A bash script to install the MongoDB and set the MongoDB configuration files

kerberos-install-mongod.sh

sudo tee /etc/yum.repos.d/mongodb-enterprise.repo << EOF
[mongodb-enterprise]
name=MongoDB Enterprise Repository
baseurl=https://repo.mongodb.com/yum/redhat/\$releasever/mongodb-enterprise/4.0/\$basearch/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-4.0.asc
EOF

# Install the MongoDB server
sudo yum install -y mongodb-enterprise

## Disable the selinux
sudo setenforce 0
sudo sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config

# Configure mongod.conf with Kerberos settings
sudo tee /etc/mongod.conf << EOF
systemLog:
  destination: file
  logAppend: true
  path: /var/log/mongodb/mongod.log
storage:
  dbPath: /var/lib/mongo
  journal:
    enabled: true
processManagement:
  fork: true  # fork and run in background
  pidFilePath: /var/run/mongodb/mongod.pid  # location of pidfile
  timeZoneInfo: /usr/share/zoneinfo
net:
  port: 27017
  bindIp: 0.0.0.0 # <-- TODO: Exposes MongoDB to Public IP. Please use internal IPs instead
security:
  authorization: enabled
  keyFile: /var/lib/mongo/private/keyfile
  sasl:
    hostName: mdb01.mdbkrb5.net
replication:
  replSetName: rs0
setParameter:
  authenticationMechanisms: GSSAPI,SCRAM-SHA-256
EOF

# Create a directory to store MongoDB keyfile and Kerberos keytab file
sudo mkdir -p /var/lib/mongo/private
openssl rand -base64 756 | sudo tee /var/lib/mongo/private/keyfile
sudo chmod 400 /var/lib/mongo/private/keyfile