本次在一台服务器上搭建,根据端口区分不同进程。架构为一主两从,其中一个从节点为投票节点。
| IP | 端口 | 角色 |
| 10.238.162.33 | 27017 | PRIMARY |
| 10.238.162.33 | 27018 | SECONDARY |
| 10.238.162.33 | 27019 | ARBITER |
实验环境为CentOS 7.5
[root@localhost ~]# cat /etc/redhat-release
CentOS Linux release 7.5.1804 (Core) 安装MongoDB
MongoDB官网下载安装包
3.4.18版本
wget https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-rhel62-3.4.18.tgz
解压
tar zxf mongodb-linux-x86_64-rhel62-3.4.18.tgz
移动至/usr/local/mongodb 下
mv mongodb-linux-x86_64-rhel62-3.4.18 /usr/local/mongodb
设置环境变量并生效
echo 'export PATH=$PATH:/usr/local/mongodb/bin'>> /etc/profile
source /etc/profile
添加用户和组
groupadd mongo
useradd -g mongo mongo创建数据文件及日志目录
mkdir -p /data/mongodb27017/log/
mkdir -p /data/mongodb27018/log/
mkdir -p /data/mongodb27019/log/配置文件模板,配置文件中除端口和目录不同,其他配置基本都是一样的。
#SERVER
fork = true
port = 27017
quiet = true
dbpath = /data/mongodb27017/
logpath = /data/mongodb27017/log/mongod.log
logappend = true
journal = true
# <=3.4
nohttpinterface = true
directoryperdb = true
#SLOW_LOG
profile = 1
slowms = 500
#RS
replSet = rs01
oplogSize = 4096
# add for 3.4
# shardsvr = true
#SCO
#cinfigsvr = true
#configdb = MSCHOST
#USER
keyFile=/data/mongodb27017/keyfile
setParameter=enableLocalhostAuthBypass=1
storageEngine=wiredTiger
wiredTigerCacheSizeGB=1
wiredTigerCollectionBlockCompressor=snappy
#mongo_version=mongodb34生成keyfile并修改文件权限为只有文件拥有者只读。
openssl rand -base64 765 > keyfile
chmod 600 keyfile 将配置文件和keyfile分别拷贝到相应目录,并修改目录属主属组
cp mongodb27017.cnf /data/mongodb27017/
cp mongodb27018.cnf /data/mongodb27018/
cp mongodb27019.cnf /data/mongodb27019/
cp keyfile /data/mongodb27017/
cp keyfile /data/mongodb27018/
cp keyfile /data/mongodb27019/
chown -R mongo.mongo /data/启动进程
sudo -u mongo /usr/local/mongodb/bin/mongod -f /data/mongodb27019/mongodb27019.cnf
sudo -u mongo /usr/local/mongodb/bin/mongod -f /data/mongodb27018/mongodb27018.cnf
sudo -u mongo /usr/local/mongodb/bin/mongod -f /data/mongodb27017/mongodb27017.cnf由于MongoDB的localhost exception特性,第一次可以使用本地登录,这样就可以初始化副本集和创建第一个超级用户了。因为开启了keyfile认证,如果用具体ip加端口的方式登录,初始化还有创建用户都会报错。
# mongo 127.0.0.1:27017
MongoDB shell version v3.4.18
connecting to: mongodb://127.0.0.1:27017/test
MongoDB server version: 3.4.18
或者
# mongo
MongoDB shell version v3.4.18
connecting to: mongodb://127.0.0.1:27017
MongoDB server version: 3.4.18初始化副本集
[root@localhost mongodb27017]# mongo
MongoDB shell version v3.4.18
connecting to: mongodb://127.0.0.1:27017
MongoDB server version: 3.4.18
> cfg={_id:'rs01',version:1,members:[{_id:0,host:'10.238.162.33:27017'},{_id:1,host:'10.238.162.33:27018'},{_id:2,host:'10.238.162.33:27019',arbiterOnly:true}]};
{
"_id" : "rs01",
"version" : 1,
"members" : [
{
"_id" : 0,
"host" : "10.238.162.33:27017"
},
{
"_id" : 1,
"host" : "10.238.162.33:27018"
},
{
"_id" : 2,
"host" : "10.238.162.33:27019",
"arbiterOnly" : true
}
]
}
> rs.initiate(cfg);
{ "ok" : 1 }创建超级用户
rs01:PRIMARY> use admin;
switched to db admin
rs01:PRIMARY>
rs01:PRIMARY> db.createUser({user:"admin",pwd:"admin",roles: [{ role: "root", db: "admin" }]});
Successfully added user: {
"user" : "admin",
"roles" : [
{
"role" : "root",
"db" : "admin"
}
]
}使用认证方式登录shell
mongo 10.238.162.33:27017/admin -uadmin -padmin查看副本集状态
rs.status()