CentOS

How to Install and Secure MongoDB on CentOS 8

What is NoSQL?

NoSQL is a non-relational database system that stores data using the model of key-value. Instead of storing data on the row and table, the NoSQL stores data on the unique key-value with the flexible schemes.

NoSQL is widely used in very large database deployment, recognized for its ease development, functionality, more scalable, and provides superior performance.

Most notable implementation of NoSQL are the MongoDB, ArangoDB, RiakDB, OrientDB etc. And most hosted services provided the NoSQL systems are Amazon DynamoDB and SimpleDB, Google BigTable, Clusterpint Database, etc.

Why using MongoDB?

MongoDB is one of the most popular implementations of the NoSQL database system. It’s a document-oriented database program with the JSON-like scheme, which all your data stored as a document with BSON format on the database collection.

MongoDB was a pioneer in the NoSQL world. It’s a distributed document-oriented database with high availability replication and sharding, the built-in caching system for speed, scalable for large deployment, and flexible for your applications.

In this tutorial, you will learn how to install and secure MongoDB on ubuntu 18.04. You will learn how to secure the MongoDB deployment by creating a new superuser with root role, and enable the MongoDB authentication.

Prerequisites

For this tutorial, make sure you have got a CentOS 8 server with root privileges.

Below is the tutorial about the CentOS 8 server installation.

Install CentOS 8 Server

Before going any further, log in to your CentOS server and type the sudo command to get the root privileges on your system.

sudo su

Step 1 – Add MongoDB Key and Repository for CentOS 8

First, you will add the MongoDB repository to the CentOS 8 Server.

Create a new MongoDB repo file ‘/etc/yum.repos.d/mongodb-org-4.2.repo’ using vim editor.

vim /etc/yum.repos.d/mongodb-org-4.2.repo

Paste the repository for MongoDB 4.2 as below.

[mongodb-org-4.2]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/4.2/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-4.2.asc

Save and close.

Next, check all available repository on the CentOS system using the dnf command below.

dnf repolist

As a result, you’ve added the MongoDB repository for the CentOS 8 server, and you’re ready to install the latest MongoDB packages.

Add MongoDB Repository

Step 2 – Install MongoDB on CentOS 8

Now install MongoDB using the dnf command below.

dnf install mongodb-org -y

Once the installation is complete, start the MongoDB service and add it to the system boot, then check it’s service status.

systemctl enable --now mongod
systemctl status mongod

As a result, you’ve installed MongoDB packages on the CentOS 8 server, and the MongoDB service is up and running.

Start MongoDB Service

Step 3 – Add MongoDB Admin User

In this step, you will learn how to create a new user on MongoDB, it will be used for the MongoDB authentication.

You will create a new user named ‘superuser’ with the role ‘root’ through the ‘mongo’ shell.

Now log in to the mongo shell using the following command.

mongo --quiet

From the current database, switch to the database ‘admin’.

use admin

Now create a new user named ‘superuser’ with the password ‘SysAdminJournalPass’, and use the role ‘root’ (as the MongoDB system administrator).

db.createUser(
  {
    user: "superuser",
    pwd: "SysAdminJournalPass",
    roles: [ "root" ]
  }
)

And you will get a response below.

Successfully added user: { "user" : "superuser", "roles" : [ "root" ] }

As a result, you’ve added a new user administrator for MongoDB.

MongoDB Create Admin

Check the user using the following query.

show users

Below is the response you will get.

{
    "_id" : "admin.superuser",
    "userId" : UUID("d658a712-21a0-4bc4-9a8c-a7a2bab56f32"),
    "user" : "superuser",
    "db" : "admin",
    "roles" : [
        {
            "role" : "root",
            "db" : "admin"
        }
    ],
    "mechanisms" : [
        "SCRAM-SHA-1",
        "SCRAM-SHA-256"
    ]
}

As a result, you’ve created a new user named ‘superuser’ with the database ‘admin’ and the role ‘root’. Also, you’re ready to set up the MongoDB authentication.

Show List Users on MongoDB

Step 4 – Enable MongoDB Authentication

It is recommended to enable the MongoDB authentication on your deployment, especially on the production environment. It will increase the security of your deployment.

MongoDB authentication allows you to control users’ access to database resources and operations. All users are required to authenticate to determine the right access to the user.

To enable the MongoDB authentication, edit the MongoDB service file using the following command.

export EDITOR=vim
systemctl edit --full mongod

On the ‘OPTIONS’ environment variable, add the ‘–auth’ option as below.

Environment="OPTIONS=--auth -f /etc/mongod.conf"

Save and close.

Next, reload the systemd manager and restart the MongoDB service.

systemctl daemon-reload
systemctl restart mongod

As a result, you’ve enabled the MongoDB authentication.

Enable Authentication MongoDB

Step 5 – Testing

To test the MongoDB installation, you will log in to MongoDB with the user ‘superuser’, create a new database and insert data into it.

– Login to MongoDB with user Authentication

Log in to the MongoDB shell with the user ‘superuser’ using the mongo command below.

mongo -u superuser -p --quiet

Type the password for the ‘superuser’ and make sure there is no error.

After that, show all databases available on the MongoDB using the following query.

show dbs

Now switch to the ‘admin’ database and check all users on it.

use admin
show users

As a result, your new user ‘superuser’ is successfully logged in to the MongoDB server.

login with Authentication

– MongoDB Create Database and Insert Data

Once you’ve logged in to the MongoDB shell, create a new database and insert some data into it.

Create a new database ‘testdb’ and insert the data into it using the following queries.

use testdb
db.music.insert({
   title: 'Bloom*Iz', 
   by: 'iz*one'
})

Now make sure you get the response as below.

WriteResult({ "nInserted" : 1 })

After that, check the data on the table ‘music’ using the MongoDB query below.

db.music.find().pretty()

As a result, you’ve successfully created a new MongoDB database and inserted data into it. Also, MongoDB authentication and authorization is working.

Create New Database

– MongoDB Log in without User

With the MongoDB authentication and authorization enabled, you still be able to log in to the MongoDB shell, but you cannot access database resources and operations.

Log in to the MongoDB shell without the user as below.

mongo --quiet

After that, create a new database and insert new data into it.

use testdb
db.movie.insert({
   title: 'Usagi Drop', 
   genre: 'slice of life'
})

As a result, you get the unauthorized error message, you need to be authenticated to run the insert query.

Cannot Insert Data without AuthenticationMongoDB

Finally, you’ve learned how to install and secure the MongoDB on CentOS 8. Also, you’ve learned the basic mongo command and basic operation of MongoDB database queries.

Write A Comment