert)
mongorestore --username=root --authenticationDatabase=admin /home/dbbackup/20xx-xx-xxRestore one database:
mongorestore --username=root --authenticationDatabase=admin --db=dbName /home/dbbackup/20xx-xx-xx/dbNameRestore one collection:
mongorestore --username=root --authenticationDatabase=admin --db=dbName --collection=collectionName /home/dbbackup/20xx-xx-xx/dbName/collectionName.bson
# OR:
mongorestore --username=root --authenticationDatabase=admin --nsInclude=dbName.collectionName /home/dbbackup/20xx-xx-xx/If changed index a lot times, index size was wrong. Compact data, every nodes:
mongosh --authenticationDatabase "admin" -u root -p
use myDatabaseName
db.runCommand({compact:"collectionName", force: true})Update MongoDB:
dnf upgrade install mongodb-org mongodb-org-mongos mongodb-org-server mongodb-org-shell mongodb-org-tools
systemctl restart mongod