Installing MongoDB 3.2 on CentOS 7

scottalanmiller

MongoDB is a very popular NoSQL database (it's what ML runs on, in fact) and it is really only fully supported on CentOS. Unlike many new projects that focus heavily on Ubuntu, MongoDB does not. As a database product, long term serious support and stability is an important focus so CentOS is really ideal for us, anyway. With are big Scale HC3 cluster in the NTG Lab, we want to have a "large" MongoDB cluster that we can use for whatever systems are going to need it, just as we do with a centralized MariaDB install. This is an effective use of the available resources to get more database performance and capacity with less need for database management on a large platform with high speed, low latency interconnects between the nodes.

In a future article, I want to look at turning our MongoDB server into an HA cluster.

We start off cloning our very vanilla, basic CentOS 7 template (which is a minimal install with all patches, firewalld installed and logging set up to our ELK machine) and adding in the MongoDB 3.2 repos directly from the MongoDB project.

cat > /etc/yum.repos.d/mongodb-org-3.2.repo <<EOF
[mongodb-org-3.2]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/7Server/mongodb-org/stable/x86_64/
gpgcheck=0
enabled=1
EOF

Now that our repo is defined, we can just install MongoDB with YUM:

yum install -y mongodb-org policycoreutils-python-2.2.5-20.el7.x86_64

By default, SELinux is not going to allow MongoDB to run on the default interface. So we need to adjust the policy for that. The semanage command is not installed on CentOS 7 Minimum by default, this is why we added the policycoreutils above.

semanage port -a -t mongod_port_t -p tcp 27017

You could turn SELinux off, of course, or set to permissive, but that is not advised. Correctly configuring SELinux is more secure.

Now we can start our database:

systemctl start mongod
systemctl enable mongod

If all has gone well, MongoDB will be running on port 27017. If this is going to be used for a local installation of an application, leave this port closed on the firewall. If you need to open the firewall for remote clients to attach we will open it below. Keep in mind that exposing MongoDB publicly will be a security nightmare, so consider proper precautions such as locking the port to being exposed to a single IP address or range.

firewall-cmd --zone=public --add-port=27017/tcp --permanent
firewall-cmd --reload

And that's it. We now have a working MongoDB NoSQL database running on CentOS 7!

scottalanmiller

If you are using a log shipper for something like ELK, remember that MongoDB does not log to the main /var/log/messages file so you might need to add the MongoDB log files to the log shipper.

scottalanmiller

If you want MongoDB to listed to non-local IP addresses as well, you need to not just open the firewall but also modify the configuration file...

vi /etc/mongod.conf

Find this line:

bindIp: 127.0.0.1  # Listen to local interface only, comment to listen on all interfaces.

And comment it out with a # to make this line:

#  bindIp: 127.0.0.1  # Listen to local interface only, comment to listen on all interfaces.

And restart MongoD service:

systemctl restart mongod

scottalanmiller

For a local install, I made this into a single file that I can just run...

#!/bin/bash

cat > /etc/yum.repos.d/mongodb-org-3.2.repo <<EOF
[mongodb-org-3.2]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/7Server/mongodb-org/stable/x86_64/
gpgcheck=0
enabled=1
EOF

yum install -y mongodb-org policycoreutils-python-2.2.5-20.el7.x86_64
semanage port -a -t mongod_port_t -p tcp 27017
systemctl start mongod
systemctl enable mongod

firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --reload

alex.olynyk

@scottalanmiller Thank you for this. Works great.

scottalanmiller

Just tested and deployed to CentOS 7.2 on Linode.

JaredBusch

@scottalanmiller said in Installing MongoDB 3.2 on CentOS 7:

Just tested and deployed to CentOS 7.2 on Linode.

This failed me, so I went to the mongo docs and the baseurl contains the variable $releasever.

using that results in redhat//mongodb in the file, which is why I assume you hard coded that bit.

Escaping the $ fixes it.

cat > /etc/yum.repos.d/mongodb-org-3.2.repo <<EOF
[mongodb-org-3.2]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/\$releasever/mongodb-org/3.2/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-3.2.asc
EOF