The author selected the Creative Commons Corporation to receive a $100 donation as part of the Write for DOnations program.
Introduction
MongoDB, also known as Mongo is a free and open-source NoSQL document database used commonly in modern web applications.
In this tutorial you’ll install MongoDB, manage its service, and optionally enable remote access.
Note: As of this writing, this tutorial installs version 3.6 of MongoDB, which is the version available from the default Ubuntu repositories. However, we generally recommend installing the latest version of MongoDB — version 4.4 as of this writing — instead. If you’d like to install the latest version of MongoDB, we encourage you to follow this guide on How To Install MongoDB on Ubuntu 18.04 from source.
Prerequisites
To follow this tutorial, you will need:
One Ubuntu 18.04 server set up by following this initial server setup tutorial, including a sudo non-root user and a firewall.
Step 1 — Installing MongoDB
Ubuntu’s official package repositories include MongoDB, which means we can install the necessary packages using apt
. As mentioned in the introduction, the version available from the default repositories is not the latest one. To install the latest version of Mongo, please follow this tutorial instead.
First, update the packages list to have the most recent version of the repository listings:
sudo apt update
Now install the MongoDB package itself:
sudo apt install -y mongodb
This command installs several packages containing a stable version of MongoDB, along with helpful management tools for the MongoDB server. The database server is automatically started after installation.
Next, let’s verify that the server is running and works correctly.
Step 2 — Checking the Service and Database
The installation process started MongoDB automatically, but let’s verify that the service is started and that the database is working.
First, check the service’s status:
sudo systemctl status mongodb
You’ll see this output:
● mongodb.service - An object/document-oriented database
Loaded: loaded (/lib/systemd/system/mongodb.service; enabled; vendor preset: enabled)
Active: active (running) since Sat 2018-05-26 07:48:04 UTC; 2min 17s ago
Docs: man:mongod(1)
Main PID: 2312 (mongod)
Tasks: 23 (limit: 1153)
CGroup: /system.slice/mongodb.service
└─2312 /usr/bin/mongod --unixSocketPrefix=/run/mongodb --config /etc/mongodb.conf
According to systemd
, the MongoDB server is up and running.
We can verify this further by actually connecting to the database server and executing a diagnostic command
Execute this command:
mongo --eval 'db.runCommand({ connectionStatus: 1 })'
This will output the current database version, the server address and port, and the output of the status command:
MongoDB shell version v3.6.3
connecting to: mongodb://127.0.0.1:27017
MongoDB server version: 3.6.3
{
"authInfo" : {
"authenticatedUsers" : [ ],
"authenticatedUserRoles" : [ ]
},
"ok" : 1
}
A value of 1
for the ok
field in the response indicates that the server is working properly.
Next, we’ll look at how to manage the server instance.
Step 3 — Managing the MongoDB Service
MongoDB installs as a systemd service, which means that you can manage it using standard systemd
commands alongside all other sytem services in Ubuntu.
To verify the status of the service, type:
sudo systemctl status mongodb
You can stop the server anytime by typing:
sudo systemctl stop mongodb
To start the server when it is stopped, type:
sudo systemctl start mongodb
You can also restart the server with a single command:
sudo systemctl restart mongodb
By default, MongoDB is configured to start automatically with the server. If you wish to disable the automatic startup, type:
sudo systemctl disable mongodb
It’s just as easy to enable it again. To do this, use:
sudo systemctl enable mongodb
Next, let’s adjust the firewall settings for our MongoDB installation.
Step 4 — Adjusting the Firewall (Optional)
Assuming you have followed the initial server setup tutorial instructions to enable the firewall on your server, the MongoDB server will be inaccessible from the internet.
If you intend to use the MongoDB server only locally with applications running on the same server, this is the recommended and secure setting. However, if you would like to be able to connect to your MongoDB server from the internet, you have to allow the incoming connections in ufw
.
To allow access to MongoDB on its default port 27017
from everywhere, you could use sudo ufw allow 27017
. However, enabling internet access to MongoDB server on a default installation gives anyone unrestricted access to the database server and its data.
In most cases, MongoDB should be accessed only from certain trusted locations, such as another server hosting an application. To accomplish this task, you can allow access on MongoDB’s default port while specifying the IP address of another server that will be explicitly allowed to connect:
sudo ufw allow from your_other_server_ip/32 to any port 27017
You can verify the change in firewall settings with ufw
:
sudo ufw status
You should see traffic to port 27017
allowed in the output:
Status: active
To Action From
-- ------ ----
OpenSSH ALLOW Anywhere
27017 ALLOW Anywhere
OpenSSH (v6) ALLOW Anywhere (v6)
27017 (v6) ALLOW Anywhere (v6)
If you have decided to allow only a certain IP address to connect to MongoDB server, the IP address of the allowed location will be listed instead of Anywhere in the output.
You can find more advanced firewall settings for restricting access to services in UFW Essentials: Common Firewall Rules and Commands.
Even though the port is open, MongoDB is currently only listening on the local address 127.0.0.1
. To allow remote connections, add your server’s publicly-routable IP address to the mongod.conf
file.
Open the MongoDB configuration file in your editor:
sudo nano /etc/mongodb.conf
Add your server’s IP address to the bindIP
value:
[label ]
...
logappend=true
bind_ip = 127.0.0.1,your_server_ip
#port = 27017
...
Be sure to place a comma between the existing IP address and the one you added.
Save the file, exit the editor, and restart MongoDB:
sudo systemctl restart mongodb
MongoDB is now listening for remote connections, but anyone can access it. Follow Part 2 of How to Install and Secure MongoDB on Ubuntu 16.04 to add an administrative user and lock things down further.
Conclusion
You can find more in-depth tutorials on how to configure and use MongoDB in these DigitalOcean community articles. The official MongoDB documentation is also a great resource on the possibilities that MongoDB provides.