一、安裝環境:
版本:MongoDB server version: 3.4.4
安裝源碼包:mongodb-linux-x86_64-enterprise-rhel62-3.4.4.tgz
系統環境:CentOS release 6.6 (Final)
節點ip1: 172.16.88.195
節點ip2: 172.16.88.196
節點ip3: 172.16.88.190
二、節點配置
在三個節點分別操作:
1.進安裝目錄 /usr/local/ 解壓源碼包:
tar –zxvf mongodb-linux-x86_64-enterprise-rhel62-3.4.4.tgz
mv mongodb-linux-x86_64-enterprise-rhel62-3.4.4 mongodb
#mkdir -p /home/mongodb/data/
#mkdir –p /home/mongodb/logs
節點1配置:
vi /etc/mongodb.conf
#數據文件存放目錄
dbpath = /opt/mongodb/data/
#日誌文件存放目錄
logpath = /opt/mongodb/logs/mongodb.logs
#端口
#bind_ip = 172.16.88.195 默認監聽本地,註釋監聽所有
port = 27027
#以守護程序的方式啓用,即在後臺運行
fork = true
pidfilepath = /opt/mongodb/27027.pid
#是否禁止http接口,即28017 端口開啓的服務。默認false,支持
#nohttpinterface = true
logappend = true
oplogSize = 200
#directoryperdb = true
replSet = test
httpinterface = true
rest = true
replIndexPrefetch = _id_only
節點2配置:
vi /etc/mongodb.conf
#數據文件存放目錄
dbpath = /home/mongodb/data/
#日誌文件存放目錄
logpath = /home/mongodb/logs/mongodb.logs
#端口
port = 27027
#bind_ip= 172.16.88.196 默認監聽本地,註釋監聽所有
#以守護程序的方式啓用,即在後臺運行
fork = true
pidfilepath = /home/mongodb/27027.pid
#是否禁止http接口,即28017 端口開啓的服務。默認false,支持
#nohttpinterface = true
logappend = true
oplogSize = 200
#directoryperdb = true
replSet = test
httpinterface = true
節點3配置:
vi /etc/mongodb.conf
#數據文件存放目錄
dbpath = /home/mongodb/data/
#日誌文件存放目錄
logpath = /home/mongodb/logs/mongodb.logs
#端口
#bind_ip = 172.16.88.190 默認監聽本地,註釋監聽所有
port = 27027
#以守護程序的方式啓用,即在後臺運行
fork = true
#是否禁止http接口,即28017 端口開啓的服務。默認false,支持
#nohttpinterface = true
httpinterface = true
pidfilepath = /home/mongodb/27027.pid
logappend = true
oplogSize = 200
#directoryperdb = true
replSet = test
rest = true
replIndexPrefetch = _id_only
在各個節點啓動mongodb:/usr/localmongodb/bin/mongod -f /etc/mongodb.conf
登錄:/usr/localmongodb/bin/mongo 172.16.88.190: 27027/admin
config = {
"_id":"test",
members:[
{"_id":0,host:"172.16.88.196:27027"},
{"_id":1,host:"172.16.88.190:27027"},
{"_id":2,host:"172.16.88.195:27027"}]
}
rs.initiate(config); ####初始化集羣
--查看複製集成員
config.members
主節點創建庫表:
test:PRIMARY> db.stu.insert({"name":"zhangsan","age":23})
副節點同步:
test:SECONDARY> rs.slaveOk()
test:SECONDARY> use test
switched to db test
test:SECONDARY> show collections
stu
停止一臺mongodb ,查看選舉情況
rs.status()
因爲從節點默認是不允許讀寫的,解決這個問題,有兩種方式
- 在從節點上執行rs.slaveOk()
- 或者在主節點上執行db.getMongo().setSlaveOk()
三、用戶創建
1.創建管理員用戶admin:
db.createUser({
user:"admin",
pwd:"123456",
roles:
[
{
role:"userAdminAnyDatabase",
db:"admin"
},
{
role:"readWriteAnyDatabase",
db:"admin"
},
{
role:"dbAdminAnyDatabase",
db:"admin"
},
{
role:"root",
db:"admin"
}
]})
2.創建devops用戶(讀寫權限):
db.createUser(
{
user: "devops",
pwd: "2wsx#EDC",
roles: [ { role: "readWriteAnyDatabase", db: "admin" } ]
}
);
三、auth 認證:
1.創建認證文件
openssl rand -base64 64 > /home/mongodb/keyfile.data
將/home/mongodb/keyfile.data 複製到另外兩節點的該目錄下:
scp /home/mongodb/keyfile.data root@$ip: /home/mongodb/
修改其權限爲: chmod 600 /home/mongodb/keyfile.data
2.修改配置
在各個節點的配置文件中加入:
keyFile = /home/mongodb/keyfile.data
auth = true
重啓 mongodb
/usr/localmongodb/bin/mongod -f /etc/mongodb.conf
3.登錄授權
登錄mongodb
/usr/localmongodb/bin/mongo 172.16.88.190: 27027/admin
授權:db.auth(“admin”,”123456”)
db.auth(“devops”,”2wsx#EDC”)
退出quit();
使用admin用戶登錄:
/usr/localmongodb/bin/mongo 172.16.88.190: 27027/admin -u admin –p 123456
使用devops用戶登錄:
/usr/localmongodb/bin/mongo 172.16.88.190: 27027/admin -u devops –p 2wsx#EDC
複製集認證完成
注意:在從節點操作時需要先執行: rs.slaveOk()
4.配置hosts:
vi /etc/hosts
172.16.88.195 mongo.slave0.56xyl.com
172.16.88.196 mongo.slave1.56xyl.com
172.16.88.190 mongo.slave2.56xyl.com