In this post we go through the process of installing MongoDB 7 on a Rocky Linux instance. This includes the basic setup, enabling authentication and creating an admin user.

Install MongoDB 7.x

In case you would like to install MongoDB on a Virtual Machine, I have created a step-by-step guide for creating a virtual machine using Virtual Box.

To use yum for installing MongoDB, we have to add the MongoDB repository. Let's create a file named /etc/yum.repos.d/mongodb-org-7.0.repo with the following content:

[mongodb-org-7.0]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/9/mongodb-org/7.0/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://pgp.mongodb.com/server-7.0.asc

Now, we can run sudo yum install mongodb-org to install MongoDB.

Check Linux ulimit settings

The MongoDB reference documentation describes all details about the required ulimit settings. In my case I only had to run the following commands to align my settings with the requirements:

sudo ulimit -n 64000
sudo ulimit -l unlimited
sudo ulimit -u 64000

The detailed settings can be checked using ulimit -a

Start MongoDB

Next step is to enable and start the service. Running the commands below will automatically start MongoDB every time the server is being rebooted:

sudo systemctl enable mongod
sudo systemctl start mongod

We can check if MongoDB is up and running using sudo systemctl status mongod.

Configure network access

Per default, MongoDB only allows connection from localhost. To allow connections from other servers or a desktop/laptop, we have to change network settings. Let's edit file /etc/mongod.conf. We only have to change bindIp to 0.0.0.0 as shown below:

# network interfaces
net:
  port: 27017
  bindIp: 0.0.0.0

After restarting the service with sudo systemctl restart mongod, remote access has been activated.

Connect to local environment

After the initial installation has been completed, we can connect to the local environment using mongosh.

You might notice that the following info text is being printed out: "To help improve our products, anonymous usage data is collected and sent to MongoDB periodically". To opt out of the data collection, you can run disableTelemetry().

Additionally, I saw two warnings related to "transparent huge pages" and "vm.max_map_count". Let's fix these ones as well.

Transparent huge pages

The warning that showed up was: "/sys/kernel/mm/transparent_hugepage/enabled is 'always'. We suggest setting it to 'never'". This link provides more details. To fix it, we have to create a new file /etc/systemd/system/disable-transparent-huge-pages.service with the following content:

[Unit]
Description=Disable Transparent Huge Pages (THP)
DefaultDependencies=no
After=sysinit.target local-fs.target
Before=mongod.service

[Service]
Type=oneshot
ExecStart=/bin/sh -c 'echo never | tee /sys/kernel/mm/transparent_hugepage/enabled > /dev/null'

[Install]
WantedBy=basic.target

We enable the service by running:

sudo systemctl daemon-reload
sudo systemctl enable disable-transparent-huge-pages

This should fix the first warning.

vm.max_map_count

The second warning showed up as "vm.max_map_count is too low". The expected value and more details can be found here. We can fix this by setting vm.max_map_count=102400 in file /etc/sysctl.conf. The content of this file is:

# sysctl settings are defined through files in
# /usr/lib/sysctl.d/, /run/sysctl.d/, and /etc/sysctl.d/.
#
# Vendors settings live in /usr/lib/sysctl.d/.
# To override a whole file, create a new file with the same in
# /etc/sysctl.d/ and put new settings there. To override
# only specific settings, add a file with a lexically later
# name in /etc/sysctl.d/ and put new settings there.
#
# For more information, see sysctl.conf(5) and sysctl.d(5).

vm.max_map_count=102400

Let's run sudo sysctl -p to apply the changes. We can check the result as shown below:

sudo cat /proc/sys/vm/max_map_count
102400

After restarting MongoDB with sudo systemctl restart mongod and reconnecting with mongosh all warnings should be gone.

Enable Authentication

After installation MongoDB does not require any form of authentication. In this section we will create an admin user and enable authentication. There are lot's of different options to authenticate users, we will use a simple user/password based mechanism as described here.

Create admin user

Let's connect to the local MongoDB instance via mongosh. Then we switch to the admin database with use admin. And finally, we create the admin user with the command below:

db.createUser(
  {
    user: "admin",
    pwd: passwordPrompt(),
    roles: [
      { role: "userAdminAnyDatabase", db: "admin" },
      { role: "readWriteAnyDatabase", db: "admin" }
    ]
  }
)

At the prompt, just enter a password, we will use to authenticate as the admin user.

Enable authentication

We still have to configure the server to use authentication. Let's stop the instance with sudo systemctl stop mongod. We have to edit /etc/mongod.conf and add the lines below:

security:
  authorization: enabled

After starting the instance with sudo systemctl stop mongod, we can try to connect to MongoDB with mongosh. Interestingly, we can connect to the database without entering the user/password. But, as soon as we try to access data, e.g. with show tables, we see the error message below:

MongoServerError[Unauthorized]:
  Command listCollections requires authentication

That's actually good news! It means authentication has been enabled. To connect to MongoDB we have to use mongosh -u admin -p. Now we can access data with a command like show tables.

This concludes the installation process of a single MongoDB instance on Rocky Linux 9. As mentioned above, this step-by-step guide should not be used for production environments, only for a development environment where you can afford to lose data and where no real customer data is being stored.