Navigation

Install MongoDB Community Edition on Red Hat or CentOS

On this page

  • Overview
  • Considerations
  • Install MongoDB Community Edition
  • Run MongoDB Community Edition
  • Uninstall MongoDB Community Edition
  • Additional Information
Note
MongoDB Atlas

MongoDB Atlas is a hosted MongoDB service option in the cloud which requires no installation overhead and offers a free tier to get started.

Use this tutorial to install MongoDB 5.0 Community Edition on Red Hat Enterprise Linux, CentOS Linux, or Oracle Linux [1] using the yum package manager.

This tutorial installs MongoDB 5.0 Community Edition. To install a different version of MongoDB Community, use the version drop-down menu in the upper-left corner of this page to select the documentation for that version.

Note
EOL Notice
  • MongoDB 5.0 Community Edition removes support for RHEL / CentOS / Oracle 6 on x86_64
  • MongoDB 5.0 Community Edition removes support for RHEL / CentOS / Oracle 7 on s390x

MongoDB 5.0 Community Edition supports the following 64-bit versions of Red Hat Enterprise Linux (RHEL), CentOS Linux, and Oracle Linux [1] on x86_64 architecture:

  • RHEL / CentOS / Oracle 8
  • RHEL / CentOS / Oracle 7
  • RHEL / CentOS / Oracle 6

MongoDB only supports the 64-bit versions of these platforms.

MongoDB 5.0 Community Edition on RHEL / CentOS / Oracle also supports the ARM64 architecture on select platforms.

See Supported Platforms for more information.

[1](1, 2) MongoDB only supports Oracle Linux running the Red Hat Compatible Kernel (RHCK). MongoDB does not support the Unbreakable Enterprise Kernel (UEK).
Note
Windows Subsystem for Linux (WSL) Support

To run MongoDB in Windows Subsystem for Linux (WSL), refer to the WSL documentation.

Before deploying MongoDB in a production environment, consider the Production Notes document which offers performance considerations and configuration recommendations for production MongoDB deployments.

Follow these steps to install MongoDB Community Edition using the yum package manager.

1

Create a /etc/yum.repos.d/mongodb-org-5.0.repo file so that you can install MongoDB directly using yum:

[mongodb-org-5.0]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/5.0/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-5.0.asc

You can also download the .rpm files directly from the MongoDB repository. Downloads are organized by Red Hat / CentOS version (e.g. 7), then MongoDB release version (e.g. 5.0), then architecture (e.g. x86_64).

Prior to MongoDB 5.0, odd-numbered MongoDB release versions, such as 4.3, were development releases. Beginning with MongoDB 5.1, MongoDB has quarterly rapid releases. For more information on the differences between rapid and long-term support releases, see MongoDB Versioning.

2

To install the latest stable version of MongoDB, issue the following command:

sudo yum install -y mongodb-org

Alternatively, to install a specific release of MongoDB, specify each component package individually and append the version number to the package name, as in the following example:

sudo yum install -y mongodb-org-5.0.2 mongodb-org-database-5.0.2 mongodb-org-server-5.0.2 mongodb-org-shell-5.0.2 mongodb-org-mongos-5.0.2 mongodb-org-tools-5.0.2

You can specify any available version of MongoDB. However yum upgrades the packages when a newer version becomes available. To prevent unintended upgrades, pin the package. To pin a package, add the following exclude directive to your /etc/yum.conf file:

exclude=mongodb-org,mongodb-org-database,mongodb-org-server,mongodb-org-shell,mongodb-org-mongos,mongodb-org-tools

Most Unix-like operating systems limit the system resources that a process may use. These limits may negatively impact MongoDB operation, and should be adjusted. See UNIX ulimit Settings for the recommended settings for your platform.

Note

Starting in MongoDB 4.4, a startup error is generated if the ulimit value for number of open files is under 64000.

By default, MongoDB runs using the mongod user account and uses the following default directories:

  • /var/lib/mongo (the data directory)
  • /var/log/mongodb (the log directory)

The package manager creates the default directories during installation. The owner and group name are mongod.

To use a data directory and/or log directory other than the default directories:

  1. Create the new directory or directories.
  2. Edit the configuration file /etc/mongod.conf and modify the following fields accordingly:

  3. Ensure that the user running MongoDB has access to the directory or directories:

    sudo chown -R mongod:mongod <directory>

    If you change the user that runs the MongoDB process, you must give the new user access to these directories.

  4. Configure SELinux if enforced. See Configure SELinux.
Important

If SELinux is in enforcing mode, you must customize your SELinux policy for MongoDB by making the following two policy adjustments:

The current SELinux Policy does not allow the MongoDB process to access /sys/fs/cgroup, which is required to determine the available memory on your system. If you intend to run SELinux in enforcing mode, you will need to make the following adjustment to your SELinux policy:

  1. Ensure your system has the checkpolicy package installed:

    sudo yum install checkpolicy
  2. Create a custom policy file mongodb_cgroup_memory.te:

    cat > mongodb_cgroup_memory.te <<EOF
    module mongodb_cgroup_memory 1.0;
    require {
    type cgroup_t;
    type mongod_t;
    class dir search;
    class file { getattr open read };
    }
    #============= mongod_t ==============
    allow mongod_t cgroup_t:dir search;
    allow mongod_t cgroup_t:file { getattr open read };
    EOF
  3. Once created, compile and load the custom policy module by running these three commands:

    checkmodule -M -m -o mongodb_cgroup_memory.mod mongodb_cgroup_memory.te
    semodule_package -o mongodb_cgroup_memory.pp -m mongodb_cgroup_memory.mod
    sudo semodule -i mongodb_cgroup_memory.pp

The MongoDB process is now able to access the correct files with SELinux set to enforcing.

The current SELinux Policy does not allow the MongoDB process to open and read /proc/net/netstat, which is required for Full Time Diagnostic Data Capture (FTDC). If you intend to run SELinux in enforcing mode, you will need to make the following adjustment to your SELinux policy:

  1. Ensure your system has the checkpolicy package installed:

    sudo yum install checkpolicy
  2. Create a custom policy file mongodb_proc_net.te:

    cat > mongodb_proc_net.te <<EOF
    module mongodb_proc_net 1.0;
    require {
    type proc_net_t;
    type mongod_t;
    class file { open read };
    }
    #============= mongod_t ==============
    allow mongod_t proc_net_t:file { open read };
    EOF
  3. Once created, compile and load the custom policy module by running these three commands:

    checkmodule -M -m -o mongodb_proc_net.mod mongodb_proc_net.te
    semodule_package -o mongodb_proc_net.pp -m mongodb_proc_net.mod
    sudo semodule -i mongodb_proc_net.pp
Important

In addition to the above, you will also need to further customize your SELinux policy in the following two cases if SELinux is in enforcing mode:

  1. Update the SELinux policy to allow the mongod service to use the new directory:

    sudo semanage fcontext -a -t <type> </some/MongoDB/directory.*>

    where specify one of the following types as appropriate:

    • mongod_var_lib_t for data directory
    • mongod_log_t for log file directory
    • mongod_var_run_t for pid file directory
    Note

    Be sure to include the .* at the end of the directory.

  2. Update the SELinux user policy for the new directory:

    sudo chcon -Rv -u system_u -t <type> </some/MongoDB/directory>

    where specify one of the following types as appropriate:

    • mongod_var_lib_t for data directory
    • mongod_log_t for log directory
    • mongod_var_run_t for pid file directory
  3. Apply the updated SELinux policies to the directory:

    restorecon -R -v </some/MongoDB/directory>

For example:

Tip

Be sure to include the .* at the end of the directory for the semanage fcontext operations.

  • If using a non-default MongoDB data path of /mongodb/data:

    sudo semanage fcontext -a -t mongod_var_lib_t '/mongodb/data.*'
    sudo chcon -Rv -u system_u -t mongod_var_lib_t '/mongodb/data'
    restorecon -R -v '/mongodb/data'
  • If using a non-default MongoDB log directory of /mongodb/log (e.g. if the log file path is /mongodb/log/mongod.log):

    sudo semanage fcontext -a -t mongod_log_t '/mongodb/log.*'
    sudo chcon -Rv -u system_u -t mongod_log_t '/mongodb/log'
    restorecon -R -v '/mongodb/log'
sudo semanage port -a -t mongod_port_t -p tcp <portnumber>

Follow these steps to run MongoDB Community Edition on your system. These instructions assume that you are using the default settings.

Init System

To run and manage your mongod process, you will be using your operating system's built-in init system. Recent versions of Linux tend to use systemd (which uses the systemctl command), while older versions of Linux tend to use System V init (which uses the service command).

If you are unsure which init system your platform uses, run the following command:

ps --no-headers -o comm 1

Then select the appropriate tab below based on the result:

  • systemd - select the systemd (systemctl) tab below.
  • init - select the System V Init (service) tab below.

To completely remove MongoDB from a system, you must remove the MongoDB applications themselves, the configuration files, and any directories containing data and logs. The following section guides you through the necessary steps.

Warning

This process will completely remove MongoDB, its configuration, and all databases. This process is not reversible, so ensure that all of your configuration and data is backed up before proceeding.

1

Stop the mongod process by issuing the following command:

sudo service mongod stop
2

Remove any MongoDB packages that you had previously installed.

sudo yum erase $(rpm -qa | grep mongodb-org)
3

Remove MongoDB databases and log files.

sudo rm -r /var/log/mongodb
sudo rm -r /var/lib/mongo

By default, MongoDB launches with bindIp set to 127.0.0.1, which binds to the localhost network interface. This means that the mongod can only accept connections from clients that are running on the same machine. Remote clients will not be able to connect to the mongod, and the mongod will not be able to initialize a replica set unless this value is set to a valid network interface.

This value can be configured either:

Warning

Before binding to a non-localhost (e.g. publicly accessible) IP address, ensure you have secured your cluster from unauthorized access. For a complete list of security recommendations, see Security Checklist. At minimum, consider enabling authentication and hardening network infrastructure.

For more information on configuring bindIp, see IP Binding.

MongoDB Community Edition is available from its own dedicated repository, and contains the following officially-supported packages:

Package Name
Description
mongodb-org
A metapackage that automatically installs the component packages listed below.
mongodb-org-database

A metapackage that automatically installs the component packages listed below.

Package Name
Description
mongodb-org-server
Contains the mongod daemon, associated init script, and a configuration file (/etc/mongod.conf). You can use the initialization script to start mongod with the configuration file. For details, see the "Run MongoDB Community Edition" section, above.
mongodb-org-mongos
mongodb-org-shell
Contains the legacy mongo shell.
mongodb-mongosh
Contains the MongoDB Shell (mongosh).
mongodb-org-tools

A metapackage that automatically installs the component packages listed below:

Give Feedback

On this page

  • Overview
  • Considerations
  • Install MongoDB Community Edition
  • Run MongoDB Community Edition
  • Uninstall MongoDB Community Edition
  • Additional Information