Mongodb Sharding+ReplicaSet集群方案
Mongodb Sharding+ReplicaSet架构图如下:
部署步骤如下:
-------------------------------------------sharding和replica----------------------------------------------------
shard1 10.1.65.193:27017 10.1.65.194:27017
shard2 10.1.65.195:27017 10.1.65.196:27017
shard3 10.1.65.197:27017 10.1.65.198:27017
mkdir /usr/local/mongodb
cd /usr/local/mongodb
tar -zxvf mongodb-linux-x86_64-rhel62-3.0.4.tgz
mkdir -p /root/mongodb/data/shard1
./mongod -shardsvr -replSet shard1 -port 27017 -dbpath /root/mongodb/data/shard1 -oplogSize 2048 -logpath /root/mongodb/data/shard1.log -logappend -fork -keyFile /root/mongodb/keyfile
vim /etc/sysconfig/iptables 开放27017端口
./mongo 10.1.65.193:27017
use admin
config={_id:"shard1",members:[{_id:0, host:'10.1.65.193:27017'},{_id:1, host: '10.1.65.194:27017'}]}
rs.initiate(config);
重新配置:
var c = rs.conf();
c.members[0].priority=30
rs.reconfig(c)
非sharding模式,只需要配置到这里就ok了(再配置个arbiter)
-------------------------------------------config----------------------------------------------------
config1 10.1.65.191:20000
config2 10.1.65.192:20000
config3 10.1.65.204:20000
mkdir /usr/local/mongodb
cd /usr/local/mongodb
tar -zxvf mongodb-linux-x86_64-rhel62-3.0.4.tgz
mkdir -p /root/mongodb/data/config1
./mongod -configsvr -dbpath /root/mongodb/data/config1 -port 20000 -logpath /root/mongodb/data/config1.log -logappend -fork -keyFile /root/mongodb/keyfile
vim /etc/sysconfig/iptables 开放20000端口
-------------------------------------------mongos----------------------------------------------------
mongos1 10.1.65.191:30000
mongos2 10.1.65.192:30000
mongos3 10.1.65.204:30000
./mongos -configdb 10.1.65.191:20000,10.1.65.192:20000,10.1.65.204:20000 -port 30000 -chunkSize 16 -logpath /root/mongodb/data/mongos1.log -logappend -fork -keyFile /root/mongodb/keyfile
vim /etc/sysconfig/iptables 开放30000端口
./mongo 10.1.65.191:30000/admin
db.runCommand({addshard:"shard1/10.1.65.193:27017,10.1.65.194:27017",name:"shard1",maxsize:40960 });
db.runCommand({addshard:"shard2/10.1.65.195:27017,10.1.65.196:27017",name:"shard2",maxsize:40960 });
db.runCommand({addshard:"shard3/10.1.65.197:27017,10.1.65.198:27017",name:"shard3",maxsize:40960 });
db.runCommand( { listshards : 1 } )
db.runCommand( { enablesharding:"test" } );
创建管理员帐户(在mongos(任意一个)和每个replica set(主节点)上都要创建)
db.createUser({"user":"root", "pwd":"admin123", "roles":[{"role":"clusterAdmin", "db":"admin"}, {"role":"userAdminAnyDatabase","db":"admin"}, {"role":"dbAdminAnyDatabase", "db":"admin"}, {"role":"readWriteAnyDatabase", "db":"admin"}, {"role":"backup", "db":"admin"}, {"role":"restore", "db":"admin"}, {"role":"root", "db":"admin"}]});
普通帐户权限
db.createUser({"user":"huidao", "pwd":"huidaopwd", "roles":[{"role":"readWrite", "db":"octopus"},{"role":"backup", "db":"admin"},{"role":"restore", "db":"admin"},{"role":"dbOwner", "db":"octopus"}]});
-----------------------------------------增加权限认证----------------------------------------------------------------
为每个节点添加keyfile,用来做用户认证
openssl rand -base64 741 > /root/mongodb/keyfile
chmod 600 /root/mongodb/keyfile
启动每个节点都需要再加上 -keyFile /root/mongodb/keyfile
----------------------------------------------------------------------------arbiter-------------------------------------------------------------------------------
每个shard都需要加上arbiter用来防止主replica set 挂掉后的切换工作
arbiter节点需要启动:
mkdir /root/mongodb/data/arb
./mongod --port 30000 -dbpath /root/mongodb/data/arb -replSet shard1 -keyFile /root/mongodb/keyfile
从上面的命令来看arbiter其实也是个replica节点
shard主节点需要添加arbiter
rs.addArb("10.1.65.104:30000")
---------------------------------------------------------------------------小技巧-------------------------------------------------------------------------------
在mongos查询db所处的shard
use config
db.databases.find()
查询集群状态
printShardingStatus()
use databaseName 用于创建database
db.auth()必须在创建这个用户的db上登陆
Built-In Roles(内置角色)
1. 数据库用户角色:read、readWrite;
2. 数据库管理角色:dbAdmin、dbOwner、userAdmin;
3. 集群管理角色:clusterAdmin、clusterManager、clusterMonitor、hostManager;
4. 备份恢复角色:backup、restore;
5.所有数据库角色:readAnyDatabase、readWriteAnyDatabase、userAdminAnyDatabase、dbAdminAnyDatabase
6. 超级用户角色:root
// 这里还有几个角色间接或直接提供了系统超级用户的访问(dbOwner 、userAdmin、userAdminAnyDatabase)
7. 内部角色:__system
---------------------------------------------------------------备份与还原-----------------------------------------------------
mongodump:制作备份文件,如是集群,还需要备份config数据
mongorestore:还原数据
mongoexport:导出数据
mongoimport:导入数据
---------------------------------------------------------------操作日志查询----------------------------------------------------
在本地Mongod服务上use local;db.oplog.rs.find()来查询操作日志