一、環(huán)境信息
創(chuàng)新互聯(lián)建站堅持“要么做到,要么別承諾”的工作理念,服務領域包括:成都網站設計、成都網站建設、企業(yè)官網、英文網站、手機端網站、網站推廣等服務,滿足客戶于互聯(lián)網時代的渭濱網站設計、移動媒體設計的需求,幫助企業(yè)找到有效的互聯(lián)網解決方案。努力成為您成熟可靠的網絡建設合作伙伴!
CentOS release 6.7 (Final)
mongo version: 3.2.6
192.168.1.173 primary
192.168.1.174 secondary
192.168.1.172 secondary or arbiter
二、安裝mongo
1、yum源配置(使用哪個版本enable=1)
# cat /etc/yum.repos.d/MongoDB-org-3.2.repo
[mongodb-org-3.2]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/3.2/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-3.2.asc
[mongodb-org-2.6]
name=MongoDB 2.6 Repository
baseurl=http://downloads-distro.mongodb.org/repo/redhat/os/x86_64/
gpgcheck=0
enabled=0
2、yum install -y mongodb-org
三、replicat set 配置
1、修改配置文件(三臺服務器除了ip不一樣):
cat /etc/mongod.conf
# mongod.conf
# for documentation of all options, see:
# http://docs.mongodb.org/manual/reference/configuration-options/
# where to write logging data.
systemLog:
destination: file
logAppend: true
path: /var/log/mongodb/mongod.log
# Where and how to store data.
storage:
dbPath: /data/mongo
# dbPath: /var/lib/mongo
journal:
enabled: true
# engine:
# mmapv1:
# wiredTiger:
# how the process runs
processManagement:
fork: true # fork and run in background
pidFilePath: /var/run/mongodb/mongod.pid # location of pidfile
# network interfaces
net:
port: 27017
bindIp: 192.168.1.173 # Listen to local interface only, comment to listen on all interfaces.
#security:
security: #副本集配置成功之后才能打開安全認證
authorization: enabled #開啟認證
keyFile: /data/mongo/mongodb-keyfile #副本集使用keyFile進行相互認證
#operationProfiling:
#replication:
replication:
oplogSizeMB: 2000 #oplog的大小M
replSetName: rongyi #副本集的名稱
#sharding:
## Enterprise-Only Options
#auditLog:
#snmp:
2、配置replicat set 過程
#啟動mongod服務
#/usr/bin/mongod -f /etc/mongod.conf
啟動成功之后因為還未開啟auth認證,可以直接命令行登錄
#mongo 192.168.1.173
use admin
admin> config = { _id:"rongyi",members:[
... {_id:172,host:"192.168.1.172:27017",arbiterOnly:true},
... {_id:173,host:"192.168.1.173:27017"},
... {_id:174,host:"192.168.1.174:27017"}]
... }
{
"_id" : "rongyi",
"members" : [
{
"_id" : 172,
"host" : "192.168.1.172:27017",
"arbiterOnly" : true
},
{
"_id" : 173,
"host" : "192.168.1.173:27017"
},
{
"_id" : 174,
"host" : "192.168.1.174:27017"
}
]
}
admin> rs.initiate(config)
{ "ok" : 1 }
或者使用
config = { _id:"rongyi",members:[{_id:172,host:"192.168.1.172:27017"},{_id:173,host:"192.168.1.173:27017"},{_id:174,host:"192.168.1.174:27017"}]}
注:前者是一個備份節(jié)點,后者是兩個備份節(jié)點,mongo選舉的過程必須符合大多數,如果是偶數的節(jié)點,可以使用arbiter(仲裁節(jié)點),此節(jié)點只是為了參與選舉
使用rs.status()查看replicat set的狀態(tài)
3、創(chuàng)建管理員賬戶(這個賬戶要使用root role 否則會報錯):
admin> db.createUser({user:"admin",pwd:"********",roles:[{ role:"root", db:"admin" }]})
Successfully added user: {
"user" : "admin",
"roles" : [
{
"role" : "root",
"db" : "admin"
}
]
}
4、配置keyfile認證
在192.168.1.173上執(zhí)行
openssl rand -base64 741 > /data/mongo/mongodb-keyfile
chmod 600 /data/mongo/mongodb-keyfile
scp mongodb-keyfile 192.168.1.174:/data/mongo/
scp mongodb-keyfile 192.168.1.172:/data/mongo/
在配置文件中開啟認證:
security:
authorization: enabled
keyFile: /data/mongo/mongodb-keyfile
5、重啟mongod服務
/etc/init.d/mongod stop && /usr/bin/mongod -f /etc/mongod.conf
四、登錄驗證
mongo 192.168.1.173:27017/admin -uadmin -p*******
admin> rs.status()
{
"set" : "rongyi",
"date" : ISODate("2016-06-24T08:31:28.549Z"),
"myState" : 1,
"term" : NumberLong(7),
"heartbeatIntervalMillis" : NumberLong(2000),
"members" : [
{
"_id" : 172,
"name" : "192.168.1.172:27017",
"health" : 1,
"state" : 7,
"stateStr" : "ARBITER", #使用了仲裁
"uptime" : 19572,
"lastHeartbeat" : ISODate("2016-06-24T08:31:26.604Z"),
"lastHeartbeatRecv" : ISODate("2016-06-24T08:31:24.145Z"),
"pingMs" : NumberLong(0),
"configVersion" : 3
},
{
"_id" : 173,
"name" : "192.168.1.173:27017",
"health" : 1,
"state" : 1,
"stateStr" : "PRIMARY",
"uptime" : 19573,
"optime" : {
"ts" : Timestamp(1466740497, 1),
"t" : NumberLong(7)
},
"optimeDate" : ISODate("2016-06-24T03:54:57Z"),
"electionTime" : Timestamp(1466737527, 1),
"electionDate" : ISODate("2016-06-24T03:05:27Z"),
"configVersion" : 3,
"self" : true
},
{
"_id" : 174,
"name" : "192.168.1.174:27017",
"health" : 1,
"state" : 2,
"stateStr" : "SECONDARY",
"uptime" : 19567,
"optime" : {
"ts" : Timestamp(1466740497, 1),
"t" : NumberLong(7)
},
"optimeDate" : ISODate("2016-06-24T03:54:57Z"),
"lastHeartbeat" : ISODate("2016-06-24T08:31:26.604Z"),
"lastHeartbeatRecv" : ISODate("2016-06-24T08:31:26.604Z"),
"pingMs" : NumberLong(0),
"syncingTo" : "192.168.1.173:27017",
"configVersion" : 3
}
],
"ok" : 1
}