How to Install MongoDB on Rocky Linux 9

Install the latest MongoDB Community Edition on Rocky Linux 9 using the official repository. Configure the service to start on boot and secure the default database port.

Prerequisites

• Rocky Linux 9 system with root access.
• A stable internet connection to download packages.
• At least 2 GB of available RAM.
• System packages yum and dnf installed (default on Rocky 9).
• No existing MongoDB installation.

Step 1: Import the MongoDB Repository

Download the official MongoDB repository GPG key and RPM package. This ensures you get secure updates and the correct version for your architecture.

curl -fsSL https://www.mongodb.org/static/pgp/server-7.0.asc | sudo gpg --dearmor -o /etc/pki/rpm-gpg/RPM-GPG-KEY-mongodb-7.0

sudo rpm -Uvh https://repo.mongodb.org/yum/redhat/9.4/mongodb-org/7.0/mongodb-org-7.0-1.0.0.el9.x86_64.rpm

sudo yum install -y mongodb-org-server mongodb-org-mongos mongodb-org-tools

Verify the installed version matches the expected release.

mongod --version

db version v7.0.15
git version 45217b42647e8e496484b77e3f776770b4b5f28c

Step 2: Create the Data Directory

MongoDB requires a dedicated directory to store data files. Create the standard path /var/lib/mongo and set the correct ownership. The default user mongod must own this folder to prevent permission errors on startup.

sudo mkdir -p /var/lib/mongo

sudo chown mongod:mongod /var/lib/mongo

Step 3: Configure Firewall Rules

Rocky Linux 9 uses firewalld by default. Allow incoming TCP connections on port 27017 so remote clients can connect to the database.

sudo firewall-cmd --permanent --add-port=27017/tcp

sudo firewall-cmd --reload

Check the active zones to confirm the port is open.

sudo firewall-cmd --list-all

public
  rich rules: (none)
  target: default
  icmp-block-inversion: no
  services: ssh
  ports: 22/tcp 27017/tcp
  masquerade: no
  forward: no
  source:
  destination:
  forward-ports:
  icmp-blocks:
  rich rules:

Step 4: Start and Enable the MongoDB Service

Start the MongoDB daemon and configure it to start automatically on system boot. Use the systemctl command to manage the service state.

sudo systemctl start mongod

sudo systemctl enable mongod

Check the service status to ensure it is active and running without errors.

sudo systemctl status mongod

● mongod.service - MongoDB Database Server
     Loaded: loaded (/usr/lib/systemd/system/mongod.service; enabled)
     Active: active (running) since Wed 2023-10-25 10:00:00 UTC

Verify the installation

Connect to the MongoDB shell using the default root user. This confirms the server is listening and the shell is functional.

mongosh --host localhost --port 27017

Run a simple query to list the databases.

use admin

db.adminCommand('listDatabases')

{
  "databases" : [
    { "name" : "admin", "sizeOnDisk" : 16777216 },
    { "name" : "local", "sizeOnDisk" : 16777216 }
  ],
  "totalSize" : 104857600,
  "totalSizeMb" : 100
}

Troubleshooting

Error: "failed to create listening socket"
This occurs if port 27017 is already in use by another process. Check the port with sudo lsof -i :27017 and kill the conflicting process or change the port in the MongoDB configuration file.

Error: "permission denied"
If the service fails to start, check ownership of /var/lib/mongo. Run sudo ls -ld /var/lib/mongo and ensure it is owned by mongod:mongod. Fix with sudo chown -R mongod:mongod /var/lib/mongo.

Error: "connection refused"
This usually means the firewall is blocking the connection. Verify the port is open using sudo firewall-cmd --list-ports and ensure firewalld is not in fail2ban mode blocking the IP.

Error: "Authentication failed"
If you cannot connect as the root user, ensure the auth database is set up correctly. Create a new admin user with db.createUser({user:"admin",pwd:"password",roles:[{role:"root",db:"admin"}]}) and restart the service.