mongodb之配置
前言
最新版本支持yaml格式的配置文件,只支持空格,不能使用tab
详细配置说明
#系统日志配置 systemLog: destination: file path: /var/log/mongodb/mongod.log logAppend: true #quiet模式运行,建议设置为false,方便排查错误 quiet: false #进程管理 processManagement: #进程后台运行 fork: true #进程pid文件 pidFilePath: /var/log/mongodb/mongod.pid #网络配置 net: #监听端口 port: 27017 #监听网卡 多个使用英文逗号隔开 bindIp: 127.0.0.1 #最大并发连接数 默认65535 maxIncomingConnections: 65535 #验证客户端传过来的数据,文档嵌套多时,对性能会有些影响 wireObjectCheck: true #是否启用ipv6,默认不启用 ipv6: false unixDomainSocket: #是否启用socket监听 默认true enabled: true #socket保存目录,默认/tmp pathPrefix: /var/log/mongodb #socket文件权限,默认0700 filePermissions: 0700 http: #是否启用http服务,默认false,安全考虑线上环境要关闭 enabled: false #是否启用http jsonp,默认false,即使http.enabled为false,只要此项为true,一样可以访问,安全考虑线上环境要关闭 JSONPEnabled: false #是否启用rest api接口,默认false,安全考虑线上环境要关闭 RESTInterfaceEnabled: false ssl: #type:string #是否启用加密 #可选值1 disabled:禁用 #可选值2 allowSSL:优先使用非加密,但是服务器支持加密 #可选值3 preferSSL:优先使用加密,但是服务器也支持非加密 #可选值4 requireSSL:只支持加密 mode: disabled #type:string #包含TLS/SSL certificate and key的文件路径 #包含公钥和私钥 PEMKeyFile: /var/log/mongodb/mongodb.pem #type:string #私钥加密时的密码 PEMKeyPassword: password #type:string #The .pem file that contains the x.509 certificate-key file for membership authentication for the cluster or replica set. #不存在会使用PEMKeyFile clusterFile: /var/log/mongodb/cluster.pem #type:string #The password to de-crypt the x.509 certificate-key file specified with --sslClusterFile clusterPassword: password #type:string #The .pem file that contains the root certificate chain from the Certificate Authority. CAFile: #type:string #The the .pem file that contains the Certificate Revocation List. CRLFile: #type:boolean #Enable or disable the requirement for TLS/SSL certificate validation that CAFile enables allowConnectionsWithoutCertificates: true #type:boolean #Enable or disable the validation checks for TLS/SSL certificates on other servers in the cluster and allows the use of invalid certificates. allowInvalidCertificates: false #type:boolean #是否允许无效的域名,当为true时,mongod不检查证书里面域名的有效性,即使域名不匹配,mongod同样允许连接mongodb实例 allowInvalidHostnames: false #type:string #禁用加密协议版本,多个使用英文逗号隔开 #可设置的值TLS1_0, TLS1_1, and TLS1_2 disabledProtocols: #type:string #Enable or disable the use of the FIPS mode of the installed OpenSSL library for the mongos or mongod. FIPSMode: false compression: #是否启用数据压缩 compressors: snappy #安全配置 security: #type:string #密钥路径,副本集和分片集群节点间授权时使用的密钥 keyFile: #type:string #集群授权模式,默认keyFile,值列表:keyFile,sendKeyFile,sendX509,x509 clusterAuthMode: keyFile #type:string #是否开启数据库访问RBAC权限控制,默认:disabled,仅对mongod命令有效 authorization: enabled #type:boolean #Allows the mongod or mongos to accept and create authenticated and non-authenticated connections to and from other mongod and mongos instances in the deployment. transitionToAuth: false #type:boolean #是否开启服端js执行,默认true,如果未开启$where,group,mapreduce都不能使用 javascriptEnabled: true #type:boolean #写日志之前是否编辑客户端日志数据,去除日志中的敏感数据,仅企业版支持 redactClientLogData: true #key管理配置 security: #type:boolean #WiredTiger存储引擎是否启用加密,默认false,仅企业版支持 enableEncryption: false #type:string #加密模式,默认AES256-CBC,仅企业版支持 encryptionCipherMode: AES256-CBC #type:string #密钥文件路径,仅企业版支持 encryptionKeyFile: /var/log/mongodb/encKeyFile #kmip key server,仅企业版支持 kmip: #type:string #Unique KMIP identifier for an existing key within the KMIP server. keyIdentifier: #type:boolean #If true, rotate the master key and re-encrypt the internal keystore rotateMasterKey: false #type:string #Hostname or IP address of key management solution running a KMIP server. serverName: #type:int #Port number the KMIP server is listening on port: 5696 #type:string #String containing the path to the client certificate used for authenticating MongoDB to the KMIP server. clientCertificateFile: #type:string #The password to decrypt the client certificate, used to authenticate MongoDB to the KMIP server. clientCertificatePassword: #type:string #Path to CA File. Used for validating secure client connection to KMIP server. serverCAFile: #sasal配置 security: sasl: hostName: "" #A fully qualified server domain name for the purpose of configuring SASL and Kerberos authentication. serviceName: "" #Registered name of the service using SASL. saslauthdSocketPath: "" #The path to the UNIX domain socket file for saslauthd #setParameter配置 setParameter: enableLocalhostAuthBypass: false #存储配置 storage: #type:string #数据库数据存储目录,默认/data/db dbPath: #type:boolean #启动时是否尝试重建索引,默认true indexBuildRetry: true #type:string #修复数据时使用的目录,默认是:A _tmp_repairDatabase_<num> directory under the dbPath repairPath: #journal日志 journal: #type:boolean #Enable or disable the durability journal to ensure data files remain valid and recoverable. Default: true on 64-bit systems, false on 32-bit systems enabled: true #type:int #日志同步间隔,Values can range from 1 to 500 milliseconds. commitIntervalMs: 100 #type:boolean #是否开启一数据库一目录,默认是false directoryPerDB: false #type:int #数据落地时间间隔,默认为60秒,不能设置为0,一般使用默认值即可 syncPeriodSecs: 60 #type:string ##存储引擎,默认wiredTiger,可选值 mmapv1,wiredTiger,inMemory engine: wiredTiger #mmapv1存储引擎配置 storage: mmapv1: #type:boolean #默认true,Enables or disables the preallocation of data files. preallocDataFiles: true #type:int #默认16M The default size for namespace files, which are files that end in .ns. nsSize: 16 #配额 quota: #type:boolean #是否强制限制每个数据库数据文件数量限制,数量限制由maxFilesPerDB选项指定,默认为false enforced: false #type:int #单个实例最大数据文件数量,需要先开启enforced配置,默认8 maxFilesPerDB: 8 #type:boolean #小文件存储,默认为false,journal文件也会影响,适用场景:多数据库且数据量不大 smallFiles: false journal: #type:boolean #journal调试标志,用于测试功能,一般情况下不使用,系统异常关机会影响数据的完整性 debugFlags: 0 #type:int #version >= 3.2版本不建议使用 commitIntervalMs: 60 #wiredTiger存储引擎配置 storage: wiredTiger: engineConfig: #type:float #单个实例可用的数据缓存内存大小,version >= 3.4默认:50% of RAM minus 1 GB, or 256 MB. Values can range from 256MB to 10TB and can be a float. cacheSizeGB: 0.25 #type:string #WiredTiger journal数据压缩格式,默认snappy,可用的压缩类型: none, snappy, zlib journalCompressor: snappy #type:boolean #索引文件分目录存储,默认false,version >= 3.0后版本可用 directoryForIndexes: false collectionConfig: #type:string #块数据压缩格式,默认snappy,可用的压缩类型:none, snappy, zlib blockCompressor: snappy indexConfig: #type:boolean #是否开启索引prefix compression,默认true prefixCompression: true #是否开启索引prefix compression,默认true #operationProfiling操作性能分析 operationProfiling: #type:int #慢查询时间单位毫秒,默认100,如果开启了profile,日志会保存到system.profile集合中 slowOpThresholdMs: 100 #type:string #性能分析模式,开启会影响性能,谨慎操作。默认off. #可选值1:off: Off. No profiling. #可选值2: slowOp:On. Only includes slow operations. #可选值3: all:On. Includes all operations. mode: off #replication复制配置 replication: #type:int #数字类型(单位M) replication op log 大小,64位系统默认为可用磁盘的5% oplogSizeMB: 512 #type:string #所属replica set集群名称 replSetName: #type:string #The indexes that secondary members of a replica set load into memory before applying operations from the oplog. 默认all #可选值1 none:Secondaries do not load indexes into memory. #可选值2 all:Secondaries load all indexes related to an operation. #可选值3 _id_only:Secondaries load no additional indexes into memory beyond the already existing _id index. secondaryIndexPrefetch: all #type:boolean #默认false version >= 3.2版本可用 Enables read concern level of "majority". enableMajorityReadConcern:false #分片配置 sharding: #type:string #分片集群中的担当的角色 #可选值1 configsvr:配置svr #可选值2 shardsvr: 数据svr clusterRole: shardsvr #type:boolean #默认false #During chunk migration, a shard does not save documents migrated from the shard. archiveMovedChunks: false #auditLog配置 #仅企业版支付 auditLog: #type:string #审计日志保存方式 #可选值1 syslog:Output the audit events to syslog in JSON format. #可选值2 console:Output the audit events to stdout in JSON format. #可选值3 file:Output the audit events to the file specified in --auditPath in the format specified in --auditFormat. destination: syslog #type:string #日志格式 #可选值1:JSON #可选值2:BSON format: JSON #type:string #日志文件路径,相对路经和绝对路径都支持 path: path/audit.log #type:string representation of a document #The filter to limit the types of operations the audit system records. #内容格式:{ <field1>: <expression1>, ... } filter: {} #snmp(简单网络管理协议)配置 snmp: #type:boolean #When snmp.subagent is true, SNMP runs as a subagent. For more information, see Monitor MongoDB With SNMP on Linux. subagent:false #type:boolean #When snmp.master is true, SNMP runs as a master. For more information, see Monitor MongoDB With SNMP on Linux. master:false #Text Search配置 basisTech: #type:string #v3.2版本加入 #仅企业版支持 #Specify the path to the root directory of the Basis Technology Rosette Linguistics Platform installation to support additional languages for text search operations. rootDirectory:/path/ #mongos-only Options replication: #type:integer #The ping time, in milliseconds, that mongos uses to determine which secondary replica set members to pass read operations from clients. #默认值为15毫秒 localPingThresholdMs:15 sharding: #type:string #The configuration servers for the sharded cluster. #建议使用replica set #值格式:<configReplSetName>/cfg1.example.net:27017, cfg2.example.net:27017,... configDB:
参考文档
【1】服务器配置文档
https://docs.mongodb.com/manual/reference/configuration-options/
【2】服务器参数
https://docs.mongodb.com/manual/reference/parameters/
作者:WadeYu
出处:http://www.cnblogs.com/wadeyu/
本文版权归本人和博客园共有,欢迎转载,但未经作者同意必须保留此段声明,且在文章页面明显位置给出原文连接,否则保留追究法律责任的权利。
出处:http://www.cnblogs.com/wadeyu/
本文版权归本人和博客园共有,欢迎转载,但未经作者同意必须保留此段声明,且在文章页面明显位置给出原文连接,否则保留追究法律责任的权利。