MongoDB

MongoDB is a source-available, cross-platform, document-oriented database program. Classified as a NoSQL database product, MongoDB utilizes JSON-like documents with optional schemas. MongoDB is developed by MongoDB Inc. and current versions are licensed under the Server Side Public License (SSPL). MongoDB is a member of the MACH Alliance.

History
The American software company 10gen began developing MongoDB in 2007 as a component of a planned platform-as-a-service product. In 2009, the company shifted to an open-source development model and began offering commercial support and other services. In 2013, 10gen changed its name to MongoDB Inc.

On October 20, 2017, MongoDB became a publicly traded company, listed on NASDAQ as MDB with an IPO price of $24 per share.

On November 8, 2018, with the stable release 4.0.4, the software's license changed from AGPL 3.0 to SSPL.

On October 30, 2019, MongoDB teamed with Alibaba Cloud to offer Alibaba Cloud customers a MongoDB-as-a-service solution. Customers can use the managed offering from Alibaba's global data centers.

Ad-hoc queries
MongoDB supports field, range query and regular-expression searches. Queries can return specific fields of documents and also include user-defined JavaScript functions. Queries can also be configured to return a random sample of results of a given size.

Indexing
Fields in a MongoDB document can be indexed with primary and secondary indices.

Replication
MongoDB provides high availability with replica sets. A replica set consists of two or more copies of the data. Each replica-set member may act in the role of primary or secondary replica at any time. All writes and reads are done on the primary replica by default. Secondary replicas maintain a copy of the data of the primary using built-in replication. When a primary replica fails, the replica set automatically conducts an election process to determine which secondary should become the primary. Secondaries can optionally serve read operations, but that data is only eventually consistent by default.

If the replicated MongoDB deployment only has a single secondary member, a separate daemon called an arbiter must be added to the set. It has the single responsibility of resolving the election of the new primary. As a consequence, an ideal distributed MongoDB deployment requires at least three separate servers, even in the case of just one primary and one secondary.

Load balancing
MongoDB scales horizontally using sharding. The user chooses a shard key, which determines how the data in a collection will be distributed. The data is split into ranges (based on the shard key) and distributed across multiple shards, which are masters with one or more replicas. Alternatively, the shard key can be hashed to map to a shard–enabling an even data distribution.

MongoDB can run over multiple servers, balancing the load or duplicating data to keep the system functional in case of hardware failure.

File storage
MongoDB can be used as a file system, called GridFS, with load-balancing and data-replication features over multiple machines for storing files.

This function, called a grid file system, is included with MongoDB drivers. MongoDB exposes functions for file manipulation and content to developers. GridFS can be accessed using the mongofiles utility or plugins for Nginx and lighttpd. GridFS divides a file into parts, or chunks, and stores each of those chunks as a separate document.

Aggregation
MongoDB provides three ways to perform aggregation: the aggregation pipeline, the map-reduce function and single-purpose aggregation methods.

Map-reduce can be used for batch processing of data and aggregation operations. However, according to MongoDB's documentation, the aggregation pipeline provides better performance for most aggregation operations.

The aggregation framework enables users to obtain results similar to those returned by queries that include the SQL GROUP BY clause. Aggregation operators can be strung together to form a pipeline, analogous to Unix pipes. The aggregation framework includes the $lookup operator, which can join documents from multiple collections, as well as statistical operators such as standard deviation.

Server-side JavaScript execution
JavaScript can be used in queries, aggregation functions (such as MapReduce) and sent directly to the database to be executed.

Capped collections
MongoDB supports fixed-size collections called capped collections. This type of collection maintains insertion order and, once the specified size has been reached, behaves like a circular queue.

Transactions
MongoDB supports multi-document ACID transactions since the 4.0 release in June 2018.

MongoDB Community Server
The MongoDB Community Edition is free and available for Windows, Linux and macOS.

MongoDB Enterprise Server
MongoDB Enterprise Server is the commercial edition of MongoDB and is available as part of the MongoDB Enterprise Advanced subscription.

MongoDB Atlas
MongoDB is also available as an on-demand, fully managed service. MongoDB Atlas runs on AWS, Microsoft Azure and Google Cloud Platform.

On March 10, 2022, MongoDB warned its users in Russia and Belarus that their data stored on the MongoDB Atlas platform will be destroyed as a result of American sanctions related to the Russo-Ukrainian War.

Programming language accessibility
MongoDB has official drivers for major programming languages and development environments. There are also a large number of unofficial or community-supported drivers for other programming languages and frameworks.

Management and graphical front-ends
The primary interface to the database has been the mongo shell. Since MongoDB 3.2, MongoDB Compass is introduced as the native GUI. There are products and third-party projects that offer user interfaces for administration and data viewing.

MongoDB Community Server
As of October 2018, MongoDB is released under the Server Side Public License (SSPL), a non-free license developed by the project. It replaces the GNU Affero General Public License, and is nearly identical to the GNU General Public License version 3, but requires that those making the software publicly available as part of a "service" must make the service's entire source code (insofar that a user would be able to recreate the service themselves) available under this license. By contrast, the AGPL only requires the source code of the licensed software to be provided to users when the software is conveyed over a network. The SSPL was submitted for certification to the Open Source Initiative but later withdrawn. In January 2021, the Open Source Initiative stated that SSPL is not an open source license. The language drivers are available under an Apache License. In addition, MongoDB Inc. offers proprietary licenses for MongoDB. The last versions licensed as AGPL version 3 are 4.0.3 (stable) and 4.1.4.

MongoDB has been removed from the Debian, Fedora and Red Hat Enterprise Linux distributions because of the licensing change. Fedora determined that the SSPL version 1 is not a free software license because it is "intentionally crafted to be aggressively discriminatory" towards commercial users.

Security
Because of MongoDB's default security configuration, which allows any user full access to the database, data from tens of thousands of MongoDB installations has been stolen. Furthermore, many MongoDB servers have been held for ransom. In September 2017, Davi Ottenheimer head of product security at MongoDB, proclaimed that measures had been taken to defend against these risks.

From the MongoDB 2.6 release onward, the binaries for the official MongoDB RPM and DEB packages bind to localhost by default. From MongoDB 3.6, this default behavior was extended to all MongoDB packages across all platforms. As a result, all networked connections to the database are denied unless explicitly configured by an administrator.

Technical criticisms
In some failure scenarios in which an application can access two distinct MongoDB processes that cannot access each other, it is possible for MongoDB to return stale reads. It is also possible for MongoDB to roll back writes that have been acknowledged. The issue was addressed in version 3.4.0, released in November 2016, and applied to earlier releases from v3.2.12 onward.

Before version 2.2, locks were implemented on a per-server-process basis. With version 2.2, locks were implemented at the database level. Beginning with version 3.0, pluggable storage engines are available, and each storage engine may implement locks differently. With MongoDB 3.0, locks are implemented at the collection level for the MMAPv1 storage engine, while the WiredTiger storage engine uses an optimistic concurrency protocol that effectively provides document-level locking. Even with versions prior to 3.0, one approach to increase concurrency is to use sharding. In some situations, reads and writes will yield their locks. If MongoDB predicts that a page is unlikely to be in memory, operations will yield their lock while the pages load. The use of lock yielding expanded greatly in version 2.2.

Until version 3.3.11, MongoDB could not perform collation-based sorting and was limited to bytewise comparison via memcmp, which would not provide correct ordering for many non-English languages when used with a Unicode encoding. The issue was fixed on August 23, 2016.

Prior to MongoDB 4.0, queries against an index were not atomic. Documents that were updated while queries was running could be missed. The introduction of the snapshot read concern in MongoDB 4.0 eliminated this risk.

MongoDB claimed that version 3.6.4 had passed "the industry's toughest data safety, correctness, and consistency tests" by Jepsen, and that "MongoDB offers among the strongest data consistency, correctness, and safety guarantees of any database available today." Jepsen, which describes itself as a "distributed systems safety research company," disputed both claims on Twitter, saying, "In that report, MongoDB lost data and violated causal by default." In its May 2020 report on MongoDB version 4.2.6, Jepsen wrote that MongoDB had only mentioned tests that version 3.6.4 had passed, and that version had 4.2.6 introduced more problems. Jepsen's test summary reads in part: "Jepsen evaluated MongoDB version 4.2.6, and found that even at the strongest levels of read and write concern, it failed to preserve snapshot isolation. Instead, Jepsen observed read skew, cyclic information flow, duplicate writes, and internal consistency violations. Weak defaults meant that transactions could lose writes and allow dirty reads, even downgrading requested safety levels at the database and collection level. Moreover, the snapshot read concern did not guarantee snapshot unless paired with write concern majority—even for read-only transactions. These design choices complicate the safe use of MongoDB transactions."

On May 26, Jepsen updated the report to say: "MongoDB identified a bug in the transaction retry mechanism which they believe was responsible for the anomalies observed in this report; a patch is scheduled for 4.2.8." The issue has been patched as of that version, and "Jepsen criticisms of the default write concerns have also been addressed, with the default write concern now elevated to the majority concern (w:majority) from MongoDB 5.0."

MongoDB conference
MongoDB Inc. hosts an annual developer conference that has been called MongoDB World or MongoDB.live.