1월 21 2020

CentOS7, mongoDB 설치하기.

CentOS7에  mongoDB 설치하기.

1. 저장소(Repository) 등록

mongoDB는 CentOS 기본 저장소에 등록이 되어있지 않으므로 mongoDB 저장소를 등록한다.

mongodb 저장소가 설정되지 않으면 아래처럼 mongodb 관련 rpm 파일을 찾지 못한다.

# yum search mongodb
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirror.navercorp.com
 * extras: mirror.navercorp.com
 * updates: mirror.navercorp.com
Warning: No matches found for: mongodb
No matches found

패키지를 yum 으로 설치하기 위해서, 저장소를 등록한다.

저장소를 등록하기 위해서 mongodb.repo 파일을 만들고 아래 내용을 작성한다.

# vi /etc/yum.repos.d/mongodb.repo

[MongoDB]
name=MongoDB Repository
baseurl=http://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/4.2/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-4.2.asc

이제, yum search 명령어로 mongodb 관련 패키지를 찾아보면 아래와 같은 결과를 볼 수 있다.

# yum search mongodb
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirror.navercorp.com
 * extras: mirror.navercorp.com
 * updates: mirror.navercorp.com
MongoDB                                                                                               | 2.4 kB  00:00:00
MongoDB/7/x86_64/primary_db                                                                           |  18 kB  00:00:00
=================================================== N/S matched: mongodb ====================================================
mongodb-org.x86_64 : MongoDB open source document-oriented database system (metapackage)
mongodb-org-mongos.x86_64 : MongoDB sharded cluster query router
mongodb-org-server.x86_64 : MongoDB database server
mongodb-org-shell.x86_64 : MongoDB shell client
mongodb-org-tools.x86_64 : MongoDB tools

  Name and summary matches only, use "search all" for everything.

2. mongodb 설치

yum 명령어로 mongodb 패키지를 설치한다.

# yum install mongodb-org

3. mongodb 서비스 등록/실행

systemctl 명령어로 서비스를 실행한다.

# systemctl start mongod

재부팅시 자동으로 mongodb 를 실행하려면 아래 명령어로 설정할 수 있다.

# systemctl enable mongod

설치된 버전 확인

# mongod --version
db version v4.2.2
git version: a0bbbff6ada159e19298d37946ac8dc4b497eadf
OpenSSL version: OpenSSL 1.0.1e-fips 11 Feb 2013
allocator: tcmalloc
modules: none
build environment:
    distmod: rhel70
    distarch: x86_64
    target_arch: x86_64

mongodb 쉘 접속

# mongo
MongoDB shell version v4.2.2
connecting to: mongodb://127.0.0.1:27017/?compressors=disabled&gssapiServiceName=mongodb
Implicit session: session { "id" : UUID("6a8f238a-22d0-4484-8efd-7e0723a633fb") }
MongoDB server version: 4.2.2
Server has startup warnings:
2020-01-21T11:54:03.989+0900 I  CONTROL  [initandlisten]
2020-01-21T11:54:03.989+0900 I  CONTROL  [initandlisten] ** WARNING: Access control is not enabled for the database.
2020-01-21T11:54:03.989+0900 I  CONTROL  [initandlisten] **          Read and write access to data and configuration is unrestricted.
2020-01-21T11:54:03.989+0900 I  CONTROL  [initandlisten]
2020-01-21T11:54:03.989+0900 I  CONTROL  [initandlisten]
2020-01-21T11:54:03.989+0900 I  CONTROL  [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/enabled is 'always'.
2020-01-21T11:54:03.989+0900 I  CONTROL  [initandlisten] **        We suggest setting it to 'never'
2020-01-21T11:54:03.989+0900 I  CONTROL  [initandlisten]
2020-01-21T11:54:03.989+0900 I  CONTROL  [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/defrag is 'always'.
2020-01-21T11:54:03.989+0900 I  CONTROL  [initandlisten] **        We suggest setting it to 'never'
2020-01-21T11:54:03.989+0900 I  CONTROL  [initandlisten]
---
Enable MongoDB's free cloud-based monitoring service, which will then receive and display
metrics about your deployment (disk utilization, CPU, operation statistics, etc).

The monitoring data will be available on a MongoDB website with a unique URL accessible to you
and anyone you share the URL with. MongoDB may use this information to make product
improvements and to suggest MongoDB products and deployment options to you.

To enable free monitoring, run the following command: db.enableFreeMonitoring()
To permanently disable this reminder, run the following command: db.disableFreeMonitoring()
---

>

위의 두번째 경고를 없애기 위해서 systemctl edit mongod 명령으로 서비스 설정을 수정한다.

# systemctl edit mongod
[Service]
PermissionsStartOnly=true
ExecStartPre=/bin/sh -c "echo never > /sys/kernel/mm/transparent_hugepage/enabled"

이제, mongod 를 재시작하고, mongodb 쉘에 접속해 보면

# systemctl restart mongod

# mongo
MongoDB shell version v4.2.2
connecting to: mongodb://127.0.0.1:27017/?compressors=disabled&gssapiServiceName=mongodb
Implicit session: session { "id" : UUID("97b3c279-c668-46fa-b5fc-856adcf96494") }
MongoDB server version: 4.2.2
Server has startup warnings:
2020-01-21T13:27:18.774+0900 I  CONTROL  [initandlisten]
2020-01-21T13:27:18.774+0900 I  CONTROL  [initandlisten] ** WARNING: Access control is not enabled for the database.
2020-01-21T13:27:18.774+0900 I  CONTROL  [initandlisten] **          Read and write access to data and configuration is unrestricted.
2020-01-21T13:27:18.774+0900 I  CONTROL  [initandlisten]
---
Enable MongoDB's free cloud-based monitoring service, which will then receive and display
metrics about your deployment (disk utilization, CPU, operation statistics, etc).

The monitoring data will be available on a MongoDB website with a unique URL accessible to you
and anyone you share the URL with. MongoDB may use this information to make product
improvements and to suggest MongoDB products and deployment options to you.

To enable free monitoring, run the following command: db.enableFreeMonitoring()
To permanently disable this reminder, run the following command: db.disableFreeMonitoring()
---

>

이제, 두 번째 경고는 없어지고, 처음의 경고만 나옴을 볼 수 있다.

이 경고는 mongoDB에대한 인증이나 권한부여 설정을 하지 않은 경우에 보여주는 것으로 이 상태에서는 시스템의 모든 데이타베이스와 컬렉션에 접근할 수 있다.
혼자서 사용하는경우는 별 문제가 되지 않을 수 있으나 여러 계정을 만든다면 문제가 발생할 수 있다.

4. 인증 활성화
첫 번째 경고를 없애기 위해서 https://docs.mongodb.com/master/tutorial/enable-authentication/를 참고하여 아래와 같이 작업했으나 원하는 결과는 나오지 않았다.
인증을 활성화하기 위해서는 access control 없이 mongodb 를 시작하고, 인스턴스에 연결한 후, access control을 활성화해야 한다.
yum으로 설치하고 실행한 경우는 이미 access control 없이 실행한 상태이므로, mongodb 쉘에 접속한 후 ‘user administragor’를 만들면 된다.

# mongo
MongoDB shell version v4.2.2
connecting to: mongodb://127.0.0.1:27017/?compressors=disabled&gssapiServiceName=mongodb
Implicit session: session { "id" : UUID("951d7140-29f5-444e-9a32-f62e874601e1") }
MongoDB server version: 4.2.2
Server has startup warnings:
2020-01-21T13:27:18.774+0900 I  CONTROL  [initandlisten]
2020-01-21T13:27:18.774+0900 I  CONTROL  [initandlisten] ** WARNING: Access control is not enabled for the database.
2020-01-21T13:27:18.774+0900 I  CONTROL  [initandlisten] **          Read and write access to data and configuration is unrestricted.
2020-01-21T13:27:18.774+0900 I  CONTROL  [initandlisten]
---
Enable MongoDB's free cloud-based monitoring service, which will then receive and display
metrics about your deployment (disk utilization, CPU, operation statistics, etc).

The monitoring data will be available on a MongoDB website with a unique URL accessible to you
and anyone you share the URL with. MongoDB may use this information to make product
improvements and to suggest MongoDB products and deployment options to you.

To enable free monitoring, run the following command: db.enableFreeMonitoring()
To permanently disable this reminder, run the following command: db.disableFreeMonitoring()
---

> show dbs;
admin   0.000GB
config  0.000GB
local   0.000GB
> use admin
switched to db admin
> db.createUser(
... {
... user: "mongoUserAdmin",
... pwd: "xxx123",
... roles: [{role: "userAdminAnyDatabase", db: "admin"}]
... }
... )
Successfully added user: {
        "user" : "mongoUserAdmin",
        "roles" : [
                {
                        "role" : "userAdminAnyDatabase",
                        "db" : "admin"
                }
        ]
}
>
> exit
bye
#

admin 데이타베이스에 사용자 mongoUserAdmin 을 만들고 비밀번호를 xxx123 으로 설정하고 권한을 줬다.

이제 mongodb 데몬을 재 시작한다.

답글 남기기

Your email address will not be published.