在Linux环境下配置MongoDB涉及多个要点,以下是一些关键步骤和配置建议:
wget -qO - https://www.mongodb.org/static/pgp/server-6.0.asc | sudo apt-key add -echo "deb [archamd64,arm64] https://repo.mongodb.org/apt/ubuntu $(lsb_release -sc)/mongodb-org/6.0 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-6.0.listsudo apt update && sudo apt install -y mongodb-orgcat <<EOF | sudo tee /etc/yum.repos.d/mongodb-org-6.0.repo
[mongodb-org-6.0]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/6.0/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-6.0.asc
EOF
sudo yum install -y mongodb-orgmongod --version 。文件目录结构:
/var/lib/mongo:默认数据目录/var/log/mongodb:日志目录/etc/mongod.conf:主配置文件。修改配置文件:
/etc/mongod.conf,关键参数包括:
systemLog:日志输出目的地和路径storage:数据存储路径和启用journal日志持久存储net:端口号和绑定的IP地址processManagement:后台运行security:启用用户认证。启动服务:
sudo systemctl start mongodsudo systemctl enable mongodsudo systemctl status mongod 。创建管理员用户:
use admindb.createUser({ user: "admin", pwd: "StrongPassword123", roles: ["root"] }) 。启用认证:
security.authorization: enabled,重启服务后验证:mongo -u admin -p StrongPassword123 --authenticationDatabase admin 。防火墙配置:
sudo ufw allow 27017/tcp(Ubuntu)sudo firewall-cmd --add-port 27017/tcp --permanent(CentOS)。storage.wiredTiger.engineConfig.cacheSizeGB,建议为可用内存的50-70% 。/etc/logrotate.d/mongodb 文件,配置日志轮转。echo "* soft nofile 64000" | sudo tee -a /etc/security/limits.conf
echo "* hard nofile 64000" | sudo tee -a /etc/security/limits.conf
sudo sysctl -w vm.zone_reclaim_mode=0
sudo sysctl -w vm.swappiness=1
``` 。
备份与恢复:
mongodump --uri "mongodb://admin:password@localhost:27017" --out /backup/mongodbmongorestore --uri "mongodb://admin:password@localhost:27017" --db mydb /backup/mongodb/mydb 。监控命令:
db.serverStatus()db.setProfilingLevel(1, 50) 。tail -n 100 /var/log/mongodb/mongod.log 。通过以上步骤,您可以在Linux系统上完成MongoDB的安装和配置。建议定期检查官方文档获取最新安全更新,对于生产环境还应考虑配置副本集以实现高可用性。。