环境需求:
在三台机器上搭建副本集,在副本集上做分片
服务器IP:
192.168.1.232/192.168.1.238/192.168.1.241
安装Mongodb
all nodes:
tar zxvf mongodb-linux-x86_64-rhel62-3.4.4.tgz
cp -rvf mongodb-linux-x86_64-rhel62-3.4.4 /opt/mongodb_3.4.4
cd /opt/mongodb_3.4.4/
mkdir -pv conf logs data/{mongod,configsvr}
sleep 1
touch logs/{mongo,configsvr,route}.log
配置Mongodb副本集
all nodes:
echo "port=10001
dbpath=/opt/mongodb_3.4.4/data/mongod
logpath=/opt/mongodb_3.4.4/logs/mongod.log
pidfilepath=/opt/mongodb_3.4.4/logs/mongod.pid
bind_ip=127.0.0.1,`ifconfig | grep "inet addr:" | grep -v '127.0.0.1' | sed 's/^.*r://g' | sed 's/Bc.*$//g'`
oplogSize=10000
fork=true
logappend=true
shardsvr=true
replSet=shard" > /opt/mongodb_3.4.4/conf/mongod.conf
/opt/mongodb_3.4.4/bin/mongod -f /opt/mongodb_3.4.4/conf/mongod.conf
初始化mongodb shard节点
192.168.1.232 node:
/opt/mongodb_3.4.4/bin/mongo 192.168.1.232:10001
use admin
config={ _id:"shard", members:[
{_id:0,host:'192.168.1.232:10001'},
{_id:1,host:'192.168.1.238:10001'},
{_id:2,host:'192.168.1.241:10001'}] };
初始化副本集配置
rs.initiate(config);
查看集群节点的状态
rs.status();
配置Mongodb Config服务器
all node:
echo "port=20001
dbpath=/opt/mongodb_3.4.4/data/configsvr
logpath=/opt/mongodb_3.4.4/logs/configsvr.log
pidfilepath=/opt/mongodb_3.4.4/logs/configsvr.pid
bind_ip=127.0.0.1,`ifconfig | grep "inet addr:" | grep -v '127.0.0.1' | sed 's/^.*r://g' | sed 's/Bc.*$//g'`
configsvr=true
fork=true
logappend=true
replSet=cfgsvr" > /opt/mongodb_3.4.4/conf/configsvr.conf
/opt/mongodb_3.4.4/bin/mongod -f /opt/mongodb_3.4.4/conf/configsvr.conf
初始化mongodb config节点
192.168.1.232 node:
/opt/mongodb_3.4.4/bin/mongo 192.168.1.232:20001
use admin
config={ _id:"cfgsvr", members:[
{_id:0,host:'192.168.1.232:20001'},
{_id:1,host:'192.168.1.238:20001'},
{_id:2,host:'192.168.1.241:20001'}] };
初始化副本集配置
rs.initiate(config);
查看集群节点的状态
rs.status();
配置Mongodb Mongos路由
all node:
echo "port=27017 configdb=cfgsvr/192.168.1.232:20001,192.168.1.238:20001,192.168.1.241:20001
bind_ip=127.0.0.1,`ifconfig | grep "inet addr:" | grep -v '127.0.0.1' | sed 's/^.*r://g' | sed 's/Bc.*$//g'` fork = true
logpath = /opt/mongodb_3.4.4/logs/route.log
logappend=true": > /opt/mongodb_3.4.4/conf/mongos.conf
/opt/mongodb_3.4.4/bin/mongos -f /opt/mongodb_3.4.4/conf/mongos.conf
启用分片:
192.168.1.232 node:
/opt/mongodb_3.4.4/bin/mongo 192.168.1.232:27017
use admin
db.runCommand({"addShard" :"shard/192.168.1.232:10001,192.168.1.238:10001,192.168.1.241:10001"})
查看分片服务器的配置
db.runCommand( { listshards : 1 } );
指定testdb库分片生效
db.runCommand( { "enablesharding": "testdb"})
###未操作
##指定数据库里需要分片的集合和片键
##db.runCommand( { shardcollection : " enablesharding.step",key: {_id: 1} } )
##这里我们设置对testdb库的step 表进行分片,根据 id 自动分片到 shard1 ,shard2 上面去。这样##设置是因为不是所有mongodb 的数据库和表都需要分片。
测试副本集数据复制功能
连接到任意节点
/opt/mongodb_3.4.4/bin/mongo 192.168.1.232:27017
use test;
db.mongotest.insert({"name":"baiyongjie"}) #插入数据
db.mongotest.insert({"age":"24"})
连接到其他节点,数据是否有进行同步
/opt/mongodb_3.4.4/bin/mongo 192.168.1.238:27017
use test
show tables;
db.mongotest.find();
配置基于Key file 认证方式(要在admin库中建立用户)
1、在mongod节点创建用户
db.createUser({
user:"root",
pwd:"baiyongjie",
roles:[{role:"root",db:"admin"}]})
db.createUser({
user:"sa",
pwd:"baiyongjie",
roles:[{role:"root",db:"admin"}]})
2、在mongos节点创建用户
db.createUser({
user:"root",
pwd:"baiyongjie",
roles:[{role:"root",db:"admin"}]})
db.createUser({
user:"sa",
pwd:"baiyongjie",
roles:[{role:"root",db:"admin"}]})
3、关闭所有数据库
all nodes:
/opt/mongodb_3.4.4/bin/mongo 127.0.0.1:27017
use admin
db.shutdownServer()
/opt/mongodb_3.4.4/bin/mongo 127.0.0.1:10001
use admin
db.shutdownServer()
/opt/mongodb_3.4.4/bin/mongo 127.0.0.1:20001
use admin
db.shutdownServer()
4、创建keyFile文件
openssl rand -base64 745 > /opt/mongodb_3.4.4/conf/keyfile
chmod 600 /opt/mongodb_3.4.4/conf/keyfile
5、将keyfile同步到其他节点
6、使用keyFile参数指定keyfile启动mongod/configsvr/mongos
在所有mongod节点中追加key文件路径
echo "keyFile=/opt/mongodb_3.4.4/conf/keyfile" >> /opt/mongodb_3.4.4/conf/mongod.conf
echo "keyFile=/opt/mongodb_3.4.4/conf/keyfile" >> /opt/mongodb_3.4.4/conf/configsvr.conf
echo "keyFile=/opt/mongodb_3.4.4/conf/keyfile" >> /opt/mongodb_3.4.4/conf/mongos.conf
7、启动 mongod/configsvr/mongos
一定要先启动配置configsvr,在启动mongod,最后启动mongos
/opt/mongodb_3.4.4/bin/mongod -f /opt/mongodb_3.4.4/conf/configsvr.conf
/opt/mongodb_3.4.4/bin/mongod -f /opt/mongodb_3.4.4/conf/mongod.conf
/opt/mongodb_3.4.4/bin/mongos -f /opt/mongodb_3.4.4/conf/mongos.conf
8、验证keyfile认证是否生效
验证mongod:
/opt/mongodb_3.4.4/bin/mongo 192.168.1.241:10001
db.auth("root","baiyongjie")
#/opt/mongodb_3.4.4/bin/mongo 192.168.1.241:10001 -uroot -pbaiyongjie
验证configsvr:使用rs.status()验证
/opt/mongodb_3.4.4/bin/mongo 192.168.1.241:20001
/opt/mongodb_3.4.4/bin/mongo 192.168.1.241:20001 -uroot -p
验证mongos:使用root账号
/opt/mongodb_3.4.4/bin/mongo 127.0.0.1:27017
/opt/mongodb_3.4.4/bin/mongo 127.0.0.1:27017 -uroot -pbaiyongjie
验证mongos:使用sa账号
查看已有的账号
9、测试集群读写是否正常
在其他服务器上测试数据是否同步
db.mongotest.find()
OK! 至此副本集+分片+Keyfile认证搭建完成。
3.4.4版本相比2.6版本认证方法需要修改为SCRAM-SHA-1
所以需要修改Mongodb 的认证方式
1、首先我这边通过数据库版本查看发现是这样的。
> use admin
switched to db admin
> db.system.version.find()
{ "_id" : "featureCompatibilityVersion", "version" : "3.4" }
{ "_id" : "authSchema", "currentVersion" : 5 }
2、开启MongoDBServiceNoAuth服务,
使用db.dropUser('username')命令删除之前所有原有的用户,再执行版本更改命令。
>db.dropUser('admin')
>db.dropUser('root')
>db.dropUser('sa')
>db.system.version.update({"_id":"authSchema"},{$set:{"currentVersion":3}})
3、创建用户
db.createUser({
user:"sa",pwd:"baiyongjie",
roles:[{"role":"root","db":"admin"}]})
db.createUser({user:"root",
pwd:"baiyongjie",
roles:[{"role":"root","db":"admin"}]})
db.createUser({user:"admin",
pwd:"baiyongjie",
roles:[{"role":"root","db":"admin"}]})