Single Node

Server IP	Host Role
192.168.10.4	MongoDB Standalone

Start Deployment

1. Download the MongoDB installation package and extract it to the installation directory

   RedHat / CentOS 7.0 x64

   wget https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-rhel70-4.4.30.tgz
   tar -zxvf mongodb-linux-x86_64-rhel70-4.4.30.tgz
   mv mongodb-linux-x86_64-rhel70-4.4.30 /usr/local/mongodb

   RedHat / CentOS 8.0 x64

   wget https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-rhel80-4.4.30.tgz
   tar -zxvf mongodb-linux-x86_64-rhel80-4.4.30.tgz
   mv mongodb-linux-x86_64-rhel80-4.4.30 /usr/local/mongodb

   Debian 10.0+ x64

   1. If the operating system is higher than Debian 10, install the libssl1.1 dependency first

   wget https://pdpublic.mingdao.com/private-deployment/offline/common/libssl1.1_1.1.1w-0+deb11u1_amd64.deb
   dpkg -i libssl1.1_1.1.1w-0+deb11u1_amd64.deb

   2. Download the MongoDB installation package and extract it to the installation directory

   wget https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-debian10-4.4.30.tgz
   tar -zxvf mongodb-linux-x86_64-debian10-4.4.30.tgz
   mv mongodb-linux-x86_64-debian10-4.4.30 /usr/local/mongodb

   Others

   • Official Download: For packages targeting other operating systems, visit the MongoDB Community Edition Download Center.

   • Domestic System Compatibility: For systems like EulerOS, Kylin, and UOS, the corresponding CentOS 7/8 packages are generally compatible.

   • Example (Kylin V10): If using the Kylin V10 ARM version, you can download the CentOS 8 ARM 64 architecture package:

     • https://fastdl.mongodb.org/linux/mongodb-linux-aarch64-rhel82-4.4.30.tgz

2. Create the MongoDB user

   useradd -M -s /sbin/nologin mongodb

3. Create data and log directories and grant permissions

   mkdir -p /data/mongodb/ /data/logs/mongodb
   chown -R mongodb:mongodb /usr/local/mongodb/ /data/mongodb/ /data/logs/mongodb

4. Disable Transparent Huge Pages (THP)

   MongoDB may experience performance degradation and memory fragmentation when THP is enabled. It is recommended to disable it via a systemd service before starting MongoDB.

   cat > /etc/systemd/system/disable-thp.service <<\EOF
   [Unit]
   Description=Disable Transparent Huge Pages (THP)
   DefaultDependencies=no
   After=sysinit.target local-fs.target
   Before=mongodb.service
   [Service]
   Type=oneshot
   ExecStart=/bin/sh -c 'echo never > /sys/kernel/mm/transparent_hugepage/enabled'
   ExecStart=/bin/sh -c 'echo never > /sys/kernel/mm/transparent_hugepage/defrag'
   [Install]
   WantedBy=basic.target
   EOF
   
   systemctl daemon-reload
   systemctl enable disable-thp
   systemctl start disable-thp

5. Configure the systemd management file

   cat > /etc/systemd/system/mongodb.service <<'EOF'
   [Unit]
   Description=MongoDB
   After=network-online.target
   Wants=network-online.target
   [Service]
   User=mongodb
   Group=mongodb
   LimitNOFILE=1000000
   LimitNPROC=1000000
   LimitMEMLOCK=infinity
   ExecStart=/usr/local/mongodb/bin/mongod --logpath /data/logs/mongodb/mongodb.log --dbpath /data/mongodb --auth --port 27017 --bind_ip 0.0.0.0
   ExecStop=/usr/bin/kill $MAINPID
   Restart=on-failure
   RestartSec=5
   TimeoutStopSec=300
   [Install]
   WantedBy=multi-user.target
   EOF

6. Add to startup

   # Do not start the service with systemctl start mongodb until the user has been created
   systemctl daemon-reload
   systemctl enable mongodb

Create Database Users

1. Temporarily start a MongoDB service without authentication enabled

   su -c '/usr/local/mongodb/bin/mongod --fork --logpath /data/logs/mongodb/mongodb.log --dbpath /data/mongodb --noauth  --port 27017' -s /bin/bash mongodb

2. Create users

   /usr/local/mongodb/bin/mongo <<<'use admin
   db.createUser({user:"root",pwd:"12345678",roles:[{role:"root",db:"admin"}]})
   use MDLicense
   db.createUser({user:"hap",pwd:"123456",roles:[{role:"readWrite",db:"MDLicense"}]})
   use ClientLicense
   db.createUser({user:"hap",pwd:"123456",roles:[{role:"readWrite",db:"ClientLicense"}]})
   use commonbase
   db.createUser({user:"hap",pwd:"123456",roles:[{role:"readWrite",db:"commonbase"}]})
   use MDAlert
   db.createUser({user:"hap",pwd:"123456",roles:[{role:"readWrite",db:"MDAlert"}]})
   use mdapproles
   db.createUser({user:"hap",pwd:"123456",roles:[{role:"readWrite",db:"mdapproles"}]})
   use mdapprove
   db.createUser({user:"hap",pwd:"123456",roles:[{role:"readWrite",db:"mdapprove"}]})
   use mdapps
   db.createUser({user:"hap",pwd:"123456",roles:[{role:"readWrite",db:"mdapps"}]})
   use mdattachment
   db.createUser({user:"hap",pwd:"123456",roles:[{role:"readWrite",db:"mdattachment"}]})
   use mdcalendar
   db.createUser({user:"hap",pwd:"123456",roles:[{role:"readWrite",db:"mdcalendar"}]})
   use mdcategory
   db.createUser({user:"hap",pwd:"123456",roles:[{role:"readWrite",db:"mdcategory"}]})
   use MDChatTop
   db.createUser({user:"hap",pwd:"123456",roles:[{role:"readWrite",db:"MDChatTop"}]})
   use mdcheck
   db.createUser({user:"hap",pwd:"123456",roles:[{role:"readWrite",db:"mdcheck"}]})
   use mddossier
   db.createUser({user:"hap",pwd:"123456",roles:[{role:"readWrite",db:"mddossier"}]})
   use mdemail
   db.createUser({user:"hap",pwd:"123456",roles:[{role:"readWrite",db:"mdemail"}]})
   use mdform
   db.createUser({user:"hap",pwd:"123456",roles:[{role:"readWrite",db:"mdform"}]})
   use MDGroup
   db.createUser({user:"hap",pwd:"123456",roles:[{role:"readWrite",db:"MDGroup"}]})
   use mdgroups
   db.createUser({user:"hap",pwd:"123456",roles:[{role:"readWrite",db:"mdgroups"}]})
   use MDHistory
   db.createUser({user:"hap",pwd:"123456",roles:[{role:"readWrite",db:"MDHistory"}]})
   use mdIdentification
   db.createUser({user:"hap",pwd:"123456",roles:[{role:"readWrite",db:"mdIdentification"}]})
   use mdinbox
   db.createUser({user:"hap",pwd:"123456",roles:[{role:"readWrite",db:"mdinbox"}]})
   use mdkc
   db.createUser({user:"hap",pwd:"123456",roles:[{role:"readWrite",db:"mdkc"}]})
   use mdmap
   db.createUser({user:"hap",pwd:"123456",roles:[{role:"readWrite",db:"mdmap"}]})
   use mdmobileaddress
   db.createUser({user:"hap",pwd:"123456",roles:[{role:"readWrite",db:"mdmobileaddress"}]})
   use MDNotification
   db.createUser({user:"hap",pwd:"123456",roles:[{role:"readWrite",db:"MDNotification"}]})
   use mdpost
   db.createUser({user:"hap",pwd:"123456",roles:[{role:"readWrite",db:"mdpost"}]})
   use mdreportdata
   db.createUser({user:"hap",pwd:"123456",roles:[{role:"readWrite",db:"mdreportdata"}]})
   use mdroles
   db.createUser({user:"hap",pwd:"123456",roles:[{role:"readWrite",db:"mdroles"}]})
   use mdsearch
   db.createUser({user:"hap",pwd:"123456",roles:[{role:"readWrite",db:"mdsearch"}]})
   use mdservicedata
   db.createUser({user:"hap",pwd:"123456",roles:[{role:"readWrite",db:"mdservicedata"}]})
   use mdsms
   db.createUser({user:"hap",pwd:"123456",roles:[{role:"readWrite",db:"mdsms"}]})
   use MDSso
   db.createUser({user:"hap",pwd:"123456",roles:[{role:"readWrite",db:"MDSso"}]})
   use mdtag
   db.createUser({user:"hap",pwd:"123456",roles:[{role:"readWrite",db:"mdtag"}]})
   use mdtransfer
   db.createUser({user:"hap",pwd:"123456",roles:[{role:"readWrite",db:"mdtransfer"}]})
   use MDUser
   db.createUser({user:"hap",pwd:"123456",roles:[{role:"readWrite",db:"MDUser"}]})
   use mdworkflow
   db.createUser({user:"hap",pwd:"123456",roles:[{role:"readWrite",db:"mdworkflow"}]})
   use mdworksheet
   db.createUser({user:"hap",pwd:"123456",roles:[{role:"readWrite",db:"mdworksheet"}]})
   use mdworkweixin
   db.createUser({user:"hap",pwd:"123456",roles:[{role:"readWrite",db:"mdworkweixin"}]})
   use mdwsrows
   db.createUser({user:"hap",pwd:"123456",roles:[{role:"readWrite",db:"mdwsrows"}]})
   use pushlog
   db.createUser({user:"hap",pwd:"123456",roles:[{role:"readWrite",db:"pushlog"}]})
   use taskcenter
   db.createUser({user:"hap",pwd:"123456",roles:[{role:"readWrite",db:"taskcenter"}]})
   use mdintegration
   db.createUser({user:"hap",pwd:"123456",roles:[{role:"readWrite",db:"mdintegration"}]})
   use mdactionlog
   db.createUser({user:"hap",pwd:"123456",roles:[{role:"readWrite",db:"mdactionlog"}]})
   use mdworksheetlog
   db.createUser({user:"hap",pwd:"123456",roles:[{role:"readWrite",db:"mdworksheetlog"}]})
   use mdworksheetsearch
   db.createUser({user: "hap",pwd: "123456",roles: [{role: "readWrite",db: "mdworksheetsearch"}]})
   use mddatapipeline
   db.createUser({user: "hap",pwd: "123456",roles: [{role: "readWrite",db: "mddatapipeline"}]})
   use mdwfplugin
   db.createUser({user: "hap",pwd: "123456",roles: [{role: "readWrite",db: "mdwfplugin"}]})
   use mdpayment
   db.createUser({user: "hap",pwd: "123456",roles: [{role: "readWrite",db: "mdpayment"}]})
   use mdwfai
   db.createUser({user: "hap",pwd: "123456",roles: [{role: "readWrite",db: "mdwfai"}]})'

   • The password for the MongoDB admin database root user specified in the command is 12345678, but it must be changed to a strong password in actual deployment.
   • The password for the MongoDB business database user hap specified in the command is 123456, but it must be changed to a strong password in actual deployment.
   • If the password contains special characters, only - or _ are allowed. Characters like @ ! # & are forbidden to avoid compatibility issues.

3. Shut down the temporarily started MongoDB

   kill $(pgrep -f 'mongod')

Start MongoDB

systemctl start mongodb

Verify Service Status

1. Check MongoDB status

   systemctl status mongodb

2. Test admin connection

   Use the following command to test the connection of the admin account

   /usr/local/mongodb/bin/mongo -u root -p 12345678 --authenticationDatabase admin

3. Test business database connection

   Use the following command to test the connection of a single business database user

   /usr/local/mongodb/bin/mongo -u hap -p 123456 --authenticationDatabase mdwsrows