In this tutorial we'll learn install and secure MongoDB on AlmaLinux 9 Server.
MongoDB is one of the most popular NoSQL databases, known for its high performance, flexibility, and scalability. Whether you’re running a small application or handling big data workloads, MongoDB offers a versatile solution. In this guide, we’ll walk through the process of installing MongoDB on an AlmaLinux 9 server and securing it to ensure it’s ready for production environments. Along the way, we will also cover basic CRUD (Create, Read, Update, Delete) operations.
Prerequisites
- A Ubuntu 24.04 installed dedicated server or KVM VPS.
- A root user or normal user with administrative privileges.
- Basic Linux command knowledge.
Step 1: Update the System
Before we begin the MongoDB installation, it’s always good practice to ensure that our system is up-to-date. This ensures compatibility and includes the latest security patches.
sudo dnf update -y
Once the update completes, we’re ready to proceed.
Step 2: Install MongoDB Repository
MongoDB is not included in the default AlmaLinux repositories, so we need to add the MongoDB repository to our system.
sudo vi /etc/yum.repos.d/mongodb-org-8.0.repo
Add following content:
[mongodb-org-8.0]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/9/mongodb-org/8.0/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://pgp.mongodb.com/server-8.0.asc
This will create the MongoDB repository file on our AlmaLinux system.
Step 3: Install MongoDB
Now that we’ve set up the repository, let’s install MongoDB.
sudo dnf install -y mongodb-org
This command installs the MongoDB package along with its dependencies. MongoDB is now installed on your system.
Step 4: Start and Enable MongoDB
We can start the MongoDB service using the following command:
sudo systemctl start mongod
To ensure MongoDB starts automatically on system boot, we’ll enable it:
sudo systemctl enable mongod
To confirm that MongoDB is running correctly, use the following command:
sudo systemctl status mongod
If MongoDB is active and running, you should see a message indicating its status as “active (running).”
Step 5: Secure MongoDB
By default, MongoDB is not secured, which means anyone who can access the MongoDB port can interact with the database. Let’s secure it by enabling authentication.
Edit the MongoDB configuration file:
sudo nano /etc/mongod.conf
In the configuration file, find the security section and uncomment (or add) the following lines:
security:
authorization: "enabled"
This enables authentication, requiring users to log in before accessing the database.
Restart MongoDB to apply the changes:
sudo systemctl restart mongod
Troubleshooting
There is some issue the mongodb-mongosh and OpenSSL v3. By default mongodb-mongosh gets install with mongodb-org package. We are not sure what is the issue but we go following solution:
Remove mongodb-mongosh and install mongodb-mongosh-shared-openssl3
dnf erase -qy mongodb-mongosh
dnf install -qy mongodb-mongosh-shared-openssl3
This way we can use mongosh command and get into database cli.
Step 6: Create the Administrative User
Now that we have enabled authentication, we need to create an administrative user to manage the MongoDB database.
Connect to MongoDB:
mongosh
Switch to the admin database:
use admin
Create the administrative user:
db.createUser({
user: "admin",
pwd: "securepassword123",
roles: [{ role: "root", db: "admin" }]
})
This command creates an admin user with the username admin and password securepassword123. Replace the password with a more secure one in production environments.
Exit MongoDB:
exit
Step 7: Access MongoDB with Authentication
Now, let’s connect using the credentials we just created:
mongosh -u admin -p securepassword123 --authenticationDatabase admin
If the connection is successful, it means MongoDB authentication is working as expected.
Step 8: Perform Basic CRUD Operations
MongoDB’s flexibility makes it easy to perform basic operations. Here are the steps to perform basic CRUD operations on the MongoDB database:
Create a database and a collection:
use myDatabase
db.createCollection("myCollection")
Insert a document into the collection:
db.myCollection.insert({ name: "John Doe", age: 30, city: "New York" })
Read documents from the collection:
db.myCollection.find()
Update a document:
db.myCollection.update({ name: "John Doe" }, { $set: { age: 31 } })
Delete a document:
db.myCollection.remove({ name: "John Doe" })
These basic operations allow us to interact with the MongoDB database effectively.
Step 9: Monitor MongoDB Logs (Optional)
MongoDB generates logs that can be helpful for debugging and performance monitoring. To view the MongoDB log, run:
sudo tail -f /var/log/mongodb/mongod.log
This command shows the latest entries in the MongoDB log file.
Conclusion
In this tutorial we've learnt install and secure MongoDB on AlmaLinux 9 server and secured it by enabling authentication. Additionally, we performed basic CRUD operations to manage our MongoDB database. It is important to follow security best practices, especially when deploying MongoDB in a production environment. Ensuring authentication is enabled and only trusted IPs can access the database is a vital step in securing MongoDB.
With MongoDB installed and secured, we’re ready to build scalable and high-performance applications that utilize NoSQL data storage.
