一、安装环境:
版本:MongoDB server version: 3.4.4
安装源码包:mongodb-linux-x86_64-enterprise-rhel62-3.4.4.tgz
系统环境:CentOS release 6.6 (Final)
节点ip1: 172.16.88.195
节点ip2: 172.16.88.196
节点ip3: 172.16.88.190
二、节点配置
在三个节点分别操作:
1.进安装目录 /usr/local/ 解压源码包:

tar –zxvf mongodb-linux-x86_64-enterprise-rhel62-3.4.4.tgz

mv mongodb-linux-x86_64-enterprise-rhel62-3.4.4 mongodb

#mkdir -p /home/mongodb/data/
#mkdir –p /home/mongodb/logs
节点1配置:

vi /etc/mongodb.conf

#数据文件存放目录
dbpath = /opt/mongodb/data/
#日志文件存放目录
logpath = /opt/mongodb/logs/mongodb.logs
#端口
#bind_ip = 172.16.88.195 默认监听本地,注释监听所有
port = 27027
#以守护程序的方式启用,即在后台运行
fork = true
pidfilepath = /opt/mongodb/27027.pid
#是否禁止http接口,即28017 端口开启的服务。默认false,支持
#nohttpinterface = true
logappend = true
oplogSize = 200
#directoryperdb = true
replSet = test
httpinterface = true
rest = true
replIndexPrefetch = _id_only
节点2配置:

vi /etc/mongodb.conf

#数据文件存放目录
dbpath = /home/mongodb/data/
#日志文件存放目录
logpath = /home/mongodb/logs/mongodb.logs
#端口
port = 27027
#bind_ip= 172.16.88.196 默认监听本地,注释监听所有
#以守护程序的方式启用,即在后台运行
fork = true
pidfilepath = /home/mongodb/27027.pid
#是否禁止http接口,即28017 端口开启的服务。默认false,支持
#nohttpinterface = true
logappend = true
oplogSize = 200
#directoryperdb = true
replSet = test
httpinterface = true
节点3配置:

vi /etc/mongodb.conf

#数据文件存放目录
dbpath = /home/mongodb/data/
#日志文件存放目录
logpath = /home/mongodb/logs/mongodb.logs
#端口
#bind_ip = 172.16.88.190 默认监听本地,注释监听所有
port = 27027
#以守护程序的方式启用,即在后台运行
fork = true
#是否禁止http接口,即28017 端口开启的服务。默认false,支持
#nohttpinterface = true
httpinterface = true
pidfilepath = /home/mongodb/27027.pid
logappend = true
oplogSize = 200
#directoryperdb = true
replSet = test
rest = true
replIndexPrefetch = _id_only

在各个节点启动mongodb:/usr/localmongodb/bin/mongod -f /etc/mongodb.conf
登录:/usr/localmongodb/bin/mongo 172.16.88.190: 27027/admin

config = {

"_id":"test",

members:[

{"_id":0,host:"172.16.88.196:27027"},

{"_id":1,host:"172.16.88.190:27027"},

{"_id":2,host:"172.16.88.195:27027"}]

}

rs.initiate(config); ####初始化集群
--查看复制集成员
config.members
主节点创建库表:
test:PRIMARY> db.stu.insert({"name":"zhangsan","age":23})
副节点同步:
test:SECONDARY> rs.slaveOk()
test:SECONDARY> use test
switched to db test
test:SECONDARY> show collections
stu
停止一台mongodb ,查看选举情况
rs.status()
因为从节点默认是不允许读写的,解决这个问题,有两种方式

  1. 在从节点上执行rs.slaveOk()
  2. 或者在主节点上执行db.getMongo().setSlaveOk()
    三、用户创建
    1.创建管理员用户admin:
    db.createUser({
    user:"admin",
    pwd:"123456",
    roles:
    [
    {
    role:"userAdminAnyDatabase",
    db:"admin"
    },
    {
    role:"readWriteAnyDatabase",
    db:"admin"
    },
    {
    role:"dbAdminAnyDatabase",
    db:"admin"
    },
    {
    role:"root",
    db:"admin"
    }
    ]})

2.创建devops用户(读写权限):
db.createUser(
{
user: "devops",
pwd: "2wsx#EDC",
roles: [ { role: "readWriteAnyDatabase", db: "admin" } ]
}
);

三、auth 认证:
1.创建认证文件
openssl rand -base64 64 > /home/mongodb/keyfile.data
将/home/mongodb/keyfile.data 复制到另外两节点的该目录下:
scp /home/mongodb/keyfile.data root@$ip: /home/mongodb/
修改其权限为: chmod 600 /home/mongodb/keyfile.data
2.修改配置
在各个节点的配置文件中加入:
keyFile = /home/mongodb/keyfile.data
auth = true
重启 mongodb
/usr/localmongodb/bin/mongod -f /etc/mongodb.conf
3.登录授权
登录mongodb
/usr/localmongodb/bin/mongo 172.16.88.190: 27027/admin
授权:db.auth(“admin”,”123456”)
db.auth(“devops”,”2wsx#EDC”)
退出quit();
使用admin用户登录:
/usr/localmongodb/bin/mongo 172.16.88.190: 27027/admin -u admin –p 123456

使用devops用户登录:
/usr/localmongodb/bin/mongo 172.16.88.190: 27027/admin -u devops –p 2wsx#EDC
复制集认证完成
注意:在从节点操作时需要先执行: rs.slaveOk()
4.配置hosts:
vi /etc/hosts
172.16.88.195 mongo.slave0.56xyl.com
172.16.88.196 mongo.slave1.56xyl.com
172.16.88.190 mongo.slave2.56xyl.com