Install and Configure MongoDB on Ubuntu 18.04 LTS
MongoDB is a NoSQL database that offers high performance, high availability and automatic scaling of the enterprise level database. MongoDB is a NoSQL database, so you cannot use SQL (Structured Query Language) to insert and retrieve data, and it does not store data in tables like MySQL or Postgres. The data is stored in a "document" structure in JSON format (called BSON in MongoDB). MongoDB was introduced in 2009 and is currently being developed by MongoDB Inc. MongoDB only offers packages for 64-bit LTS (long-term support) Ubuntu versions. For example 14.04 LTS (trusty), 16.04 LTS (xenial), 18.04 LTS (bionic) and so on. In this tutorial I will install MongoDB 4.0 on Ubuntu 18.04 LTS.
Install MongoDB on Ubuntu 18.04 LTS
Step 1 - Importing the Public Key
GPG keys of the software distributor are required by the Ubuntu package manager apt (Advanced Package Tool) to ensure the consistency and authenticity of the package. Execute this command to import MongoDB keys to your server.
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 68818C72E52529D4
Step 2 - Create source list file MongoDB
Create a MongoDB list file in /etc/apt/sources.list.d/ with this command:
sudo echo "deb http://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/4.0 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-4.0.list
Step 3 - Update the repository
update the repository with the apt command:
sudo apt-get update
Step 4 - Install MongoDB
Now you can install MongoDB by typing this command:
sudo apt-get install -y mongodb-org
The MongoDB apt installer created a mongod.service file for Systemd automatically, so there is no need to create it manually anymore. Start MongoDB and add it as a service to be started at boot time:
sudo systemctl start mongod sudo systemctl enable mongod
Now check that MongoDB has been started on port 27017 with the netstat command.
sudo netstat -plntu
In the above image we can see that mongod is running with pid 2902
Configure MongoDB username and password
Step 1 - Open mongo shell
Before you set up a username and password for MongoDB, you need to open the MongoDB shell on your server. You can login by typing:
mongo
If you get error Failed global initialization: BadValue Invalid or no user locale set. Please ensure LANG and/or LC_* environment variables are set correctly, try the command:
export LC_ALL=C mongo
Step 2 - Switch to the database admin
Once you`re in the MongoDB shell, switch to the database named admin:
use admin
Step 3 - Create the root user
Create the root user with this command :
db.createUser({user:"admin", pwd:"admin123", roles:[{role:"root", db:"admin"}]})
Desc: Create user admin with password admin123 and have the permission/role as root and the database is admin.
Now type exit to exit from MongoDB shell.
exit
And you are back on the Linux shell.
Step 4 - Enable MongoDB authentication
Edit the mongodb service file '/lib/systemd/system/mongod.service' with your editor.
sudo nano /lib/systemd/system/mongod.service
On the 'ExecStart' line 9, add the new option '--auth'.
ExecStart=/usr/bin/mongod --auth --config /etc/mongod.conf
Save the service file and exit nano. Reload the systemd service:
sudo systemctl daemon-reload
Step 5 - Restart MongoDB and try to connect
Now restart MongoDB and connect with the user created.
sudo service mongod restart
and connect to the MongoDB shell with this command:
mongo -u admin -p admin123 --authenticationDatabase admin
and you will see the output like this:
Enable external access and configure the UFW Firewall
UFW is the default firewall in Ubuntu. In this chapter, I will show how to configure UFW to allow external access to MongoDB. Check the UFW status
sudo ufw status
When the result is:
Status: inactive
Enable UFW with this command and open the SSH port first if connected by SSH:
sudo ufw allow ssh sudo ufw enable
before you proceed with the next steps. For security reasons, you should allow access to the MongoDB port 27017 only from IP addresses that need to access the database. By default, localhost is always able to access it, so no need to open the MongoDB port for IP 127.0.0.1. UFW Firewall Syntax
sudo ufw allow fromto port
Open MongoDB Port in UFW
To allow access from external IP 192.168.1.10 to MongoDB, use this command:
sudo ufw allow from 192.168.1.10 to any port 27017
Replace the IP address in the above command with the external Ip you want to allow access to MongoDB. If you want to open the MongoDB port for any IP, e.g. in case you run it in a local network and all systems in that network shall be able to access MongoDB, then use this command:
sudo ufw allow 27017
Check the status of the UFW firewall with this command:
sudo ufw status
MongoDB listens to localhost by default, to make the database accessible from outside, we have to reconfigure it to listen on the server IP address too. Open the mongod.conf file in nano editor:
sudo nano /etc/mongod.conf
and add the IP address of the server in the bind_ip line like this:
# network interfaces net: port: 27017 bindIp: 127.0.0.1,192,168.1.100
Replace 192.168.1.100 with the IP of your server, then restart MongoDB to apply the changes.
sudo service mongod restartNow you can access the MongoDB database server over the network.
