环境需求:

在三台机器上搭建副本集,在副本集上做分片


服务器IP:

192.168.1.232/192.168.1.238/192.168.1.241


安装Mongodb

all nodes:

tar zxvf mongodb-linux-x86_64-rhel62-3.4.4.tgz

cp -rvf  mongodb-linux-x86_64-rhel62-3.4.4  /opt/mongodb_3.4.4

cd /opt/mongodb_3.4.4/

mkdir -pv conf logs data/{mongod,configsvr}

sleep 1

touch  logs/{mongo,configsvr,route}.log


配置Mongodb副本集

all nodes:

echo "port=10001

dbpath=/opt/mongodb_3.4.4/data/mongod

logpath=/opt/mongodb_3.4.4/logs/mongod.log

pidfilepath=/opt/mongodb_3.4.4/logs/mongod.pid

bind_ip=127.0.0.1,`ifconfig  | grep "inet addr:" | grep -v '127.0.0.1' | sed 's/^.*r://g'  | sed 's/Bc.*$//g'`

oplogSize=10000

fork=true

logappend=true

shardsvr=true

replSet=shard" > /opt/mongodb_3.4.4/conf/mongod.conf

/opt/mongodb_3.4.4/bin/mongod -f /opt/mongodb_3.4.4/conf/mongod.conf


初始化mongodb  shard节点

192.168.1.232 node:

/opt/mongodb_3.4.4/bin/mongo  192.168.1.232:10001

use admin

config={ _id:"shard", members:[

{_id:0,host:'192.168.1.232:10001'},

{_id:1,host:'192.168.1.238:10001'},   

{_id:2,host:'192.168.1.241:10001'}] };

初始化副本集配置

rs.initiate(config);

查看集群节点的状态

rs.status();


配置Mongodb Config服务器

all node:

echo "port=20001

dbpath=/opt/mongodb_3.4.4/data/configsvr

logpath=/opt/mongodb_3.4.4/logs/configsvr.log

pidfilepath=/opt/mongodb_3.4.4/logs/configsvr.pid

bind_ip=127.0.0.1,`ifconfig  | grep "inet addr:" | grep -v '127.0.0.1' | sed 's/^.*r://g'  | sed 's/Bc.*$//g'`

configsvr=true

fork=true

logappend=true

replSet=cfgsvr"  > /opt/mongodb_3.4.4/conf/configsvr.conf

/opt/mongodb_3.4.4/bin/mongod -f /opt/mongodb_3.4.4/conf/configsvr.conf


初始化mongodb  config节点

192.168.1.232 node:

/opt/mongodb_3.4.4/bin/mongo 192.168.1.232:20001

use admin

config={ _id:"cfgsvr", members:[

{_id:0,host:'192.168.1.232:20001'},

{_id:1,host:'192.168.1.238:20001'},   

{_id:2,host:'192.168.1.241:20001'}] };

初始化副本集配置

rs.initiate(config);

查看集群节点的状态

rs.status();


配置Mongodb Mongos路由

all node:

echo "port=27017 configdb=cfgsvr/192.168.1.232:20001,192.168.1.238:20001,192.168.1.241:20001

bind_ip=127.0.0.1,`ifconfig  | grep "inet addr:" | grep -v '127.0.0.1' | sed 's/^.*r://g'  | sed 's/Bc.*$//g'` fork = true

logpath = /opt/mongodb_3.4.4/logs/route.log

logappend=true":  >  /opt/mongodb_3.4.4/conf/mongos.conf

/opt/mongodb_3.4.4/bin/mongos -f /opt/mongodb_3.4.4/conf/mongos.conf


启用分片:

192.168.1.232 node:

/opt/mongodb_3.4.4/bin/mongo 192.168.1.232:27017

use  admin

db.runCommand({"addShard" :"shard/192.168.1.232:10001,192.168.1.238:10001,192.168.1.241:10001"})

查看分片服务器的配置              

db.runCommand( { listshards : 1 } );

指定testdb库分片生效

db.runCommand( { "enablesharding": "testdb"})

###未操作

##指定数据库里需要分片的集合和片键

##db.runCommand( { shardcollection : " enablesharding.step",key: {_id: 1} } )

##这里我们设置对testdb库的step 表进行分片,根据 id 自动分片到 shard1 ,shard2 上面去。这样##设置是因为不是所有mongodb 的数据库和表都需要分片。


测试副本集数据复制功能

连接到任意节点

/opt/mongodb_3.4.4/bin/mongo 192.168.1.232:27017

use test;

db.mongotest.insert({"name":"baiyongjie"}) #插入数据

db.mongotest.insert({"age":"24"})

连接到其他节点,数据是否有进行同步

/opt/mongodb_3.4.4/bin/mongo 192.168.1.238:27017

use test

show tables;

db.mongotest.find();

配置基于Key file 认证方式(要在admin库中建立用户)

1、在mongod节点创建用户

db.createUser({  

   user:"root",  

   pwd:"baiyongjie",  

   roles:[{role:"root",db:"admin"}]})

db.createUser({  

   user:"sa",  

   pwd:"baiyongjie",  

   roles:[{role:"root",db:"admin"}]})


2、在mongos节点创建用户

db.createUser({  

   user:"root",  

   pwd:"baiyongjie",  

   roles:[{role:"root",db:"admin"}]})

db.createUser({  

   user:"sa",  

   pwd:"baiyongjie",  

   roles:[{role:"root",db:"admin"}]})


3、关闭所有数据库

all nodes:

/opt/mongodb_3.4.4/bin/mongo 127.0.0.1:27017

use admin

db.shutdownServer()

/opt/mongodb_3.4.4/bin/mongo 127.0.0.1:10001

use admin

db.shutdownServer()

/opt/mongodb_3.4.4/bin/mongo 127.0.0.1:20001

use admin

db.shutdownServer()


4、创建keyFile文件

openssl rand -base64 745 > /opt/mongodb_3.4.4/conf/keyfile

chmod 600 /opt/mongodb_3.4.4/conf/keyfile


5、将keyfile同步到其他节点


6、使用keyFile参数指定keyfile启动mongod/configsvr/mongos

在所有mongod节点中追加key文件路径

echo "keyFile=/opt/mongodb_3.4.4/conf/keyfile" >> /opt/mongodb_3.4.4/conf/mongod.conf

echo "keyFile=/opt/mongodb_3.4.4/conf/keyfile" >> /opt/mongodb_3.4.4/conf/configsvr.conf

echo "keyFile=/opt/mongodb_3.4.4/conf/keyfile" >> /opt/mongodb_3.4.4/conf/mongos.conf


7、启动 mongod/configsvr/mongos

一定要先启动配置configsvr,在启动mongod,最后启动mongos

/opt/mongodb_3.4.4/bin/mongod -f /opt/mongodb_3.4.4/conf/configsvr.conf

/opt/mongodb_3.4.4/bin/mongod -f /opt/mongodb_3.4.4/conf/mongod.conf

/opt/mongodb_3.4.4/bin/mongos -f /opt/mongodb_3.4.4/conf/mongos.conf


8、验证keyfile认证是否生效

验证mongod:

/opt/mongodb_3.4.4/bin/mongo   192.168.1.241:10001

db.auth("root","baiyongjie")

#/opt/mongodb_3.4.4/bin/mongo   192.168.1.241:10001 -uroot -pbaiyongjie

验证configsvr:使用rs.status()验证

/opt/mongodb_3.4.4/bin/mongo   192.168.1.241:20001

/opt/mongodb_3.4.4/bin/mongo   192.168.1.241:20001 -uroot -p

验证mongos:使用root账号

/opt/mongodb_3.4.4/bin/mongo   127.0.0.1:27017

/opt/mongodb_3.4.4/bin/mongo   127.0.0.1:27017  -uroot -pbaiyongjie

验证mongos:使用sa账号

查看已有的账号

9、测试集群读写是否正常

在其他服务器上测试数据是否同步

db.mongotest.find()

OK! 至此副本集+分片+Keyfile认证搭建完成。

3.4.4版本相比2.6版本认证方法需要修改为SCRAM-SHA-1

所以需要修改Mongodb 的认证方式

1、首先我这边通过数据库版本查看发现是这样的。

> use admin

switched to db admin

> db.system.version.find()

{ "_id" : "featureCompatibilityVersion", "version" : "3.4" }

{ "_id" : "authSchema", "currentVersion" : 5 }

2、开启MongoDBServiceNoAuth服务,

使用db.dropUser('username')命令删除之前所有原有的用户,再执行版本更改命令。

>db.dropUser('admin')

>db.dropUser('root')

>db.dropUser('sa')

>db.system.version.update({"_id":"authSchema"},{$set:{"currentVersion":3}})

3、创建用户

db.createUser({

user:"sa",pwd:"baiyongjie",

roles:[{"role":"root","db":"admin"}]})


db.createUser({user:"root",

pwd:"baiyongjie",

roles:[{"role":"root","db":"admin"}]})


db.createUser({user:"admin",

pwd:"baiyongjie",

roles:[{"role":"root","db":"admin"}]})