{"id":13475,"date":"2019-11-08T12:25:18","date_gmt":"2019-11-08T12:25:18","guid":{"rendered":"https:\/\/dbtut.com\/?p=13475"},"modified":"2020-01-14T06:56:49","modified_gmt":"2020-01-14T06:56:49","slug":"deploy-sharded-cluster-with-keyfile-access-control-on-red-hat-enterprise-linux-or-centos-linux","status":"publish","type":"post","link":"https:\/\/dbtut.com\/index.php\/2019\/11\/08\/deploy-sharded-cluster-with-keyfile-access-control-on-red-hat-enterprise-linux-or-centos-linux\/","title":{"rendered":"How To Install Mongodb Sharded Cluster with Keyfile Access Control on Red Hat or CentOS"},"content":{"rendered":"

As you know security is one of the key points during database administration. In MongoDB sharded clusters security between components of the cluster is provided by Internal authentication. In this tutorial I will deploy a sharded cluster and enable internal authentication by using a keyfile.<\/p>\n

Enforcing internal authentication also enforces user access control. To connect to the replica set, clients like the mongo shell need to use a user account.<\/p>\n

Step 1: Create a User For Administration<\/h2>\n
[root@mongodbserv ~]# adduser mongodb\n[root@mongodbserv ~]# passwd mongodb<\/pre>\n
Important Note:<\/strong> Create mongodb user in all servers and perform all operations with this user.<\/p>\n
Step 2: Install MongoDB Community Edition<\/h2>\n
Using .rpm Packages (Recommended)<\/h3>\n
Configure the package management system (yum).<\/p>\n
Create a \/etc\/yum.repos.d\/mongodb-org-4.0.repo file so that you can install MongoDB directly using yum:<\/p>\n
vi \/etc\/yum.repos.d\/mongodb-org-4.0.repo<\/pre>\n
[mongodb-org-4.0]\nname=MongoDB Repository\nbaseurl=https:\/\/repo.mongodb.org\/yum\/redhat\/$releasever\/mongodb-org\/4.0\/x86_64\/\ngpgcheck=1\nenabled=1\ngpgkey=https:\/\/www.mongodb.org\/static\/pgp\/server-4.0.asc<\/pre>\n
Note:<\/strong> If you want to install difference version you must change 4.0 in the above content.<\/p>\n
Install MongoDB packages<\/h3>\n
To install the latest stable version of MongoDB, issue the following command:<\/p>\n
sudo yum install -y mongodb-org<\/pre>\n
Step 3: Disable SELINUX<\/h2>\n
If you are using SELinux, you must configure SELinux to allow MongoDB to start on Red Hat Linux-based systems (Red Hat Enterprise Linux or CentOS Linux).<\/p>\n
Disable SELinux by setting the SELINUX setting to disabled in \/etc\/selinux\/config.<\/p>\n
SELINUX=disabled<\/pre>\n
Step 4: Stop Firewalld and Disable iptables<\/h2>\n
Disable and Stop Firewalld<\/h3>\n
Stop the firewall so the servers can communicate with each other.<\/p>\n
systemctl disable firewalld\nsystemctl mask --now firewalld<\/pre>\n
Disable iptables<\/h3>\n
sudo \/sbin\/iptables -F && \/sbin\/iptables-save<\/pre>\n
Step 5:\u00a0 Recommended ulimit Settings<\/h2>\n
Configure some ulimit parameters as below for mongodb.<\/p>\n
Edit limits.conf:<\/strong><\/p>\n
vi \/etc\/security\/limits.conf<\/pre>\n
*               soft    nproc           64000\n*               hard    nproc           64000\n*               soft    nofile          64000\n*               hard    nofile          64000\n<\/pre>\n
Edit 20-nproc.conf:<\/strong><\/p>\n
Edit 20-nproc.conf and update the value as below.\u00a0<\/p>\n
vi \/etc\/security\/limits.d\/20-nproc.conf<\/pre>\n
*               soft    nproc           64000\n<\/pre>\n