MongoDB production.

mongod.conf

storage:
  dbPath: /var/lib/mongo
  wiredTiger:
    engineConfig:
      cacheSizeGB: 4
      journalCompressor: snappy
    collectionConfig:
      blockCompressor: snappy

systemLog:
  destination: file
  path: /var/log/mongo/mongod.log
  logAppend: true
  logRotate: rename

net:
  bindIp: 0.0.0.0
  port: 27017
  tls:
    mode: requireTLS
    certificateKeyFile: /etc/ssl/mongo.pem
    CAFile: /etc/ssl/ca.pem
  maxIncomingConnections: 65000

security:
  authorization: enabled
  keyFile: /etc/mongo/keyfile

operationProfiling:
  mode: slowOp
  slowOpThresholdMs: 100

replication:
  replSetName: rs0
  oplogSizeMB: 10240

processManagement:
  fork: false
  pidFilePath: /var/run/mongo/mongod.pid

systemd

[Unit]
After=network.target
[Service]
User=mongodb
Group=mongodb
ExecStart=/usr/bin/mongod --config /etc/mongod.conf
LimitFSIZE=infinity
LimitCPU=infinity
LimitNOFILE=64000
LimitNPROC=64000
[Install]
WantedBy=multi-user.target

sysctl

vm.swappiness = 1
vm.overcommit_memory = 1
net.core.somaxconn = 65535

echo never > /sys/kernel/mm/transparent_hugepage/enabled
echo never > /sys/kernel/mm/transparent_hugepage/defrag

ulimit

* hard nofile 64000
* soft nofile 64000
* hard nproc 64000
* soft nproc 64000

Replica set (HA)

3 voting members, 2 in separate AZs. See replication cheatsheet.

Sharding (when needed)

Don’t shard prematurely. > 1TB working set or > 30k ops/sec.

Backups

  • Daily snapshot / mongodump.
  • Continuous oplog tailing for PITR.
  • Off-site (S3 cross-region).
  • Quarterly restore drill.

Monitoring

  • mongostat, mongotop.
  • Atlas / Ops Manager (paid).
  • percona-pmm (open).
  • node_exporter + mongodb_exporter (Prometheus).

Metrics:

  • Op throughput.
  • p99 latency.
  • Cache hit ratio.
  • Replication lag.
  • Connection count.
  • Disk usage.

Alerts

  • Primary unreachable.
  • Replication lag > 30s.
  • Disk > 80%.
  • Slow ops piling up.
  • Failed authentication spikes.

Connection pool tuning

client = MongoClient(uri, maxPoolSize=200, minPoolSize=10)

Plan for: app pods × pool size < maxIncomingConnections.

Network

  • Bind to internal only (or 0.0.0.0 + firewall).
  • TLS for all client + intra-replica traffic.
  • Auth always on.

Right-sizing

  • RAM: working set + indexes in cache.
  • Disk: SSD; NVMe preferred.
  • Network: low-latency between replica members.

Pre-launch checklist

  • Replica set (3+ nodes).
  • Auth + TLS.
  • Backups + restore tested.
  • Monitoring + alerts.
  • Slow query logging.
  • Right index strategy.
  • WiredTiger cache sized.
  • THP disabled.
  • ulimit raised.
  • Connection pool tuned.
  • Schema validation.
  • Disaster recovery plan.
  • Capacity headroom (RAM + disk).

Read this next

That’s 20 MongoDB cheatsheets. Next category: ClickHouse.

If you want my full Mongo prod setup, it’s at rajpoot.dev .

Building something AI-, backend-, or data-heavy and want a second pair of eyes? I do consulting and freelance work — see my projects and ways to reach me at rajpoot.dev .