# Creating a MongoDB Instance MongoDB instances are created through the `dmk_db_create.py` script. All commands are executed as the `mongodb` user. #### Using DMK templates Instances are created using templates, which you can copy and modify from the `$DMK_HOME/templates/dbcreate` directory. Let's go through an example with the template `dbcreate_template_basic.yaml`. {% code title="dbcreate\_template\_basic.yaml" overflow="wrap" lineNumbers="true" %} ```yaml mongo_cfg: instance_name: mdb01 home_path: /u01/app/mongodb/product/8.0.16 data_path: ${MONGO_DATA} bindIp: 0.0.0.0 port: 27017 template: ${DMK_HOME}/templates/dbcreate/mongo_conf_basic.yaml ``` {% endcode %} This DMK template contains the following arguments : * `instance_name`: Name of the instance, which must comply with the `INSTANCE_NAMING_CONVENTION` defined in the DMK configuration file. By default, it is set to `^mdb([a-zA-Z]{0,4})(\d+)$`, but you can customize it in your local configuration file. * `home_path`: Path to the MongoDB binaries associated with the instance. This path is stored in the `$DMK_HOME/etc/mongodb.lst` file and used when loading the environment for the instance. * `data_path`: Directory where the data files will be stored. Defaults to `$MONGO_DATA_ROOT`. * `bindIp`: MongoDB configuration parameter. See the [official documentation](https://www.mongodb.com/docs/manual/reference/configuration-options/#mongodb-setting-net.bindIp) for details. * `port`: MongoDB listening port number. * `template`: MongoDB configuration template file to be used. Here is the content of the template used in the example. You can of course change this as needed. {% code title="${DMK\_HOME}/templates/dbcreate/mongo\_conf\_basic.yaml" overflow="wrap" lineNumbers="true" %} ```yaml # Generated by MongoDB - DMK dbi services processManagement: fork: true pidFilePath: ${admin_path}/pid/mongod.pid net: bindIp: ${bindIp} port: ${port} storage: dbPath: ${data_path} engine: wiredTiger systemLog: destination: file path: ${log_path}/${instance_name}.log logAppend: true ``` {% endcode %} {% hint style="warning" %} **Warning** If you want to modify DMK templates, variables must be written as `${VARIABLE}` to ensure proper substitution. {% endhint %} Other templates are available, for installation with TLS communication enabled, or for a replica set. #### Creating the instance After verifying that all templates are correct, run `dmk_dbcreate.py`. This script will create: * The MongoDB instance directory structure. * A systemd file named `mongod_.service`, which has to be copied to `/etc/systemd/system`. * The MongoDB configuration file named `.conf`. ```bash mongodb@vm00: dmk_dbcreate.py -c /u01/app/mongodb/local/dmk/templates/dbcreate/dbcreate_template_basic.yaml 2025-06-30 02:08:41 | INFO | Creating new MongoDB instance using configuration file: 'dbcreate_template_basic.yaml' 2025-06-30 02:08:41 | WARNING | bindIp is set to 0.0.0.0, which might cause issues with TLS and could represent a security risk. 2025-06-30 02:08:41 | INFO | Creating directory layout for mdb01 ... 2025-06-30 02:08:41 | INFO | Directory '/u02/mongodb/data/mdb01' created. 2025-06-30 02:08:41 | INFO | Directory '/u01/app/mongodb/admin/mdb01' created. 2025-06-30 02:08:41 | INFO | Directory '/u04/mongodb/log/mdb01' created. 2025-06-30 02:08:41 | INFO | Directory '/u90/mongodb/backup/mdb01' created. 2025-06-30 02:08:41 | INFO | Directory '/u01/app/mongodb/admin/mdb01/pid' created. 2025-06-30 02:08:41 | INFO | Directory '/u01/app/mongodb/admin/mdb01/etc' created. 2025-06-30 02:08:41 | INFO | Directory '/u01/app/mongodb/admin/mdb01/dump' created. 2025-06-30 02:08:41 | INFO | Directory '/u01/app/mongodb/admin/mdb01/secret' created. 2025-06-30 02:08:41 | INFO | Directory '/u03/mongodb/journal/mdb01' created. 2025-06-30 02:08:41 | INFO | Created symlink: /u01/app/mongodb/admin/mdb01/backup -> /u90/mongodb/backup/mdb01 2025-06-30 02:08:41 | INFO | Created symlink: /u01/app/mongodb/admin/mdb01/log -> /u04/mongodb/log/mdb01 2025-06-30 02:08:41 | INFO | Created symlink: /u02/mongodb/data/mdb01/journal -> /u03/mongodb/journal/mdb01 2025-06-30 02:08:41 | INFO | Creating MongoDB configuration file from template: /u01/app/mongodb/local/dmk/templates/dbcreate/mongo_conf_basic.yaml 2025-06-30 02:08:41 | INFO | Created MongoDB configuration file at '/u01/app/mongodb/admin/mdb01/etc/mdb01.conf' 2025-06-30 02:08:41 | INFO | Creating systemd file from template at '/u01/app/mongodb/local/dmk/templates/systemd/mongod.service.template' 2025-06-30 02:08:41 | WARNING | Created service file for systemd at '/u01/app/mongodb/admin/mdb01/etc/mongod_mdb01.service'. 2025-06-30 02:08:41 | WARNING | -------------------------------------------------------------------------------- 2025-06-30 02:08:41 | WARNING | Copy the service file to /etc/systemd/system as root user : 2025-06-30 02:08:41 | WARNING | cp -p /u01/app/mongodb/admin/mdb01/etc/mongod_mdb01.service /etc/systemd/system/ 2025-06-30 02:08:41 | WARNING | -------------------------------------------------------------------------------- 2025-07-02 08:05:14 | WARNING | If this is the first MongoDB installation, and no log rotation is set, run as root: -------------------------------------------------------------------------------- cp /u01/app/mongodb/local/dmk/templates/etc/mongo_logrotate.template /etc/logrotate.d/mongodb sed -i 's|MONGO_LOG_ROOT|/u04/mongodb/log|g' /etc/logrotate.d/mongodb chown root:root /etc/logrotate.d/mongodb chmod 644 /etc/logrotate.d/mongodb -------------------------------------------------------------------------------- 2025-06-30 02:08:41 | INFO | Updating '/u01/app/mongodb/etc/mongodb.lst' file, adding mdb01 2025-06-30 02:08:41 | WARNING | Source DMK to load environment for the new instance mdb01 by executing the command 'dmk mdb01'. 2025-06-30 02:08:41 | INFO | MongoDB instance mdb01 created. ``` As instructed, copy the service file to `/etc/systemd/system` as the `root` user: ```bash cp -p /u01/app/mongodb/admin/mdb01/etc/mongod_mdb01.service /etc/systemd/system/ systemctl daemon-reload systemctl start mongod_mdb01.service systemctl enable mongod_mdb01.service systemctl status mongod_mdb01.service --no-pager -l ``` If this is the first MongoDB instance on the server, configure logrotate as instructed, again as `root`: ```bash cp /u01/app/mongodb/local/dmk/templates/etc/mongo_logrotate.template /etc/logrotate.d/mongodb sed -i 's|MONGO_LOG_ROOT|/u04/mongodb/log|g' /etc/logrotate.d/mongodb chown root:root /etc/logrotate.d/mongodb chmod 644 /etc/logrotate.d/mongodb ``` You can now reload DMK by running `dmk` or re-login as `mongodb`, and load the environment associated with the new instance. ```bash mongodb@vm00:/home/mongodb/ [DUMMY] dmk mongodb@vm00:/home/mongodb/ [DUMMY] mdb01 ---------- dbi services ---------- INSTANCE : mdb01 STATUS : STOPPED VERSION : 8.0.16 BIND : 0.0.0.0 PORT : 27017 REPLICA SET STATUS : N/A (instance STOPPED) CONFIGURATION FILE : /u01/app/mongodb/admin/mdb01/etc/mdb01.conf DATA PATH : /u02/mongodb/data/mdb01 LOG FILE : /u04/mongodb/log/mdb01/mdb01.log ------------------------------------ ``` #### Securing the MongoDB instance {% hint style="danger" %} You **must** always secure the MongoDB instances right after their creation ! {% endhint %} Connect to the MongoDB instance with `ms`, and run the following commands : ```js use admin db.createUser({user:"dmk", pwd:passwordPrompt(), roles:[{role:"root", db:"admin"}]}) ``` Example: ```bash mongodb@vm00:/home/mongodb/ [mdb01] ms test> use admin switched to db admin admin> db.createUser({user:"dmk", pwd:passwordPrompt(), roles:[{role:"root", db:"admin"}]}) Enter password { ok: 1 } ``` In the `$MONGO_BASE/admin/$MONGO_INSTANCE/secret` directory, create a `cred.yaml` file where the credentials will be stored. {% code title="$MONGO\_BASE/admin/$MONGO\_INSTANCE/secret/cred.yaml" overflow="wrap" lineNumbers="true" %} ```yaml dmk_user: dmk dmk_pwd: ``` {% endcode %} Change the permissions with `chmod 400 cred.yaml`. You can now test the credentials with the `msp` alias. #### Update MongoDB configuration file Modify the configuration file with `vic` to include the `security.authorization` parameter: {% code title="mdb01.conf" overflow="wrap" lineNumbers="true" %} ```yaml security: authorization: enabled ``` {% endcode %} #### Restart the MongoDB instance To complete the process of securing your MongoDB instance, restart the instance with `mgrestart`. {% hint style="success" %} You have successfully created and secured a MongoDB instance using DMK. {% endhint %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://dbi-services.gitbook.io/dmk-mongodb/managing-databases/creating_mongo_instance.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.