Creating a MongoDB Instance

Creation of a MongoDB instance.

MongoDB instances are created through the dmk_db_create.py script. All commands are executed as the mongodb user.

Using DMK templates

Instances are created using templates, which you can copy and modify from the $DMK_HOME/templates/dbcreate directory.

Let's go through an example with the template dbcreate_template_basic.yaml.

dbcreate_template_basic.yaml

mongo_cfg:
   instance_name: mdb01
   home_path: /u01/app/mongodb/product/8.0.16
   data_path: ${MONGO_DATA}
   bindIp: 0.0.0.0
   port: 27017
   template: ${DMK_HOME}/templates/dbcreate/mongo_conf_basic.yaml

This DMK template contains the following arguments :

• instance_name: Name of the instance, which must comply with the INSTANCE_NAMING_CONVENTION defined in the DMK configuration file. By default, it is set to ^mdb([a-zA-Z]{0,4})(\d+)$, but you can customize it in your local configuration file.

• home_path: Path to the MongoDB binaries associated with the instance. This path is stored in the $DMK_HOME/etc/mongodb.lst file and used when loading the environment for the instance.

• data_path: Directory where the data files will be stored. Defaults to $MONGO_DATA_ROOT.

• bindIp: MongoDB configuration parameter. See the official documentation for details.

• port: MongoDB listening port number.

• template: MongoDB configuration template file to be used.

Here is the content of the template used in the example. You can of course change this as needed.

${DMK_HOME}/templates/dbcreate/mongo_conf_basic.yaml

# Generated by MongoDB - DMK dbi services

processManagement:
   fork: true
   pidFilePath: ${admin_path}/pid/mongod.pid
net:
   bindIp: ${bindIp}
   port:  ${port}
storage:
   dbPath: ${data_path}
   engine: wiredTiger
systemLog:
   destination: file
   path: ${log_path}/${instance_name}.log
   logAppend: true

Warning If you want to modify DMK templates, variables must be written as ${VARIABLE} to ensure proper substitution.

Other templates are available, for installation with TLS communication enabled, or for a replica set.

Creating the instance

After verifying that all templates are correct, run dmk_dbcreate.py. This script will create:

• The MongoDB instance directory structure.

• A systemd file named mongod_<instance_name>.service, which has to be copied to /etc/systemd/system.

• The MongoDB configuration file named <instance_name>.conf.

mongodb@vm00: dmk_dbcreate.py -c /u01/app/mongodb/local/dmk/templates/dbcreate/dbcreate_template_basic.yaml
2025-06-30 02:08:41 | INFO     | Creating new MongoDB instance using configuration file: 'dbcreate_template_basic.yaml'
2025-06-30 02:08:41 | WARNING  | bindIp is set to 0.0.0.0, which might cause issues with TLS and could represent a security risk.
2025-06-30 02:08:41 | INFO     | Creating directory layout for mdb01 ...
2025-06-30 02:08:41 | INFO     | Directory '/u02/mongodb/data/mdb01' created.
2025-06-30 02:08:41 | INFO     | Directory '/u01/app/mongodb/admin/mdb01' created.
2025-06-30 02:08:41 | INFO     | Directory '/u04/mongodb/log/mdb01' created.
2025-06-30 02:08:41 | INFO     | Directory '/u90/mongodb/backup/mdb01' created.
2025-06-30 02:08:41 | INFO     | Directory '/u01/app/mongodb/admin/mdb01/pid' created.
2025-06-30 02:08:41 | INFO     | Directory '/u01/app/mongodb/admin/mdb01/etc' created.
2025-06-30 02:08:41 | INFO     | Directory '/u01/app/mongodb/admin/mdb01/dump' created.
2025-06-30 02:08:41 | INFO     | Directory '/u01/app/mongodb/admin/mdb01/secret' created.
2025-06-30 02:08:41 | INFO     | Directory '/u03/mongodb/journal/mdb01' created.
2025-06-30 02:08:41 | INFO     | Created symlink: /u01/app/mongodb/admin/mdb01/backup -> /u90/mongodb/backup/mdb01
2025-06-30 02:08:41 | INFO     | Created symlink: /u01/app/mongodb/admin/mdb01/log -> /u04/mongodb/log/mdb01
2025-06-30 02:08:41 | INFO     | Created symlink: /u02/mongodb/data/mdb01/journal -> /u03/mongodb/journal/mdb01
2025-06-30 02:08:41 | INFO     | Creating MongoDB configuration file from template: /u01/app/mongodb/local/dmk/templates/dbcreate/mongo_conf_basic.yaml
2025-06-30 02:08:41 | INFO     | Created MongoDB configuration file at '/u01/app/mongodb/admin/mdb01/etc/mdb01.conf'
2025-06-30 02:08:41 | INFO     | Creating systemd file from template at '/u01/app/mongodb/local/dmk/templates/systemd/mongod.service.template'
2025-06-30 02:08:41 | WARNING  | Created service file for systemd at '/u01/app/mongodb/admin/mdb01/etc/mongod_mdb01.service'.

2025-06-30 02:08:41 | WARNING  | --------------------------------------------------------------------------------
2025-06-30 02:08:41 | WARNING  | Copy the service file to /etc/systemd/system as root user :
2025-06-30 02:08:41 | WARNING  | cp -p /u01/app/mongodb/admin/mdb01/etc/mongod_mdb01.service /etc/systemd/system/
2025-06-30 02:08:41 | WARNING  | --------------------------------------------------------------------------------

2025-07-02 08:05:14 | WARNING  | If this is the first MongoDB installation, and no log rotation is set, run as root:
--------------------------------------------------------------------------------
cp /u01/app/mongodb/local/dmk/templates/etc/mongo_logrotate.template /etc/logrotate.d/mongodb
sed -i 's|MONGO_LOG_ROOT|/u04/mongodb/log|g' /etc/logrotate.d/mongodb
chown root:root /etc/logrotate.d/mongodb
chmod 644 /etc/logrotate.d/mongodb
--------------------------------------------------------------------------------

2025-06-30 02:08:41 | INFO     | Updating '/u01/app/mongodb/etc/mongodb.lst' file, adding mdb01
2025-06-30 02:08:41 | WARNING  | Source DMK to load environment for the new instance mdb01 by executing the command 'dmk mdb01'.
2025-06-30 02:08:41 | INFO     | MongoDB instance mdb01 created.

As instructed, copy the service file to /etc/systemd/system as the root user:

cp -p /u01/app/mongodb/admin/mdb01/etc/mongod_mdb01.service /etc/systemd/system/
systemctl daemon-reload
systemctl start mongod_mdb01.service
systemctl status mongod_mdb01.service

If this is the first MongoDB instance on the server, configure logrotate as instructed, again as root:

cp /u01/app/mongodb/local/dmk/templates/etc/mongo_logrotate.template /etc/logrotate.d/mongodb
sed -i 's|MONGO_LOG_ROOT|/u04/mongodb/log|g' /etc/logrotate.d/mongodb
chown root:root /etc/logrotate.d/mongodb
chmod 644 /etc/logrotate.d/mongodb

You can now reload DMK by running dmk or re-login as mongodb, and load the environment associated with the new instance.

mongodb@vm00:/home/mongodb/ [DUMMY] dmk
mongodb@vm00:/home/mongodb/ [DUMMY] mdb01

----------  dbi services  ----------

INSTANCE                 : mdb01
STATUS                   : STOPPED
VERSION                  : 8.0.16
BIND                     : 0.0.0.0
PORT                     : 27017
REPLICA SET STATUS       : N/A (instance STOPPED)
CONFIGURATION FILE       : /u01/app/mongodb/admin/mdb01/etc/mdb01.conf
DATA PATH                : /u02/mongodb/data/mdb01
LOG FILE                 : /u04/mongodb/log/mdb01/mdb01.log

------------------------------------

Securing the MongoDB instance

You must always secure the MongoDB instances right after their creation !

Connect to the MongoDB instance with ms, and run the following commands :

use admin
db.createUser({user:"dmk", pwd:passwordPrompt(), roles:[{role:"root", db:"admin"}]})

Example:

mongodb@vm00:/home/mongodb/ [mdb01] ms
test> use admin
switched to db admin
admin> db.createUser({user:"dmk", pwd:passwordPrompt(), roles:[{role:"root", db:"admin"}]})
Enter password
{ ok: 1 }

In the $MONGO_BASE/admin/$MONGO_INSTANCE/secret directory, create a cred.yaml file where the credentials will be stored.

$MONGO_BASE/admin/$MONGO_INSTANCE/secret/cred.yaml

dmk_user: dmk
dmk_pwd: <password>

Change the permissions with chmod 400 cred.yaml. You can now test the credentials with the msp alias.

Update MongoDB configuration file

Modify the configuration file with vic to include the security.authorization parameter:

mdb01.conf

security:
  authorization: enabled

Restart the MongoDB instance

To complete the process of securing your MongoDB instance, restart the instance with mgrestart.

You have successfully created and secured a MongoDB instance using DMK.