環境:
OS:CentOS 7
DB:4.2.9
機器角色:
192.168.1.169:29001 主
192.168.1.170:29002 從
192.168.1.170:29003 仲裁節點
1.下載相應的版本
https://www.mongodb.com/download-center/community
我這里下載的是mongodb-linux-x86_64-rhel70-4.2.9.tgz
---------------------------------------安裝部署---------------------------------------
1.創建安裝目錄
192.168.1.169:29001對應的安裝目錄
[root@test services]# mkdir -p /usr/local/services
[root@test services]# mkdir -p /home/middle/mongodb/data
[root@test services]# mkdir -p /home/middle/mongodb/log
[root@test services]# mkdir -p /home/middle/mongodb/key
[root@test services]# mkdir -p /home/middle/mongodb/conf
[root@test services]# mkdir -p /home/middle/mongodb/run
192.168.1.170:29002對應的安裝目錄
[root@test services]# mkdir -p /usr/local/services
[root@test services]# mkdir -p /home/middle/mongodb/data
[root@test services]# mkdir -p /home/middle/mongodb/log
[root@test services]# mkdir -p /home/middle/mongodb/key
[root@test services]# mkdir -p /home/middle/mongodb/conf
[root@test services]# mkdir -p /home/middle/mongodb/run
192.168.1.170:29003 仲裁節點對應的安裝目錄
[root@test services]# mkdir -p /usr/local/services
[root@test services]# mkdir -p /home/middle/mongodb_arbiter/data
[root@test services]# mkdir -p /home/middle/mongodb_arbiter/log
[root@test services]# mkdir -p /home/middle/mongodb_arbiter/key
[root@test services]# mkdir -p /home/middle/mongodb_arbiter/conf
[root@test services]# mkdir -p /home/middle/mongodb_arbiter/run
2.安裝數據庫
192.168.1.169:29001 安裝
[root@test soft]# tar -xvf mongodb-linux-x86_64-rhel70-4.2.9.tgz
[root@test soft]# mv mongodb-linux-x86_64-rhel70-4.2.9 /usr/local/services/mongodb
192.168.1.170:29002 安裝
[root@test soft]# tar -xvf mongodb-linux-x86_64-rhel70-4.2.9.tgz
[root@test soft]# mv mongodb-linux-x86_64-rhel70-4.2.9 /usr/local/services/mongodb
192.168.1.170:29003 安裝
[root@test soft]# tar -xvf mongodb-linux-x86_64-rhel70-4.2.9.tgz
[root@test soft]# mv mongodb-linux-x86_64-rhel70-4.2.9 /usr/local/services/mongodb_arbiter
3.產生秘鑰驗證
在其中一個機器上創建秘鑰文件,我這里是在192.168.1.169:29001
[root@test key]# cd /home/middle/mongodb/key
[root@test key]# openssl rand -base64 741 >>keyfile
[root@test key]# chmod 700 keyfile
加個keyfile拷貝到另外的兩個節點相應的目錄
scp keyfile root@192.168.1.170:/home/middle/mongodb/key/
scp keyfile root@192.168.1.170:/home/middle/mongodb_arbiter/key/
4.生成日志文件
192.168.1.169:29001
[root@test key]#echo>/home/middle/mongodb/log/mongodb.log
192.168.1.170:29002
[root@test key]#echo>/home/middle/mongodb/log/mongodb.log
192.168.1.170:29003
[root@test key]#echo>/home/middle/mongodb_arbiter/log/mongodb.log
5.創建配置文件mongo.cnf
##主節點的配置參數
port=29001
fork=true
dbpath=/home/middle/mongodb/data
logpath=/home/middle/mongodb/log/mongodb.log
pidfilepath=/home/middle/mongodb/run/29001.pid
logappend=true
shardsvr=true
replSet=repltest
bind_ip=192.168.1.169,127.0.0.1
oplogSize=10000
logRotate=reopen
##keyFile=/home/middle/mongodb/key/keyfile
##auth=true
##從節點的配置參數
port=29002
fork=true
dbpath=/home/middle/mongodb/data
logpath=/home/middle/mongodb/log/mongodb.log
pidfilepath=/home/middle/mongodb/run/29002.pid
logappend=true
shardsvr=true
replSet=repltest
bind_ip=192.168.1.170,127.0.0.1
oplogSize=10000
noprealloc=true
logRotate=reopen
##keyFile=/home/middle/mongodb/key/keyfile
##auth=true
##仲裁節點的配置參數
port=29003
fork=true
dbpath=/home/middle/mongodb_arbiter/data
logpath=/home/middle/mongodb/log/mongodb.log
pidfilepath=/home/middle/mongodb_arbiter/run/29003.pid
logappend=true
shardsvr=true
replSet=repltest
bind_ip=192.168.1.170,127.0.0.1
oplogSize=10000
noprealloc=true
logRotate=reopen
##keyFile=/home/middle/mongodb_arbiter/key/keyfile
##auth=true
這里keyFile和auth先注釋,因為等部署完初始化完集群后再啟用
5.啟動
主節點啟動:
192.168.1.169:29001
[root@test key]# /usr/local/services/mongodb/bin/mongod -f /home/middle/mongodb/conf/mongo.cnf
從節點啟動:
192.168.1.170:29003
[root@test key]# /usr/local/services/mongodb/bin/mongod -f /home/middle/mongodb/conf/mongo.cnf
仲裁節點啟動:
192.168.1.170:29003
[root@test key]# /usr/local/services/mongodb_arbiter/bin/mongod -f /home/middle/mongodb_arbiter/conf/mongo.cnf
6.初始化副本集
[root@localhost bin]# /usr/local/services/mongodb/bin/mongo 192.168.1.169:29001
use admin
config={_id:'repltest',members:[{_id:0,host:'192.168.1.169:29001'},{_id:1,host:'192.168.1.170:29002'},{_id:2,host:'192.168.1.170:29003', arbiterOnly:true}]}
rs.initiate(config)
到這里要是不需要帶認證的副本集的化,就配置完成了,下面的部署我們繼續配置帶認證的
7.創建用戶
在主節點上(我這里是節點1)上創建管理員賬號test
[root@localhost bin]# /usr/local/services/mongodb/bin/mongo 192.168.1.169:29001
use admin
db.createUser({user:"test",pwd:"test",roles:["root"]}); --創建用戶
db.auth("yeemiao","yeemiao123"); --設置用戶登陸權限,密碼一定要和創建用戶時輸入的密碼相同
show users; --查看創建的用戶
登錄另外的兩個節點,查看是否完成同步
[root@localhost bin]# /usr/local/services/mongodb/bin/mongo 192.168.1.170:29002
repltest:SECONDARY> use admin;
switched to db admin
repltest:SECONDARY> rs.slaveOk()
repltest:SECONDARY> show users;
repltest:SECONDARY> show users;show users;
{
"_id" : "admin.yeemiao",
"userId" : UUID("58744f4d-3568-410f-b9a8-d9992b135ed3"),
"user" : "yeemiao",
"db" : "admin",
"roles" : [
{
"role" : "root",
"db" : "admin"
}
],
"mechanisms" : [
"SCRAM-SHA-1",
"SCRAM-SHA-256"
]
}
仲裁節點是不存放數據的:
[root@localhost bin]# /usr/local/services/mongodb/bin/mongo 192.168.1.170:29003
repltest:ARBITER> use admin;
repltest:ARBITER> show users;
repltest:ARBITER>
8.關閉集群啟用認證參數
采用localhost登錄進行關閉數據庫,每個節點操作一致,可以先停掉從庫和仲裁節點再停主庫
注意關閉順序:
A:先關閉從節點、仲裁節點。或者先關閉仲裁節點,最后關閉從節點。則:主節點自動變為從節點
B:先關閉主節點,則從節點自動變為主節點,在仲裁節點關閉之前,新主節點不能關閉
[root@localhost bin]# /usr/local/services/mongodb/bin/mongo localhost:29002
repltest:ARBITER> use admin
switched to db admin
repltest:ARBITER> db.shutdownServer()
[root@localhost bin]# /usr/local/services/mongodb/bin/mongo localhost:29003
repltest:SECONDARY> use admin
repltest:SECONDARY> db.shutdownServer()
[root@pxc03 bin]# /usr/local/services/mongodb/bin/mongo localhost:29001
repltest:SECONDARY> use admin
repltest:SECONDARY> db.shutdownServer()
可以查看各進程是否存在
[root@localhost log]# ps -ef|grep mongo
9.修改配置文件啟用認證
分別修改3個節點的配置文件,將之前注釋的兩行,啟用
keyFile=/opt/mongodb3015/key/keyfile
auth = true
10.再次啟動數據庫
主節點啟動:
192.168.1.169:29001
[root@test key]# /usr/local/services/mongodb/bin/mongod -f /home/middle/mongodb/conf/mongo.cnf
從節點啟動:
192.168.1.170:29003
[root@test key]# /usr/local/services/mongodb/bin/mongod -f /home/middle/mongodb/conf/mongo.cnf
仲裁節點啟動:
192.168.1.170:29003
[root@test key]# /usr/local/services/mongodb_arbiter/bin/mongod -f /home/middle/mongodb_arbiter/conf/mongo.cnf
登陸主庫:
[root@test key]#/usr/local/services/mongodb/bin/mongo 192.168.1.169:29001
MongoDB shell version v4.2.9
connecting to: mongodb://192.168.1.169:29001/test?compressors=disabled&gssapiServiceName=mongodb
Implicit session: session { "id" : UUID("22b30c26-4edf-4312-bb2c-9e56cf5c5ecb") }
MongoDB server version: 4.2.9
repltest:PRIMARY> show databasesshow databases
repltest:PRIMARY> show dbsshow dbs
這時發現沒有任何的輸出的
repltest:PRIMARY> use admin
switched to db admin
repltest:PRIMARY> db.auth("test","test123");
1
repltest:PRIMARY> show databases;
admin 0.000GB
config 0.000GB
local 0.000GB
repltest:PRIMARY>
登陸從數據庫
[root@test key]#/usr/local/services/mongodb/bin/mongo 192.168.1.170:29002
repltest:SECONDARY> rs.slaveOk()
repltest:SECONDARY> use admin
switched to db admin
repltest:SECONDARY> db.auth("test","test123");
1
repltest:SECONDARY> show databases;
admin 0.000GB
config 0.000GB
local 0.000GB
登陸仲裁節點
[root@test key]#/usr/local/services/mongodb/bin/mongo 192.168.1.170:29003
repltest:ARBITER> use admin
switched to db admin
repltest:ARBITER> db.auth("test","test123");
Error: Authentication failed.
0
登陸仲裁節點,仲裁節點是不存放數據庫的,所以無法執行如下命令
12.創建普通賬號,並寫入記錄
[root@test key]#/usr/local/services/mongodb/bin/mongo 192.168.1.169:29001
repltest:PRIMARY> use admin
switched to db admin
repltest:PRIMARY> db.auth("test","test123");
repltest:PRIMARY>use db_zhibo
repltest:PRIMARY>db.createUser({user:'threedev',pwd:'threedev123',roles:[{role:'dbOwner',db:'db_zhibo'}]})
重新退出使用threedev登陸
repltest:PRIMARY>use db_zhibo
repltest:PRIMARY>db.auth("threedev","threedev123")
repltest:PRIMARY>db.tb_test02.insert( {"name":"yiibai tutorials"})
repltest:PRIMARY> db.tb_test02.find();db.tb_test02.find();
mongodb4.2主從(副本集附仲裁節點)部署帶認證模式
免責聲明!
本站轉載的文章為個人學習借鑒使用,本站對版權不負任何法律責任。如果侵犯了您的隱私權益,請聯系本站郵箱yoyou2525@163.com刪除。