1:启动三个实例
/home/maxiangqian/mongodb-linux-x86_64-rhel62-3.4.2/bin/mongod --config /home/mongodb/db27017/mongodb27017.conf /home/maxiangqian/mongodb-linux-x86_64-rhel62-3.4.2/bin/mongod --config /home/mongodb/db27018/mongodb27018.conf /home/maxiangqian/mongodb-linux-x86_64-rhel62-3.4.2/bin/mongod --config /home/mongodb/db27019/mongodb27019.conf
2:为每个实例配置超级管理员账号:maxiangqian
use admin db.createUser( { user: "maxiangqian", pwd: "maxiangqian", roles: [ { role: "root", db: "admin" } ] } )
然后使用验证登录
use admin db.auth("maxiangqian","maxiangqian") db.shutdownServer()
3:重启mongodb数据库以复制集的形式启动mongodb数据库
mongod -f /home/mongodb/db27017/mongodb27017.conf mongod -f /home/mongodb/db27018/mongodb27018.conf mongod -f /home/mongodb/db27019/mongodb27019.conf
4:登入27017mongodb数据库进行初始化:
mongo localhost:27017 配置主节点: rsconf = { _id: "rsmxqtest", members: [ { _id: 0,host: "localhost:27017" } ] } 再进行初始化: > rs.initiate() 进行验证: rs.conf() 添加一个节点: rs.add("localhost:27018")
嗯?报错了,什么鬼,看一下报错信息:
rsmxqtest:PRIMARY> rs.add("localhost:27018")
{
"ok" : 0,
"errmsg" : "Quorum check failed because not enough voting nodes responded; required 2 but only the following 1 voting nodes responded: localhost.localdomain:27017; the following nodes did not respond affirmatively: localhost:27018 failed with not authorized on admin to execute command { replSetHeartbeat: "rsmxqtest", pv: 1, v: 2, from: "localhost.localdomain:27017", fromId: 0, checkEmpty: false }",
"code" : 74,
"codeName" : "NodeNotFound"
}
意思就是没有权限,复制集之间的互联也是需要验证的,所以要配置keyfile来满足这个需求,如果开启了 authorization ,投票节点通过证书的形式与复制集中其他节点进行认证。MongoDB的身份认证过程是加密的。MongoDB的认证交互是通过密码进行的
5:创建一个keyfile,并且拷贝到其他从节点
openssl rand -base64 756 > /home/mongodb/db27017/key/autokey chmod 400 /home/mongodb/db27017/key/autokey
然后进行拷贝并且查看文件:
[root@localhost key]# cp /home/mongodb/db27017/key/autokey /home/mongodb/db27018/key/autokey [root@localhost key]# cp /home/mongodb/db27017/key/autokey /home/mongodb/db27019/key/autokey [root@localhost key]# ls -ll /home/mongodb/db27018/key/ total 4 -r-------- 1 root root 1024 Mar 14 16:32 autokey [root@localhost key]# ls -ll /home/mongodb/db27019/key/ total 4 -r-------- 1 root root 1024 Mar 14 16:33 autokey
6:以keyFile 参数启动mongodb数据库
首先我们在三个数据库的配置文件添加以下信息:
keyFile = /home/mongodb/db27017/key/autokey keyFile = /home/mongodb/db27018/key/autokey keyFile = /home/mongodb/db27019/key/autokey
重启三台mongodb数据库
db.shutdownServer() mongod -f /home/mongodb/db27017/mongodb27017.conf mongod -f /home/mongodb/db27018/mongodb27018.conf mongod -f /home/mongodb/db27019/mongodb27019.conf
7:登录主节点27017节点,然后进行操作添加节点
[root@localhost tmp]# mongo localhost:27017 MongoDB shell version v3.4.2 connecting to: localhost:27017 MongoDB server version: 3.4.2 rsmxqtest:PRIMARY> use admin switched to db admin rsmxqtest:PRIMARY> db.auth("maxiangqian","maxiangqian")
开始添加节点
rsmxqtest:PRIMARY> rs.add("localhost:27018") { "ok" : 1 }
显示添加成功,然后添加一个投票节点(投票节点是不保存数据的,只是作为投票使用)
rsmxqtest:PRIMARY> rs.addArb("localhost:27019") { "ok" : 1 }
显示添加成功,然后验证看一下节点状态:
rs.status()
rs.conf()
打印的消息就不打印贴出来了,有点太长了。
OK,现在一个keyfile的验证复制集(一主一从一投票)已经配置完了,我们现在开始验证一下复制集:
(1)主节点添加一条数据27017
rsmxqtest:PRIMARY> use maxiangqian switched to db maxiangqian rsmxqtest:PRIMARY> db.maxiangqian.insert({"name":"maxiangqian"}) WriteResult({ "nInserted" : 1 }) rsmxqtest:PRIMARY> db.maxiangqian.find().pretty() { "_id" : ObjectId("58c7b0c0088625cf734503ae"), "name" : "maxiangqian" }
(2)登录从节点验证数据27018
rsmxqtest:SECONDARY> use admin switched to db admin rsmxqtest:SECONDARY> db.auth("maxiangqian","maxiangqian") 1 rsmxqtest:SECONDARY> rs.slaveOk() rsmxqtest:SECONDARY> show dbs admin 0.000GB local 0.000GB maxiangqian 0.000GB rsmxqtest:SECONDARY> use maxiangqian switched to db maxiangqian rsmxqtest:SECONDARY> db.maxiangqian.find().pretty() { "_id" : ObjectId("58c7b0c0088625cf734503ae"), "name" : "maxiangqian" }
可以看得到,复制集的功能已经完成了,数据也已经同步了。投票节点是不存储数据的,所以我们就不需要去验证数据了。