Skip to main content

Mongod configurations

mongo --auth --bing_ip_all or --bind_ip

Process log:โ€‹

Mongo stores the events related to activities on mongod process.

  • To get the information about verbosity levels
    db.getLogComponents()
  • To change the verbosity level to 0, which display only INFO(example for indexes).
    db.setLogLevel(0, "index")
  • To enable debug log, set the value to 1-5.
  • Log file path: dbPath/mongod.log

DB Profiling:โ€‹

Profiler captures the following information:

  • CRUD operations
  • Administrative operations
  • Configuration operations
db.getProfilingLevel()
db.setProfilingLevel(1)
db.system.profile.find().pretty()

Authenticationโ€‹

Mongo supports following mechanisms

  • SCRAM
  • x.509
  • LDAP (enterprise only)
  • KERBEROS (enterprise only)

Autherizationโ€‹

  • Role based autherization control
  • Roles and users are limited to database.

How it works?โ€‹

  • Each user has one or more roles
  • Each Role has one or mote Privilaged
  • A privilage is group of actions and the Resources those actions applied to.
use admin
db.createUser({
  user: "root",
  pwd: "root123",
  roles : [ "root" ]
})

Built-in Roles:โ€‹

Pre-packaged mongodb roles.

  • Database user
  • database administrator
  • Cluster administrator
  • Backup/restore
  • super user
tip

It is recommanded to create users in admin database and specify the database on which user get access rather than creating user in individual db

userAdmin : Can create and manage roles but can not do anything with data. dbAdmin : Gets the ability to do anything with data but can do nothing on user adminstration dbOwner : dbOwner = dbAdmin + userAdmin + readWrite

use admin; # to switch to admin database
db.createUser(
  { user: "dba",
    pwd: "c1lynd3rs",
    roles: [ { db: "myAppDb", role: "dbAdmin" } ]
  }
)

To add dbOwner role the above user

db.grantRolesToUser( "dba",  [ { db: "myAppDb", role: "dbOwner"  } ] )

Utilitiesโ€‹

  • mongostat
  • mongodump
    • collection.bson is the actual data
    • collection.json is the metadata of the data
  • mongorestore
  • mongoexport
    • useful to store collection data into a json file
  • mongoimport
    • import the exported data