About this Task
This procedure guides you through setting up a mongod locally
in order to complete the Install MongoDB Search and MongoDB Vector Search Tarball
installation tutorial.
Note
If you already have a replica set with keyfile authentication set up, you can skip this procedure.
Steps
Create your keyfile.
With keyfile authentication, each
mongod instances in the replica set uses the contents of the keyfile as the
shared password for authenticating other members in the deployment. Only
mongod instances with the correct keyfile can join the replica set.
Note
Keyfiles for internal membership authentication use YAML format to allow for multiple keys in a keyfile. The YAML format accepts either:
A single key string (same as in earlier versions)
A sequence of key strings
The YAML format is compatible with the existing single-key keyfiles that use the text file format.
A key's length must be between 6 and 1024 characters and may only contain characters in the base64 set. All members of the replica set must share at least one common key.
Note
On UNIX systems, the keyfile must not have group or world permissions. On Windows systems, keyfile permissions are not checked.
You can generate a keyfile using any method you choose. For example,
the following operation uses openssl to generate a complex
pseudo-random 1024 character string to use as a shared password. It then
uses chmod to change file permissions to provide read
permissions for the file owner only:
openssl rand -base64 756 > <path/to/keyfile> chmod 400 <path/to/keyfile>
See Keyfiles for additional details and requirements for using keyfiles.
Copy the keyfile.
Copy the keyfile to each server hosting the replica set members.
Ensure that the user running the mongod instances is the owner
of the file and can access the keyfile.
Avoid storing the keyfile on storage mediums that can be easily
disconnected from the hardware that hosts the mongod instances, such
as a USB drive or a network attached storage device.
Create your mongod configuration file.
To create your configuration file, save the following code to mongod.conf
or your preferred location.
# MongoDB Configuration File # Network configuration net: port: 27017 bindIpAll: true # Equivalent to --bind_ip_all # Replica set configuration replication: replSetName: rs0 # Security configuration #security: # authorization: enabled # Equivalent to --auth # keyFile: </path/to/keyfile> # Search configuration parameters setParameter: mongotHost: localhost:27027 searchIndexManagementHostAndPort: localhost:27027 # Process management configuration processManagement: fork: true # Logging configuration systemLog: destination: file path: /var/log/mongodb/mongod.log logAppend: true
Create your admin user.
To create an admin user on your mongod, run the following
commands, replacing <password> with the desired password
for the myAdmin user:
use admin db.createUser( { user: "myAdmin", pwd: "<password>", roles: [ { role: "root", db: "admin" } ] } )
For details, see Create a User-Defined Role.
Initiate your replica set.
Use the rs.initiate() method to initiate your replica
set. For details, see this example.
Update your config file to point to your keyfile.
Uncomment the following lines in the mongod.conf file you created in
Create your mongod configuration file.
Replace </path/to/keyfile> with the path to the keyfile you
created in Create your keyfile.
security: authorization: enabled # Equivalent to --auth keyFile: </path/to/keyfile>
Restart mongod with keyfile authentication.
To start mongod with keyfile authentication, specify the
config file that you created in Create your mongod
configuration file and updated throughout
the procedure.
./mongod --config mongod.conf