一、mongod安装
cd /usr/local/ tar -xzvf mongodb-linux-x86_64-rhel70-4.0.28.tgz ln -s mongodb-linux-x86_64-rhel70-4.0.28 mongodb cd mongodb && mkdir -p cluster/{27020,27021,27022} echo 'export PATH=/usr/local/mongodb/bin:$PATH' >> /etc/profile source /etc/profile
二、mongo.conf配置
3台机器的mongo.conf都相同
systemLog: destination: file path: "/usr/local/mongodb/cluster/27020/27020.log" logAppend: true storage: dbPath: "/usr/local/mongodb/cluster/27020" journal: enabled: true replication: replSetName: rs001 #oplogSizeMb: 1024 processManagement: fork: true pidFilePath: "/usr/local/mongodb/cluster/27020/mongodb27020.pid" net: bindIpAll: true port: 27020 maxIncomingConnections: 5000
# ipv6: true
#setParameter: # enableLocalhostAuthBypass: false # authenticationMechanisms: SCRAM-SHA-1 #security: # authorization: enabled # keyFile: /usr/local/mongodb/cluster/rskeyfile
启动服务
[root@testyxqy cluster]# mongod -f 27020.conf about to fork child process, waiting until server is ready for connections. forked process: 18418 child process started successfully, parent exiting [root@testyxqy cluster]# mongod -f 27021.conf about to fork child process, waiting until server is ready for connections. forked process: 18477 child process started successfully, parent exiting [root@testyxqy cluster]# mongod -f 27022.conf about to fork child process, waiting until server is ready for connections. forked process: 18513 child process started successfully, parent exiting
三、配置集群
# 连接登录 mongo 192.168.10.100:27020 > config={ ... _id:'rs001', ... members:[ ... {_id:1, host:'192.168.10.100:27020',priority:2}, ... {_id:2, host:'192.168.10.100:27021',priority:1}, ... {_id:3, host:'192.168.10.100:27022',arbiterOnly:true} ... ] ... } { "_id" : "rs001", "members" : [ { "_id" : 1, "host" : "192.168.10.100:27020", "priority" : 2 }, { "_id" : 2, "host" : "192.168.10.100:27021", "priority" : 1 }, { "_id" : 3, "host" : "192.168.10.100:27022", "arbiterOnly" : true } ] } # 初始化 > rs.initiate(config) { "ok" : 1 }
myrs:SECONDARY> rs.status() { "set" : "myrs", "date" : ISODate("2023-04-10T03:10:01.232Z"), "myState" : 1, "term" : NumberLong(1), "syncSourceHost" : "", "syncSourceId" : -1, "heartbeatIntervalMillis" : NumberLong(2000), "majorityVoteCount" : 2, "writeMajorityCount" : 2, "votingMembersCount" : 2, "writableVotingMembersCount" : 2, "optimes" : { "lastCommittedOpTime" : { "ts" : Timestamp(1681096197, 1), "t" : NumberLong(1) }, "lastCommittedWallTime" : ISODate("2023-04-10T03:09:57.514Z"), "readConcernMajorityOpTime" : { "ts" : Timestamp(1681096197, 1), "t" : NumberLong(1) }, "appliedOpTime" : { "ts" : Timestamp(1681096197, 1), "t" : NumberLong(1) }, "durableOpTime" : { "ts" : Timestamp(1681096197, 1), "t" : NumberLong(1) }, "lastAppliedWallTime" : ISODate("2023-04-10T03:09:57.514Z"), "lastDurableWallTime" : ISODate("2023-04-10T03:09:57.514Z") }, "lastStableRecoveryTimestamp" : Timestamp(1681096156, 1), "electionCandidateMetrics" : { "lastElectionReason" : "electionTimeout", "lastElectionDate" : ISODate("2023-04-10T03:09:27.484Z"), "electionTerm" : NumberLong(1), "lastCommittedOpTimeAtElection" : { "ts" : Timestamp(1681096156, 1), "t" : NumberLong(-1) }, "lastSeenOpTimeAtElection" : { "ts" : Timestamp(1681096156, 1), "t" : NumberLong(-1) }, "numVotesNeeded" : 2, "priorityAtElection" : 2, "electionTimeoutMillis" : NumberLong(10000), "numCatchUpOps" : NumberLong(0), "newTermStartDate" : ISODate("2023-04-10T03:09:27.499Z"), "wMajorityWriteAvailabilityDate" : ISODate("2023-04-10T03:09:28.437Z") }, "members" : [ { "_id" : 0, "name" : "192.168.10.32:27017", "health" : 1, "state" : 1, "stateStr" : "PRIMARY", "uptime" : 272, "optime" : { "ts" : Timestamp(1681096197, 1), "t" : NumberLong(1) }, "optimeDate" : ISODate("2023-04-10T03:09:57Z"), "lastAppliedWallTime" : ISODate("2023-04-10T03:09:57.514Z"), "lastDurableWallTime" : ISODate("2023-04-10T03:09:57.514Z"), "syncSourceHost" : "", "syncSourceId" : -1, "infoMessage" : "", "electionTime" : Timestamp(1681096167, 1), "electionDate" : ISODate("2023-04-10T03:09:27Z"), "configVersion" : 1, "configTerm" : 1, "self" : true, "lastHeartbeatMessage" : "" }, { "_id" : 1, "name" : "192.168.10.32:27018", "health" : 1, "state" : 2, "stateStr" : "SECONDARY", "uptime" : 44, "optime" : { "ts" : Timestamp(1681096197, 1), "t" : NumberLong(1) }, "optimeDurable" : { "ts" : Timestamp(1681096197, 1), "t" : NumberLong(1) }, "optimeDate" : ISODate("2023-04-10T03:09:57Z"), "optimeDurableDate" : ISODate("2023-04-10T03:09:57Z"), "lastAppliedWallTime" : ISODate("2023-04-10T03:09:57.514Z"), "lastDurableWallTime" : ISODate("2023-04-10T03:09:57.514Z"), "lastHeartbeat" : ISODate("2023-04-10T03:09:59.502Z"), "lastHeartbeatRecv" : ISODate("2023-04-10T03:10:00.506Z"), "pingMs" : NumberLong(0), "lastHeartbeatMessage" : "", "syncSourceHost" : "192.168.10.32:27017", "syncSourceId" : 0, "infoMessage" : "", "configVersion" : 1, "configTerm" : 1 } ], "ok" : 1, "$clusterTime" : { "clusterTime" : Timestamp(1681096197, 1), "signature" : { "hash" : BinData(0,"AAAAAAAAAAAAAAAAAAAAAAAAAAA="), "keyId" : NumberLong(0) } }, "operationTime" : Timestamp(1681096197, 1) }
四、添加用户
# 简易版
use admin db.createUser({user: "admin", pwd: "admin", roles: [{role: "userAdminAnyDatabase", db: "admin"}]}) db.createUser({user: "root", pwd: "root", roles: [{role: "root", db: "admin"}]})
# 数据库管理员 db.createUser( { user:"root", pwd:"root", roles:[{role:"readWriteAnyDatabase",db:"admin"},{role:"dbAdminAnyDatabase",db:"admin"},{role:"userAdminAnyDatabase",db:"admin"}] } ) # 集群管理员 db.createUser( { user:"suroot", pwd:"suroot", roles:[{role:"clusterAdmin",db:"admin"},{role:"clusterManager",db:"admin"},{role:"clusterMonitor",db:"admin"}] } ) #创建特定库的特定用户 use test db.createUser( { user:"test", pwd:"test", roles:[{role:"readWrite",db:"testdb"},{role:"dbAdmin",db:"testdb"},{role:"userAdmin",db:"testdb"}] } )
开启用户认证
用户添加完成后需要关闭所有节点(先关闭仲裁和从节点, 再关闭主节点, 避免主节点切换): # 在三个节点均执行 # mongo 127.0.0.1:27020 #节点关闭只能在本机操作 > use admin > db.shutdownServer() #关闭mongo后台进程
生成keyFile(keyFile的用途是作为所有mongod后台进程允许加入集群的凭证, 所有集群中的节点共用一个keyFile, 避免其他mongod非法加入集群): # 仅在一个节点执行 # openssl rand -base64 756 > access.key #生成keyFile, keyFile的长度必须在6-1024个字符之间 # chmod 400 /mgrs/conf/access.key #如果装在不同服务器,将key传到其它节点 # 取消mongod.conf文件中security部分的注释 security: authorization: enabled keyFile: /usr/local/mongodb/cluster/rskeyfile # 启动mongo
mongod -f 27020.conf
mongod -f 27021.conf
mongod -f 27022.conf
## 注意点总结
一个副本集,最多可以拥有50个secondary,最多可以有7个投票成员,在副本集里面添加一个新成员,如果之前副本集已经有了7个成员,那么可以设置成非投票成员,或者你从移除之前一个投票成员出来
新节点的版本、配置建议与原集群一致
注意添加新节点前确定网络互通
如果集群数据量较大,则选择业务低峰期添加节点,并观察压力情况
新节点加入时建议将priority及votes设为0
# 添加节点
# priority=0,不是主;votes=0 没有投票权
myrs:PRIMARY>rs.add({"host:port",priority: 0, votes: 0})
myrs:PRIMARY>rs.reconfig(cfg) # 使配置生效
myrs:PRIMARY>rs.config() # 查看状态
# 删除节点
myrs:PRIMARY>rs.remove("192.168.10.32:27019")
# 如果删除失败用下面的方法
myrs:PRIMARY> cfg = rs.conf()
myrs:PRIMARY> cfg.members.splice(2,1)
myrs:PRIMARY> rs.reconfig(cfg)
# 查看复制状态
myrs:PRIMARY> db.printSlaveReplicationInfo()
WARNING: printSlaveReplicationInfo is deprecated and may be removed in the next major release. Please use printSecondaryReplicationInfo instead.
source: 192.168.10.32:27018
syncedTo: Mon Apr 10 2023 14:32:35 GMT+0800 (CST)
0 secs (0 hrs) behind the primary
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· 全程不用写代码,我用AI程序员写了一个飞机大战
· DeepSeek 开源周回顾「GitHub 热点速览」
· MongoDB 8.0这个新功能碉堡了,比商业数据库还牛
· 记一次.NET内存居高不下排查解决与启示
· 白话解读 Dapr 1.15:你的「微服务管家」又秀新绝活了