从0开始搭建MongoDB集群

标签：man   密码   MLOG   conf   until   code   www.   管理员   rabl   

本次实验用了三台centos7服务器，详情如下表：

下载安装包
下载地址：https://www.mongodb.com/download-center/v2/community

二、搭建步骤

1、上传、解压包

[root@test101 ~]# tar xf mongodb-linux-x86_64-4.0.2.tgz 
[root@test101 ~]# ll
总用量 69364
-rw-------. 1 root root     1502 12月 14 2017 anaconda-ks.cfg
drwxr-xr-x. 3 root root      120 10月  9 10:18 mongodb-linux-x86_64-4.0.2
-rw-r--r--. 1 root root 71023715 10月  9 10:12 mongodb-linux-x86_64-4.0.2.tgz
[root@test101 ~]# mv mongodb-linux-x86_64-4.0.2 /usr/local/mongodb

2、配置环境变量

在/etc/profile文件末尾加入mongo的环境变量：

[root@test101 local]# echo "export PATH=/usr/local/mongodb/bin:\$PATH" >>/etc/profile
[root@test101 local]# source /etc/profile

3、编写配置文件

注意：/etc/mongodb/mongo.conf的路径和文件都是不存在的，需要自己创建

[root@test101 bin]# mkdir /etc/mongodb
[root@test101 bin]# cat /etc/mongodb/mongo.conf         #这里只配置了一些基本的配置
net:
  port: 27017        #用的默认端口27017
  bindIp: 0.0.0.0    #这里默认的是127.0.0.1，如果不配置成0.0.0.0，在后面做副本集的时候会失败
systemLog:
   destination: file
   path: "/opt/mongodbdata/mongod.log"
   logAppend: true
storage:
   journal:
      enabled: true
   dbPath: /opt/mongodbdata
setParameter:
   enableLocalhostAuthBypass: true
processManagement:
   fork: true
   pidFilePath: "/opt/mongodbdata/mongod.pid"
[root@test101 bin]# 

4、创建配置文件目录

[root@test101 bin]# mkdir /opt/mongodbdata

5、启动服务

[root@test101 ~]# /usr/local/mongodb/bin/mongod -f /etc/mongodb/mongo.conf 
about to fork child process, waiting until server is ready for connections.
forked process: 4390
child process started successfully, parent exiting
[root@test101 ~]# netstat -tlunp|grep 27017
tcp        0      0 0.0.0.0:27017           0.0.0.0:*               LISTEN      4390/mongod         
[root@test101 ~]# 

6、创建管理员用户和权限

登录进去MongoDB，执行下面三条命令即可

> use admin；     #切换到admin数据库
> db.createRole({role:‘sysadmin‘,roles:[],privileges:[{resource:{anyResource:true},actions:[‘anyAction‘]}]});     #创建一个超级管理员的角色，并赋予相应的权限
> db.createUser({user:‘root‘,pwd:‘root‘,roles:[{role:‘sysadmin‘,db:‘admin‘}]});       #创建一个超级管理员账号，并赋予上面的超级管理员角色和权限 ，pwd自定义

具体操作：

[root@test101 local]# mongo      #无密码登录
MongoDB shell version v4.0.2
connecting to: mongodb://127.0.0.1:27017
MongoDB server version: 4.0.2
Server has startup warnings: 
2018-10-09×××1:43:07.280+0800 I CONTROL  [initandlisten] ** WARNING: You are running this process as the root user, which is not recommended.
2018-10-09×××1:43:07.280+0800 I CONTROL  [initandlisten] 
2018-10-09×××1:43:07.280+0800 I CONTROL  [initandlisten] 
2018-10-09×××1:43:07.280+0800 I CONTROL  [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/enabled is ‘always‘.
2018-10-09×××1:43:07.280+0800 I CONTROL  [initandlisten] **        We suggest setting it to ‘never‘
2018-10-09×××1:43:07.280+0800 I CONTROL  [initandlisten] 
2018-10-09×××1:43:07.280+0800 I CONTROL  [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/defrag is ‘always‘.
2018-10-09×××1:43:07.280+0800 I CONTROL  [initandlisten] **        We suggest setting it to ‘never‘
2018-10-09×××1:43:07.280+0800 I CONTROL  [initandlisten] 
> show dbs;
admin   0.000GB
config  0.000GB
local   0.000GB
> use admin      #切换到admin数据库
switched to db admin
> db.createRole({role:‘sysadmin‘,roles:[],privileges:[{resource:{anyResource:true},actions:[‘anyAction‘]}]});         #创建一个超级管理员的角色，并赋予相应的权限
{
    "role" : "sysadmin",
    "roles" : [ ],
    "privileges" : [
        {
            "resource" : {
                "anyResource" : true
            },
            "actions" : [
                "anyAction"
            ]
        }
    ]
}
> db.createUser({                #创建一个超级管理员账号，并赋予上面的超级管理员角色和权限                                         
... ... ... ... 
... ... ... ... user:‘root‘,
... ... ... ... 
... ... ... ... pwd:‘root‘,
... ... ... ... 
... ... ... ... roles:[
... ... ... ... 
... ... ... ... {role:‘sysadmin‘,db:‘admin‘}
... ... ... ... 
... ... ... ... ]});
Successfully added user: {
    "user" : "root",
    "roles" : [
        {
            "role" : "sysadmin",
            "db" : "admin"
        }
    ]
}
> exit
bye

退出后用新的超级管理员账号登录：

[root@test101 mongodb]# mongo -u"root" -p"root" --authenticationDatabase "admin"       
MongoDB shell version v4.0.2
connecting to: mongodb://127.0.0.1:27017
MongoDB server version: 4.0.2
Server has startup warnings: 
2018-10-09×××1:43:07.280+0800 I CONTROL  [initandlisten] ** WARNING: You are running this process as the root user, which is not recommended.
2018-10-09×××1:43:07.280+0800 I CONTROL  [initandlisten] 
2018-10-09×××1:43:07.280+0800 I CONTROL  [initandlisten] 
2018-10-09×××1:43:07.280+0800 I CONTROL  [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/enabled is ‘always‘.
2018-10-09×××1:43:07.280+0800 I CONTROL  [initandlisten] **        We suggest setting it to ‘never‘
2018-10-09×××1:43:07.280+0800 I CONTROL  [initandlisten] 
2018-10-09×××1:43:07.280+0800 I CONTROL  [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/defrag is ‘always‘.
2018-10-09×××1:43:07.280+0800 I CONTROL  [initandlisten] **        We suggest setting it to ‘never‘
2018-10-09×××1:43:07.280+0800 I CONTROL  [initandlisten] 
> show dbs;
admin   0.000GB
config  0.000GB
local   0.000GB

以上步骤在三台主机上都要执行。

7、生成集群之间的安全认证机制KeyFile

在PRIMARY主机10.0.0.101机器上生成的KeyFile

[root@test101 local]# openssl rand -base64 745 >>/etc/mongodb/mongodb-keyfile
[root@test101 local]# cat /etc/mongodb/mongodb-keyfile
SgbDaERMIChd3MbuQ6WN7LJ7gI5FhOUI8D/uLxSHsH3buTDA0qjwcO1fP9/jRNkI
H+soQ/F/X7IUOnG238UjtO263/SwWebGMGd09u0VbyQwI1splmr+xeR3YDFWD0rw
stmDGcz6m/2ABfYTtKh/hIjZE5Yc1NSEWFmPNrhVbWsgD0BSI9CUr9JYTTnc1tl7
gycp9SsoPuoGLlPhnB8TG7Pu0rmNTuWq5DJnCG4fDClvkDJnlnDW59KDmfrLwnO3
ccLmb/+5OQNi1SGRsrdR3I8y2LE/lR6cK4cKX3GtiQB+BR3+BYdYCNVXpWC4Fw6z
xViVMKdPM4QIF99D+RLbwc16L9FQtlKy4NyHP5XyDmeMvfVDL5RIk8YVogZ3Y5Zr
1jgF2HxTEsxQ4TEZ2KUKA/gWZnTypXZ83Zso0XRk+n0pBSkwiG96Sk6fS9FiWwhp
v4Z80w1HS2L+dg8Qe3d1U+bl1Ro4Nj+sjxmXCFigJFRI4n40N+TCWHYJHx0l3BWm
3q2YyETol0+OrjIU71nFsGtUnP0seXa1HJsCtYCR7QFDf6uAE2u7JQD9Okram3In
crH/tuvdnq8Fi3FVsXxgoIMZhuYNr4kOLIszHQcv5Z/F1D+JmdD+yUvEzx+S7Npp
RZiXKz+kVKY1SFpDoMXZ7kv5oC+K5Ag3ZFPU+8SDh99dZCfq2z5TW+XiQTWB4Wh0
XlTae7IE15ILdLPpy+GQ9rtC4rlRmkdC9lNb6bOuYw3CbN0ANjVed1tenOEsBJ7Y
DFIeWNdnze5H38t2m2BrXpMbXLIZ3n4Ze/89th+UQnlP2ij0FMWFnMIxa6Dq3wqL
aEWvOXukbMbAw/vZZU5Ad2JmtBmClf6vP59fetz1wPCZFBqTF+NiNWEmlzuBEJwy
YBDzjWUiLODdopKugzZ+hxsSieYIZYzMg1CO9gAL2572mvOcPrUIWekC+gqWaZE7
wBQ5f3HmRAnHY4Wa/MYuEDCMrNtqNNy5hg==
[root@test101 local]# 

将10.0.0.101主机生成的mongodb-keyfile拷贝到另外两台SECONDARY机器上的/etc/mongodb/目录下，三台主机的mongodb-keyfile文件权限都改成400

8、修改三台主机的配置文件

修改三台主机的/etc/mongodb/mongo.conf，并将三台主机的MongoDB服务分别重启

[root@test101 mongodb]# cat /etc/mongodb/mongo.conf
net:
  port: 27017
  bindIp: 0.0.0.0
systemLog:
   destination: file
   path: "/opt/mongodbdata/mongod.log"
   logAppend: true
storage:
   journal:
      enabled: true
   dbPath: /opt/mongodbdata
setParameter:
   enableLocalhostAuthBypass: true
processManagement:
   fork: true
   pidFilePath: "/opt/mongodbdata/mongod.pid"
#加入下面的几行内容：
replication:
   replSetName: CrystalTest        #replSetName自定义
security:
   authorization: enabled
   keyFile: "/etc/mongodb/mongodb-keyfile"     #步骤7生成的安全认证机制KeyFile
[root@test101 mongodb]# 

9、初始化副本集

在初始化集群的时候，可以在所有机器上改好配置文件，并重启服务之后，一次性完成。也可以先初始化PRIMARY，然后再把SECONDARY主机一台一台加进去:
方法1——一次性初始化完成

> config = { _id:"CrystalTest", members:[{_id:0,host:"10.0.0.101:27017"},{_id:1,host:"10.0.0.102:27017"},{_id:2,host:"10.0.0.103:27017"}] };
> rs.initiate(config);

方法2——先初始化PRIMARY再加入SECONDARY：
先在PRIMARY上做如下两步操作：

> config = { _id:"CrystalTest", members:[{_id:0,host:"10.0.0.101:27017"}]};
> rs.initiate(config);

具体操作：

> config = { _id:"CrystalTest", members:[{_id:0,host:"10.0.0.101:27017"}]};
{
    "_id" : "CrystalTest",
    "members" : [
        {
            "_id" : 0,
            "host" : "10.0.0.101:27017"
        }
    ]
}
> rs.initiate(config);
{
    "ok" : 1,
    "operationTime" : Timestamp(1539054593, 1),
    "$clusterTime" : {
        "clusterTime" : Timestamp(1539054593, 1),
        "signature" : {
            "hash" : BinData(0,"AAAAAAAAAAAAAAAAAAAAAAAAAAA="),
            "keyId" : NumberLong(0)
        }
    }
}
CrystalTest:OTHER> 
CrystalTest:PRIMARY>    #执行完上面的步骤，过一会儿，状态就从OTHER变成PRIMARY
CrystalTest:PRIMARY> 

然后加入另外两台主机：

> rs.add("10.0.0.102:27017")
> rs.add("10.0.0.103:27017")

具体操作：

CrystalTest:PRIMARY> rs.add("10.0.0.102:27017")          #添加10.0.0.102主机
{
    "ok" : 1,
    "operationTime" : Timestamp(1539056959, 1),
    "$clusterTime" : {
        "clusterTime" : Timestamp(1539056959, 1),
        "signature" : {
            "hash" : BinData(0,"AAAAAAAAAAAAAAAAAAAAAAAAAAA="),
            "keyId" : NumberLong(0)
        }
    }
}
CrystalTest:PRIMARY> rs.add("10.0.0.103:27017")        #添加10.0.0.103主机
{
    "ok" : 1,
    "operationTime" : Timestamp(1539057016, 1),
    "$clusterTime" : {
        "clusterTime" : Timestamp(1539057016, 1),
        "signature" : {
            "hash" : BinData(0,"AAAAAAAAAAAAAAAAAAAAAAAAAAA="),
            "keyId" : NumberLong(0)
        }
    }
}
CrystalTest:PRIMARY> rs.status()         #查看集群状态
{
    "set" : "CrystalTest",
    "date" : ISODate("2018-10-09T03:50:18.692Z"),
    "myState" : 1,
    "term" : NumberLong(2),
    "syncingTo" : "",
    "syncSourceHost" : "",
    "syncSourceId" : -1,
    "heartbeatIntervalMillis" : NumberLong(2000),
    "optimes" : {
        "lastCommittedOpTime" : {
            "ts" : Timestamp(1539057016, 1),
            "t" : NumberLong(2)
        },
        "readConcernMajorityOpTime" : {
            "ts" : Timestamp(1539057016, 1),
            "t" : NumberLong(2)
        },
        "appliedOpTime" : {
            "ts" : Timestamp(1539057016, 1),
            "t" : NumberLong(2)
        },
        "durableOpTime" : {
            "ts" : Timestamp(1539057016, 1),
            "t" : NumberLong(2)
        }
    },
    "lastStableCheckpointTimestamp" : Timestamp(1539056959, 1),
    "members" : [
        {
            "_id" : 0,
            "name" : "10.0.0.101:27017",
            "health" : 1,
            "state" : 1,
            "stateStr" : "PRIMARY",
            "uptime" : 286,
            "optime" : {
                "ts" : Timestamp(1539057016, 1),
                "t" : NumberLong(2)
            },
            "optimeDate" : ISODate("2018-10-09T03:50:16Z"),
            "syncingTo" : "",
            "syncSourceHost" : "",
            "syncSourceId" : -1,
            "infoMessage" : "",
            "electionTime" : Timestamp(1539056735, 1),
            "electionDate" : ISODate("2018-10-09T03:45:35Z"),
            "configVersion" : 3,
            "self" : true,
            "lastHeartbeatMessage" : ""
        },
        {
            "_id" : 1,
            "name" : "10.0.0.102:27017",
            "health" : 1,
            "state" : 2,
            "stateStr" : "SECONDARY",
            "uptime" : 58,
            "optime" : {
                "ts" : Timestamp(1539057016, 1),
                "t" : NumberLong(2)
            },
            "optimeDurable" : {
                "ts" : Timestamp(1539057016, 1),
                "t" : NumberLong(2)
            },
            "optimeDate" : ISODate("2018-10-09T03:50:16Z"),
            "optimeDurableDate" : ISODate("2018-10-09T03:50:16Z"),
            "lastHeartbeat" : ISODate("2018-10-09T03:50:18.661Z"),
            "lastHeartbeatRecv" : ISODate("2018-10-09T03:50:18.227Z"),
            "pingMs" : NumberLong(0),
            "lastHeartbeatMessage" : "",
            "syncingTo" : "",
            "syncSourceHost" : "",
            "syncSourceId" : -1,
            "infoMessage" : "",
            "configVersion" : 3
        },
        {
            "_id" : 2,
            "name" : "10.0.0.103:27017",
            "health" : 1,
            "state" : 2,
            "stateStr" : "SECONDARY",
            "uptime" : 2,
            "optime" : {
                "ts" : Timestamp(1539057016, 1),
                "t" : NumberLong(2)
            },
            "optimeDurable" : {
                "ts" : Timestamp(1539057016, 1),
                "t" : NumberLong(2)
            },
            "optimeDate" : ISODate("2018-10-09T03:50:16Z"),
            "optimeDurableDate" : ISODate("2018-10-09T03:50:16Z"),
            "lastHeartbeat" : ISODate("2018-10-09T03:50:18.671Z"),
            "lastHeartbeatRecv" : ISODate("2018-10-09T03:50:18.495Z"),
            "pingMs" : NumberLong(1),
            "lastHeartbeatMessage" : "",
            "syncingTo" : "",
            "syncSourceHost" : "",
            "syncSourceId" : -1,
            "infoMessage" : "",
            "configVersion" : 3
        }
    ],
    "ok" : 1,
    "operationTime" : Timestamp(1539057016, 1),
    "$clusterTime" : {
        "clusterTime" : Timestamp(1539057016, 1),
        "signature" : {
            "hash" : BinData(0,"AAAAAAAAAAAAAAAAAAAAAAAAAAA="),
            "keyId" : NumberLong(0)
        }
    }
}
CrystalTest:PRIMARY> 

登录10.0.0.102和10.0.0.103主机的MongoDB查看角色都变成了SECONDARY：

[root@test102 mongodb]# mongo -u"root" -p"root" --authenticationDatabase "admin"
MongoDB shell version v4.0.2
connecting to: mongodb://127.0.0.1:27017
MongoDB server version: 4.0.2
Server has startup warnings: 
2018-10-09×××1:43:07.280+0800 I CONTROL  [initandlisten] ** WARNING: You are running this process as the root user, which is not recommended.
2018-10-09×××1:43:07.280+0800 I CONTROL  [initandlisten] 
2018-10-09×××1:43:07.280+0800 I CONTROL  [initandlisten] 
2018-10-09×××1:43:07.280+0800 I CONTROL  [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/enabled is ‘always‘.
2018-10-09×××1:43:07.280+0800 I CONTROL  [initandlisten] **        We suggest setting it to ‘never‘
2018-10-09×××1:43:07.280+0800 I CONTROL  [initandlisten] 
2018-10-09×××1:43:07.280+0800 I CONTROL  [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/defrag is ‘always‘.
2018-10-09×××1:43:07.280+0800 I CONTROL  [initandlisten] **        We suggest setting it to ‘never‘
2018-10-09×××1:43:07.280+0800 I CONTROL  [initandlisten] 
> 
CrystalTest:SECONDARY> 
CrystalTest:SECONDARY> 
CrystalTest:SECONDARY> 

至此，集群搭建完毕

从0开始搭建MongoDB集群

标签：man   密码   MLOG   conf   until   code   www.   管理员   rabl   

原文地址：http://blog.51cto.com/10950710/2296189