Thursday, September 3, 2020

 

Setup & Run MongoDB on non-default filesystem and with non root user in Linux

 

When you use rpm installer for installing MongoDB on the Linux the mongod user will be created on the system and all the appropriate files are created and owned by mongod user. When starting mongod installed by the rpm files, it should be run by either root or using sudor.

Question here is how to change the mongod process to non-root or non-default user

Create user account [non-root/non-default]

First let’s create an own user / group

 

$> sudo adduser sysmongo

$> sudo passwd sysmongo

 

I don’t want to keep mongodb binaries on default instead I prefer to keep on my own filesystem/mount point based on my internal audit compliance

 

$> mkdir mongodb

$> mkdir -p mongodb/{binaries,data,log,pid}

 

So Iam going to keep all my mongodb related binaries/data/log/pid

Into these directories

 

/mongodb/binaries      - binary files

/mongodb/data                        - data files + journal

/mongodb/log              - mongo logs + audit logs

/mongodb/pid              - pid file

Specifies a file location to store the process ID (PID) of the mongos or mongod process . The user running the mongod or mongos process must be able to write to this path. If the processManagement.pidFilePath option is not specified, the process does not create a PID file. This option is generally only useful in combination with the processManagement.fork setting.                   

 

LINUX
On Linux, PID file management is generally the responsibility of your distro’s init system: usually a service file in the /etc/init.d directory, or a systemd unit file registered with systemctl. Only use the processManagement.pidFilePath option if you are not using one of these init systems. For more information, please see the respective Installation Guide for your operating system.

 

Tips:-

mkdir -p mongodb/{binaries,data,log,pid}
This will help to create multiple directory under parent directory on single command

 

Change User Permission

$> chown sysmongo:sysmongo mongodb

$> chown -R sysmongo:sysmongo  mongodb/

 

Download MongoDB

 

Let’s download the mongodb from download center you can download and copy the files or wget/curl

 [https://www.mongodb.com/download-center/enterprise]

curl -OL https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-rhel70-4.2.0.tgz

 

wget -OL https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-rhel70-4.2.0.tgz

 

Uncompressing tar.gz file

 

$> tar xvzf mongodb-linux-x86_64-rhel70-4.2.0.tgz -C /mongodb/binaries
 

 

 

 

 

Tips:-

Where the -C argument is used to specify the path to place the file. By defaults files will be extracted into the current directory. To change the directory, we use -C option.

 

Create config File

$> vi /mongodb/pid/mongod.conf

 

# where to write logging data.
systemLog:
  destination: file
  logAppend: true
  logRotate: reopen
  path: /mongodb/log/mongod.log
# Where and how to store data.
storage:
  dbPath: /mongodb/data
  journal:
    enabled: true
processManagement:
#fork: true  # fork and run in background
  pidFilePath: /mongodb/log/mongod.pid  # location of pidfile
  timeZoneInfo: /usr/share/zoneinfo
# network interfaces
net:
  port: 27017
  bindIp: 127.0.0.1,<ipaddress> # Enter 0.0.0.0,:: to bind to all IPv4

 

 

 

 

 

Ensure the binaries are in a directory listed in your PATH environment variable

$> vi ~/.bash_profile
PATH=$PATH:$HOME/bin:/mongodb/binaries/mongodb-linux-x86_64-rhel70-4.2.0/bin
 
export PATH
# save and Close then source it 
$>source ~/.bash_profile

 

Create systemctl service for mongod

$> vi /etc/systemd/system/mongod.service
[Unit]
Description=mongod service
 
[Service]
User= sysmongo
Group= sysmongo
ExecStart=/mongodb/binaries/mongodb-linux-x86_64-rhel70-4.2.0/bin/mongod --config /mongodb/pid/mongod.conf
 
[Install]
WantedBy=multi-user.target 
 
# save and enable service and start the service 
$>systemctl enable mongod
$>systemctl start mongod
$>systemctl status mongod
mongod.service - mongod service
   Loaded: loaded (/etc/systemd/system/mongod.service; enabled; vendor preset: disabled)
   Active: active (running) since Tue 2019-10-15 05:43:28 UTC; 3h 14min ago
 Main PID: 12133 (mongod)
   CGroup: /system.slice/mongod.service
           └─12133 /mongodb/binaries/mongodb-linux-x86_64-rhel70-4.2.0/bin/mongod --config /mongodb/pid/mongod.conf
 
Oct 15 05:43:28 mongotest1 systemd[1]: Started mongod service.
 
$> mongo --eval 'db.runCommand({connectionStatus:1})'
connecting to: mongodb://127.0.0.1:27017/?compressors=disabled&gssapiServiceName=mongodb
Implicit session: session { "id" : UUID("623f736a-f1aa-473d-b1be-6b50faf81c1e") }
MongoDB server version: 4.2.0
{
        "authInfo" : {
                "authenticatedUsers" : [ ],
                "authenticatedUserRoles" : [ ]
        },
        "ok" : 1
}

 

at No comments:
Subscribe to: Posts (Atom)

  Setup & Run MongoDB on non-default filesystem and with non root user in Linux   When you use rpm installer for installing MongoD...

  • (no title)
      Setup & Run MongoDB on non-default filesystem and with non root user in Linux   When you use rpm installer for installing MongoD...