Summary of mongodb basic installation and management command script


1. Install mongodb on Linux
1.1 create data directory and log file:

mkdir -p /data/node/
touch /data/mongodb.log

1.2 install mongodb:

tar zxf mongodb-linux-x86_64-2.4.9.tgz 
mv mongodb-linux-x86_64-2.4.9 /opt/mongodb
echo "export PATH=$PATH:/opt/mongodb/bin" >>/etc/profile
source /etc/profile

1.3 create a new slave node profile:

cat >> ~/.mongodb.conf <<EOF

fork = ture
port = 11000
dbpath = /data/node
logpath = /data/mongodb.log
logappend = true

1.4 start mongodb

mongod --config ~/.mongodb.conf

2. Windows installation of mongodb
2.1 download and unzip

2.2 add service

# mongod -f d:\mongodb\mongodb.cfg --serviceName MongoBD --install

2.3 start up services

# net start mongodb 

2.4 delete service

# mongod --remove

2.5 mongodb startup profile

mongodb.cfg -->

There are quick ways to manage mongodb, whether it is a backup or a multi node system with replication. The system will automatically complete various configurations.
(1) mongodb is a common command-line program, which is called by mongod.
(2) mongodb provides built-in management interface and monitoring function, which is easy to integrate with the third-party monitoring package.
(3) mongodb supports basic database level user authentication, including read-only users and independent administrator rights.
(4) backup mongodb in various ways.

1. Start and stop mongodb
1.1 command line start
The command line starts. You can see all the options with mongod — help.
(1) – the default value of dbpath is / data / db /. Each mongod process needs an independent data directory. To have three mongod instances, there must be three independent data directories. When mongodb is started, the mongod.lock file will be created in the data directory to prevent other mongod processes from using the data directory.
Specify the listening port, which is 27017 by default. Run multiple mongod processes. You need to specify different port numbers.
Run mongodb as a daemons to create a server process.
Specify the log output path instead of the output command line, which will overwrite the existing file and clear the original journal. If you want to keep it, you need to use the — logappend option.
Specify the configuration file to load various options not specified on the command line.
1.2 configuration file
Mongobd supports obtaining configuration information from files. Specify that the configuration file can use the – f or — config options. For example:

# mongod --config ~/.mongodb.conf
cat > ~/.mongodb.conf <<EOF

port = 10001
fork = true
logpath = /data/mongodb.log
dbpath = /data/node2
logappend = true

1.3 stop mongodb
Database shutdown method:
(1) kill-2 SIGTERM or kill-2 SIGINT can exit safely, wait until the currently running operation or file pre allocation, close all open connections, refresh the cached data to disk, and finally stop.
Cannot kill – 9 (sigkill), which will cause data file corruption.
(2) use the management command {“shutdown”: 1}

> use admin
> db.shutdownServer(); 

2. monitoring
2.1 use management interface
When mongodb is started, a very basic HTTP server will be started. The port monitored by the server is 1000 larger than the main server. The information presented can be viewed through shell or web page.
To make good use of the management interface, you need to enable rest support with the — reset option. You can also use the — nohttpinterface to close the management interface at startup.
2.2 serverStatus
Serverstatus shows mongodb’s internal details, such as server version, running time and current connections.

MongoDB shell version: 2.4.9
connecting to:
> db.runCommand({serverStatus : 1})

“GlobalLock” indicates how much time (in microseconds) the global write lock takes on the server. “MEM” includes how much data the server memory maps, virtual memory and resident memory usage of the server process;
(1) “indexcounters” indicates the number of times B-tree is retrieved in disk and memory;
(2) “background flushing” indicates how many fsyncs have been done in the background and how much time has been spent;
(3) “opcounters” includes the number of times of each main operation.
2.3 mongostat
Mongostat outputs important information provided by serverstatus. Output a new row every second, which is better than the static count seen before. They are insert / s, commands / s, vsize and% locked.
2.4 third party plug-ins
Support mongbdb plug-ins of Nagios, Munin, ganglia and cacti.

3. safety
Mongodb supports authentication of a single connection.
3.1 basic knowledge of certification
The database in each mongodb instance can have many users. After the authentication is enabled, only the database authentication user can perform the read-write operation.
After authentication, the administrator can read and write all databases and execute specific management commands.
An administrator account is required before starting security authentication.

> use admin
switched to db admin
> db.addUser("root", "root123");
  "user" : "root",
  "readOnly" : false,
  "pwd" : "81c5bca573e01b632d18a459c6cec418",
  "_id" : ObjectId("530bd17622cceb4323a2b500")
> use test
switched to db test
> db.addUser("test_user", "root123", true);
  "user" : "test_user",
  "readOnly" : true,
  "pwd" : "d436badec207e3821abbaf337fcbdd06",
  "_id" : ObjectId("530bd24322cceb4323a2b501")

Creating a read-only user in the shell sets the third parameter of addUser to true. The call to adduser() must have write access to the database.
AddUser can not only add new users, but also modify user password or read-only status.
Restart the server, add the — auth option, and turn on the security check.

> use admin
switched to db admin
> db.auth("root", "root123");

3.2 working principle of certification
Database user accounts are stored as documents in the system.users collection.

> use admin
switched to db admin
> db.system.users.find();
{ "_id" : ObjectId("530bd17622cceb4323a2b500"), "user" : "root", "readOnly" : false, "pwd" : "81c5bca573e01b632d18a459c6cec418" }

Can execute


Delete account number.
When user authenticates, the server binds authentication and connection to track authentication.
3.3 other installation considerations
In addition to authentication, there are many options to lock mongodb instances. Even with authentication, the mongodb transport protocol is unencrypted. To encrypt, you need to use Shh tunnel or similar to encrypt between client and server.
Mongodb server is recommended to be arranged in firewall or intranet, but if it needs to be accessed externally, use — bindip option to specify that mongod is bound to the local IP address.
You can use — noscripting to completely disable the execution of server-side JavaScript.