下载mongodb软件包
访问mongodb官网https://www.mongodb.com/try/download/community,下载社区版 ,按以下选项选择下载即可
配置环境变量
下载完软件包上传到服务器,配置环境变量
vi /etc/profile
添加
export PATH=/usr/local/mongodb/bin:$PATH
再
source /etc/profile
创建数据目录、配置文件目录、日志服务
mkdir /usr/local/mongodb/data/{myrs_27017,myrs_27018,myrs_27019}/db -p
mkdir /usr/local/mongodb/log/{myrs_27017,myrs_27018,myrs_27019} -p
mkdir /usr/local/mongodb/conf
编辑配置文件
vi conf/mongodb_27017.conf
systemLog:
# MongoDB发送所有日志输出的目标指定为文件
destination: file
# Mongod或Mongos应向其发送所有诊断日志记录信息的日志文件的路径
path: "/usr/local/mongodb/log/myrs_27017/mongod.log"
# Mongos或Mongod实例重新启动时,mongos或mongod会将新条目附加到现有日志文件的末尾
logAppend: true
storage:
# Mongod实例存储其数据的目录。storage.dbPath设置仅适用于mongod。
dbPath: "/usr/local/mongodb/data/myrs_27017/db"
journal:
# 启用或禁用持久性日志以确保数据文件保持有效和可恢复。
enabled: true
security:
## key文件本地路径
keyFile: "/usr/local/mongodb/conf/keyfile"
clusterAuthMode: "keyFile"
## 开启用户认证
authorization: enabled
processManagement:
# 启用在后台运行mongos或mongod进程的守护进程模式
fork: true
# 指定用于保存mongos或mongod进程的进程ID的文件位置,其中mongos或mongod将写入其PID
pidFilePath: "/usr/local/mongodb/log/myrs_27017/mongod.pid"
net:
# 服务实例绑定所有IP,有副作用,副本集初始化的时候,节点名字会自动设置为本地域名,而不是ip
# bindIpAll: true
# 服务实例绑定的ip
bindIp: localhost,10.10.10.103
# 绑定的端口
port: 27017
replication:
# 副本集的名称
replSetName: myrs
其他两个配置文件mongodb_27018.conf、mongodb_27019.conf跟这个一样,端口及数据路径、日志路径不一样。
生成keyfile
这个Keyfile是副本集用户认证需要使用到的,三个节点都需要指定同一个文件
openssl rand -base64 10 >keyfile
chmod 400 keyfile
将生成的keyfile分别拷到各个节点
分别启动三个实例
mongod -f conf/mongod_27017.conf
mongod -f conf/mongod_27018.conf
mongod -f conf/mongod_27019.conf
初始化副本集主节点
mongo --host=localhost --port=27017
myrs:PRIMARY> > rs.initiate()
提示:
说明:"ok"的值为1,说明创建成功。 命令行提示符发生变化,变成了一个从节点角色,次数默认不能读写,稍等片刻,回车,变成主节点。
添加用户认证
mongo --host=localhost --port=27017
myrs:PRIMARY> use admin;
myrs:PRIMARY> db.createUser({user:"root",pwd:"root",roles:["root"]});
myrs:PRIMARY> db.auth("root","root");
说明: 返回“1”,则认证成功,以后登陆要做什么操作就得先use admin,再db.auth
添加副本从节点
mongo --host=localhost --port=27017
myrs:PRIMARY> rs.add("10.10.10.103:27018")
说明: “ok”:1,说明添加成功。
添加仲裁节点
mongo --host=localhost --port=27017
myrs:PRIMARY> db.adminCommand({"setDefaultRWConcern" : 1,"defaultWriteConcern" : {"w" : 2}})
myrs:PRIMARY> rs.addArb("10.10.10.103:27019")
说明: 此处可能会出现小问题,执行上述添加代码后没有反应,解决办法: 退出主节点的mongodb客户端,重新登陆mongodb客户端后在主节点设置:
db.adminCommand({"setDefaultRWConcern" : 1,"defaultWriteConcern" : {"w" : 2}})
“ok”:1,说明添加成功。
查看节点副本集状态
mongo --host=localhost --port=27017
myrs:PRIMARY> rs.status()
{
"set" : "myrs",
...
"members" : [
{
"_id" : 0,
"name" : "10.10.10.103:27017",
"health" : 1,
"state" : 2,
"stateStr" : "SECONDARY",
"uptime" : 1694,
"optime" : {
"ts" : Timestamp(1673252521, 1),
"t" : NumberLong(5)
},
"optimeDurable" : {
"ts" : Timestamp(1673252521, 1),
"t" : NumberLong(5)
},
"optimeDate" : ISODate("2023-01-09T08:22:01Z"),
"optimeDurableDate" : ISODate("2023-01-09T08:22:01Z"),
"lastAppliedWallTime" : ISODate("2023-01-09T08:22:01.601Z"),
"lastDurableWallTime" : ISODate("2023-01-09T08:22:01.601Z"),
"lastHeartbeat" : ISODate("2023-01-09T08:22:06.026Z"),
"lastHeartbeatRecv" : ISODate("2023-01-09T08:22:05.015Z"),
"pingMs" : NumberLong(0),
"lastHeartbeatMessage" : "",
"syncSourceHost" : "10.10.10.103:27018",
"syncSourceId" : 1,
"infoMessage" : "",
"configVersion" : 4,
"configTerm" : 5
},
{
"_id" : 1,
"name" : "10.10.10.103:27018",
"health" : 1,
"state" : 1,
"stateStr" : "PRIMARY",
"uptime" : 1763,
"optime" : {
"ts" : Timestamp(1673252521, 1),
"t" : NumberLong(5)
},
"optimeDate" : ISODate("2023-01-09T08:22:01Z"),
"lastAppliedWallTime" : ISODate("2023-01-09T08:22:01.601Z"),
"lastDurableWallTime" : ISODate("2023-01-09T08:22:01.601Z"),
"syncSourceHost" : "",
"syncSourceId" : -1,
"infoMessage" : "",
"electionTime" : Timestamp(1673250841, 1),
"electionDate" : ISODate("2023-01-09T07:54:01Z"),
"configVersion" : 4,
"configTerm" : 5,
"self" : true,
"lastHeartbeatMessage" : ""
},
{
"_id" : 2,
"name" : "10.10.10.103:27019",
"health" : 1,
"state" : 7,
"stateStr" : "ARBITER",
"uptime" : 1665,
"lastHeartbeat" : ISODate("2023-01-09T08:22:06.026Z"),
"lastHeartbeatRecv" : ISODate("2023-01-09T08:22:05.319Z"),
"pingMs" : NumberLong(0),
"lastHeartbeatMessage" : "",
"syncSourceHost" : "",
"syncSourceId" : -1,
"infoMessage" : "",
"configVersion" : 4,
"configTerm" : 5
}
],
...
验证主从同步
在主插入一条数据
mongo --host=localhost --port=27017
myrs:PRIMARY> use admin
myrs:PRIMARY> db.auth("root","root");
myrs:PRIMARY> use articledb
switched to db articledb
myrs:PRIMARY> db
articledb
myrs:PRIMARY> db.comment.insert({"articleid":"100000","content":"今天天气真好,阳光明媚","userid":"1001","nickname":"rose","createdatetime":new Date()})
在从查看数据是否同步
mongo --host=localhost --port=27018
myrs:SECONDARY> use admin
myrs:SECONDARY> db.auth("root","root");
myrs:SECONDARY> rs.slaveOk()
myrs:SECONDARY> show dbs
admin 0.000GB
articledb 0.000GB
config 0.000GB
local 0.000GB
myrs:SECONDARY> use articledb
switched to db articledb
myrs:SECONDARY> db.comment.find()
{ "_id" : ObjectId("63bbbc7fae8b69aacab39750"), "articleid" : "100000", "content" : "今天天气真好,阳光明媚", "userid" : "1001", "nickname" : "rose", "createdatetime" : ISODate("2023-01-09T07:04:31.301Z") }
创建业务库和业务用户
myrs:PRIMARY> use jianong;
myrs:PRIMARY> db.createUser(
... {
... user:"jianong",
... pwd:"jianong",
... roles:[{role:"readWrite",db:"jianong"}]
... }
... )
Successfully added user: {
"user" : "jianong",
"roles" : [
{
"role" : "readWrite",
"db" : "jianong"
}
]
}
查看用户
myrs:PRIMARY> db.getUsers()
验证是否自动切换
将主mongodb进程杀死,再登陆从节点,此时从节点已经变成主节点 在新的主节点(原从节点)插入一条数据
mongo --host=localhost --port=27018
myrs:PRIMARY> db.comment.insert({"articleid":"100000","content":"今天天气真好,阳光明媚","userid":"1001","nickname":"rose","createdatetime":new Date()})
再登陆从节点(原主节点),查看是否有数据
mongo --host=localhost --port=27017
myrs:SECONDARY> use admin
switched to db admin
myrs:SECONDARY> db.auth("root","root");
1
myrs:SECONDARY> rs.slaveOk()
WARNING: slaveOk() is deprecated and may be removed in the next major release. Please use secondaryOk() instead.
myrs:SECONDARY> show dbs
admin 0.000GB
articledb 0.000GB
config 0.000GB
local 0.000GB
myrs:SECONDARY> use articledb
switched to db articledb
myrs:SECONDARY> db.comment.find()
{ "_id" : ObjectId("63bbbc7fae8b69aacab39750"), "articleid" : "100000", "content" : "今天天气真好,阳光明媚", "userid" : "1001", "nickname" : "rose", "createdatetime" : ISODate("2023-01-09T07:04:31.301Z") }
{ "_id" : ObjectId("63bbbc8fae8b69aacab39751"), "articleid" : "100000", "content" : "今天天气真好,阳光明媚", "userid" : "1001", "nickname" : "rose", "createdatetime" : ISODate("2023-01-09T07:04:47.780Z") }
备份恢复
备份
mongodump -h 'mongors/10.133.8.232:27017,10.53.101.8:27017' -u 'user' -p 'pwd' --oplog --gzip -o /data/mongodb/dump/20190703 --authenticationDatabase admin
恢复
mongorestore -h 'mongors/10.133.8.232:27017,10.53.101.8:27017' -u 'user' -p 'pwd' --oplogReplay --gzip /data/mongodb/dump/20190703
命令行验证用户密码
mongostat -h 127.0.0.1:27017 -u test -p test123 --authenticationDatabase admin
以上,完成一次mongodb副本集+用户认证集群部署。 参考链接:https://blog.csdn.net/tianzhonghaoqing/article/details/116019077 https://blog.csdn.net/weixin_45318866/article/details/121360180