碼上快樂

相關內容    簡體    繁體

mongodb主從(副本集附仲裁節點)部署帶認證模式

本文轉載自   查看原文   2019-02-20 10:14   866    mongodb

環境:
OS:CentOS 7
DB:3.0.15
機器角色:
192.168.1.134:10001 主
192.168.1.135:10002 從
192.168.1.135:10003 仲裁節點

1.下載相應的版本
https://www.mongodb.com/download-center/community
我這里下載的是mongodb-linux-x86_64-3.0.15.tgz


---------------------------------------安裝部署---------------------------------------
1.安裝數據庫
每個節點都安裝數據庫,安裝方法一樣
[root@pxc01 soft]#tar -xvf mongodb-linux-x86_64-3.0.15.tgz
[root@localhost soft]# mv mongodb-linux-x86_64-3.0.15 /opt/mongodb3015
[root@pxc01 soft]#cd /opt/mongodb3015
[root@pxc01 soft]#mkdir data ##數據文件目錄
[root@pxc01 soft]#mkdir log ##日志文件目錄
[root@pxc01 soft]#mkdir key ##認證文件目錄
[root@pxc01 soft]#mkdir conf ##配置文件目錄


2.產生秘鑰驗證
[root@pxc01 key]# cd /opt/mongodb3015/key
[root@pxc01 key]# openssl rand -base64 741 >>keyfile
[root@pxc01 key]# chmod 700 keyfile

3.將節點1上的整個目錄都拷貝到另外的機器
因為我們第二個節點即做從節點也做仲裁節點,索引拷貝過去后需要重命名文件夾
[root@pxc01 opt]# scp -r ./mongodb3015 root@192.168.1.135:/opt/mongodb3015_slave
[root@pxc01 opt]# scp -r ./mongodb3015 root@192.168.1.135:/opt/mongodb3015_arbiter

 

4.創建配置文件mongo.cnf
##主節點的配置參數
port = 10001
fork = true
dbpath = /opt/mongodb3015/data
logpath = /opt/mongodb3015/log/logs
logappend = true
shardsvr = true
replSet = repltest
##keyFile=/opt/mongodb3015/key/keyfile
##auth = true

##從節點的配置參數
port = 10002
fork = true
dbpath = /opt/mongodb3015_slave/data
logpath = /opt/mongodb3015_slave/log/logs
logappend = true
shardsvr = true
replSet = repltest
##keyFile=/opt/mongodb3015_slave/key/keyfile
##auth = true


##仲裁節點的配置參數
port = 10003
fork = true
dbpath = /opt/mongodb3015_arbiter/data
logpath = /opt/mongodb3015_arbiter/log/logs
logappend = true
shardsvr = true
replSet = repltest
##keyFile=/opt/mongodb3015_arbiter/key/keyfile
##auth = true

這里keyFile和auth先注釋,因為等部署完初始化完集群后再啟用

5.啟動
主節點啟動:
[root@pxc01 bin]# ./mongod -f /opt/mongodb3015/conf/mongo.cnf
從節點啟動:
[root@pxc02 bin]# ./mongod -f /opt/mongodb3015_slave/conf/mongo.cnf
仲裁節點啟動:
[root@pxc02 bin]# ./mongod -f /opt/mongodb3015_arbiter/conf/mongo.cnf


6.初始化副本集
[root@localhost bin]# cd /opt/mongodb3015/bin
[root@localhost bin]# ./mongo 192.168.1.134:10001
use admin
config={_id:'repltest',members:[{_id:0,host:'192.168.1.134:10001'},{_id:1,host:'192.168.1.135:10002'},{_id:2,host:'192.168.1.135:10003', arbiterOnly:true}]}
rs.initiate(config)
到這里要是不需要帶認證的副本集的化,就配置完成了,下面的部署我們繼續配置帶認證的


7.創建用戶
在節點1上創建管理員賬號sa
[root@localhost bin]# ./mongo 192.168.1.134:10001
use admin
db.createUser({user:"sa",pwd:"123456",roles:["root"]}); --創建用戶
db.auth("sa","123456"); --設置用戶登陸權限,密碼一定要和創建用戶時輸入的密碼相同
show users; --查看創建的用戶

登錄另外的兩個節點,查看是否完成同步
[root@localhost bin]# ./mongo 192.168.1.135:10002
repltest:SECONDARY> use admin;
switched to db admin
repltest:SECONDARY> show users;
{
"_id" : "admin.sa",
"user" : "sa",
"db" : "admin",
"roles" : [
{
"role" : "root",
"db" : "admin"
}
]
}

仲裁節點是不存放數據的:
[root@localhost bin]# ./mongo 192.168.1.135:10003
repltest:ARBITER> use admin;
repltest:ARBITER> show users;
repltest:ARBITER>

 

8.關閉集群啟用認證參數
采用localhost登錄進行關閉數據庫,每個節點操作一致,可以先停掉從庫和仲裁節點再停主庫
192.168.1.135機器:
[root@pxc03 bin]# ./mongo localhost:10002
repltest:SECONDARY> use admin
repltest:SECONDARY> db.shutdownServer()

[root@localhost bin]# ./mongo localhost:10003
repltest:ARBITER> use admin
switched to db admin
repltest:ARBITER> db.shutdownServer()

192.168.1.134機器
[root@localhost bin]# ./mongo localhost:10001
repltest:SECONDARY> use admin
repltest:SECONDARY> db.shutdownServer()

可以查看各進程是否存在
[root@localhost log]# ps -ef|grep mongo


9.修改配置文件啟用認證
分別修改3個節點的配置文件,將之前注釋的兩行,啟用
keyFile=/opt/mongodb3015/key/keyfile
auth = true


10.再次啟動數據庫
主節點啟動:
[root@pxc01 bin]# ./mongod -f /opt/mongodb3015/conf/mongo.cnf
從節點啟動:
[root@pxc02 bin]# ./mongod -f /opt/mongodb3015_slave/conf/mongo.cnf
仲裁節點啟動:
[root@pxc02 bin]# ./mongod -f /opt/mongodb3015_arbiter/conf/mongo.cnf

登陸主數據庫
[root@localhost bin]# ./mongo 192.168.1.134:10001
MongoDB shell version: 3.0.15
connecting to: 192.168.1.134:10001/test
repltest:PRIMARY> show databases;
2019-02-20T09:50:06.784+0800 E QUERY Error: listDatabases failed:{
"ok" : 0,
"errmsg" : "not authorized on admin to execute command { listDatabases: 1.0 }",
"code" : 13
}
at Error (<anonymous>)
at Mongo.getDBs (src/mongo/shell/mongo.js:47:15)
at shellHelper.show (src/mongo/shell/utils.js:630:33)
at shellHelper (src/mongo/shell/utils.js:524:36)
at (shellhelp2):1:1 at src/mongo/shell/mongo.js:47

repltest:PRIMARY> use admin
switched to db admin
repltest:PRIMARY> db.auth("sa","123456");
1
repltest:PRIMARY> show databases;
admin 0.078GB
local 22.067GB

登陸從數據庫
./mongo 192.168.1.135:10002
repltest:SECONDARY> use admin
switched to db admin
repltest:SECONDARY> db.auth("sa","123456");
1
repltest:SECONDARY> show databases;
admin 0.078GB
local 22.067GB

登陸仲裁節點,仲裁節點是不存放數據庫的,所以無法執行如下命令
repltest:ARBITER> use admin
switched to db admin
repltest:ARBITER> db.auth("sa","123456");
Error: 18 Authentication failed.
0


11.查看副本集狀態
[root@localhost bin]# ./mongo 192.168.1.134:10001
repltest:PRIMARY> use admin
repltest:PRIMARY> db.auth("sa","123456")
repltest:PRIMARY> rs.status()
{
"set" : "repltest",
"date" : ISODate("2019-02-20T01:55:24.159Z"),
"myState" : 1,
"members" : [
{
"_id" : 0,
"name" : "192.168.1.134:10001",
"health" : 1,
"state" : 1,
"stateStr" : "PRIMARY",
"uptime" : 481,
"optime" : Timestamp(1550626644, 4),
"optimeDate" : ISODate("2019-02-20T01:37:24Z"),
"electionTime" : Timestamp(1550627289, 1),
"electionDate" : ISODate("2019-02-20T01:48:09Z"),
"configVersion" : 1,
"self" : true
},
{
"_id" : 1,
"name" : "192.168.1.135:10002",
"health" : 1,
"state" : 2,
"stateStr" : "SECONDARY",
"uptime" : 434,
"optime" : Timestamp(1550626644, 4),
"optimeDate" : ISODate("2019-02-20T01:37:24Z"),
"lastHeartbeat" : ISODate("2019-02-20T01:55:23.957Z"),
"lastHeartbeatRecv" : ISODate("2019-02-20T01:55:22.426Z"),
"pingMs" : 1,
"lastHeartbeatMessage" : "could not find member to sync from",
"configVersion" : 1
},
{
"_id" : 2,
"name" : "192.168.1.135:10003",
"health" : 1,
"state" : 7,
"stateStr" : "ARBITER",
"uptime" : 402,
"lastHeartbeat" : ISODate("2019-02-20T01:55:23.950Z"),
"lastHeartbeatRecv" : ISODate("2019-02-20T01:55:23.233Z"),
"pingMs" : 1,
"configVersion" : 1
}
],
"ok" : 1
}

12.創建普通賬號,並寫入記錄
use db_yeemiao
db.createUser({user:'threedev',pwd:'threedev123',roles:[{role:'dbOwner',db:'db_yeemiao'}]})
db.auth("threedev","threedev123")
db.tb_test02.insert( {"name":"yiibai tutorials"})

save方法寫入數據
>db.createCollection("tb_test01") 創建表
>show collections 查看表是否創建成功
>db.tb_test01.save({age:1}) 添加數據
>db.tb_test01.find() 查看表數據

insert方法寫入數據
db.inventory.insert( { _id: 10, type: "misc", item: "card", qty: 15 } )

java連接帶有仲裁節點的副本集,只需要配置主從節點即可,不需要配置仲裁節點。

 


免責聲明!

本站轉載的文章為個人學習借鑒使用,本站對版權不負任何法律責任。如果侵犯了您的隱私權益,請聯系本站郵箱yoyou2525@163.com刪除。



猜您在找 mongodb4.2主從(副本集附仲裁節點)部署帶認證模式 mongodb副本集仲裁節點搭建 docker-compose 部署mongo副本集集群,主從仲裁 修改mongodb(帶仲裁節點的副本集)各機器端口 Mongodb副本集部署+用戶認證 MongoDB副本集(一主一備+仲裁)環境部署-運維操作記錄 mongodb主從仲裁節點配置 mongodb帶認證的副本集搭建 mongodb副本集添加節點 mongodb.副本集配置方法(使用keyfile認證部署)
 
粵ICP備18138465號   © 2018-2025 CODEPRJ.COM