MongoDB之副本集配置
阿新 • • 發佈:2018-12-05
MongoDB主從複製
主從複製是 MongoDB 最早使用的複製方式, 該複製方式易於配置,並且可以支援任意數量的從節點伺服器,與使用單節點模式相比有如下優點:
在從伺服器上儲存資料副本,提高了資料的可用性, 並可以保證資料的安全性。
可配置讀寫分離,主節點負責寫操作,從節點負責讀操作,將讀寫壓力分開,提高系統的穩定性。
MongoDB 的主從複製至少需要兩個伺服器或者節點。其中一個是主節點,負責處理客戶端請求,其它的都是從節點,負責同步主節點的資料。
主節點記錄在其上執行的所有寫操作,從節點定期輪詢主節點獲取這些操作,然後再對自己的資料副本執行這些操作。由於和主節點執行了相同的操作,從節點就能保持與主節點的資料同步。
主節點的操作記錄稱為oplog(operation log),它被儲存在 MongoDB 的 local 資料庫中。oplog 中的每個文件都代表主節點上執行的一個操作。需要重點強調的是oplog只記錄改變資料庫狀態的操作。比如,查詢操作就不會被儲存在oplog中。這是因為oplog只是作為從節點與主節點保持資料同步的機制。
然而,主從複製並非生產環境下推薦的複製方式,主要原因如下兩點:
a.災備都是完全人工的 如果主節點發生故障失敗,管理員必須關閉一個從伺服器,然後作為主節點重新啟動它。然後應用程式必須重新配置連線新的主節點。
b.資料恢復困難 因為oplog只在主節點存在,故障失敗需要在新的伺服器上建立新的oplog,這意味著任意存在的節點需要重新從新的主節點同步oplog。
因此,在新版本的MongoDB中已經不再支援使用主從複製這種複製方式了,取而代之的是使用副本集複製方式。
MongoDB副本集
MongoDB副本集(Replica Set)其實就是具有自動故障恢復功能的主從叢集,和主從複製最大的區別就是在副本集中沒有固定的“主節點;整個副本集會選出一個節點作為“主節點”,當其掛掉後,再在剩下的從節點中選舉一個節點成為新的“主節點”,在副本集中總有一個主節點(primary)和一個或多個備份節點(secondary)。
除了primary和secondary之外,副本集中的節點還可以是以下角色:
|
|
成為primary |
對客戶端可見 |
參與投票 |
延遲同步 |
複製資料 |
| Default |
√ |
√ |
√ |
∕ |
√ |
| Secondary-Only |
∕ |
√ |
√ |
∕ |
√ |
| Hidden |
∕ |
∕ |
√ |
∕ |
√ |
| Delayed |
∕ |
√ |
√ |
√ |
√ |
| Arbiters |
∕ |
∕ |
√ |
∕ |
∕ |
| Non-Voting |
√ |
√ |
∕ |
∕ |
√ |
關於副本集的基礎概念,可以參考:https://blog.csdn.net/pengjunlee/article/details/83958794
官方幫助文件:https://docs.mongodb.com/manual/replication/
官方推薦的副本集最小配置需要有三個節點:一個主節點接收和處理所有的寫操作,兩個備份節點通過複製主節點的操作來對主節點的資料進行同步備份。
配置副本集
環境準備
副本集各節點IP如下:
172.16.250.234
172.16.250.239
172.16.250.240
首先,參照如下文章先對三個MongoDB 節點進行安裝:
https://blog.csdn.net/pengjunlee/article/details/82979542
然後,依次修改各個節點的 mongodb.conf 配置檔案,增加副本集相關配置,內容如下:
dbpath=/usr/local/mongodb-4.0.2/data
logpath=/usr/local/mongodb-4.0.2/log/mongodb.log
fork=true
logappend=true
bind_ip= # 此處填寫伺服器的IP
port=27017
# 設定副本集名稱,在各個配置檔案中,其值必須相同
replSet=rs0配置完成之後,分別在三個節點上執行如下命令通過載入檔案配置來啟動MongoDB服務:
mongod -config /usr/local/mongodb-4.0.2/mongodb.conf
# 或者
mongod -f /usr/local/mongodb-4.0.2/mongodb.conf至此,3個MongoDB例項都已經以副本集方式啟動,但它們彼此之間現在還不會進行通訊,仍需要進行一些配置。
副本集初始化
通過 Shell 連線到任意一個MongoDB例項,執行 rs.initiate() 方法對副本集進行初始化。
[[email protected] mongodb-4.0.2]# mongo 172.16.250.234:27017
> conf=
{
"_id" : "rs0",
"members" : [
{ "_id" : 0, "host" : "172.16.250.234:27017" },
{ "_id" : 1, "host" : "172.16.250.239:27017" },
{ "_id" : 2, "host" : "172.16.250.240:27017" }
]
}
> rs.initiate(conf)
{
"ok" : 1,
"operationTime" : Timestamp(1542247326, 1),
"$clusterTime" : {
"clusterTime" : Timestamp(1542247326, 1),
"signature" : {
"hash" : BinData(0,"AAAAAAAAAAAAAAAAAAAAAAAAAAA="),
"keyId" : NumberLong(0)
}
}
}
rs0:SECONDARY>如果在執行 rs.initiate() 方法時不傳入任何引數,MongoDB 將以預設的配置文件對副本集進行初始化,後續可以再通過 rs.add() 方法來向副本集中新增成員。
副本集更新
# 向副本集中新增成員
rs.add("172.16.250.240:27017")
# 從副本集中刪除成員
rs.remove("172.16.250.240:27017")
# 向副本集中新增仲裁
rs.addArb("172.16.250.240:27017")
# 向副本集中新增備份節點
rs.add({"_id":3,"host":"172.16.250.240:27017","priority":0,"hidden":true})# 更改副本集配置
rs0:PRIMARY> var conf=rs.conf()
rs0:PRIMARY> conf.members[1].priority = 5
5
# PRIMARY節點上執行如下命令
rs0:PRIMARY> rs.reconfig(conf)
{
"ok" : 1,
"operationTime" : Timestamp(1542248518, 1),
"$clusterTime" : {
"clusterTime" : Timestamp(1542248518, 1),
"signature" : {
"hash" : BinData(0,"AAAAAAAAAAAAAAAAAAAAAAAAAAA="),
"keyId" : NumberLong(0)
}
}
}
# SECONDARY節點上執行如下命令,需增加 force 引數
rs0:SECONDARY> rs.reconfig(conf,{force:true})
{
"ok" : 1,
"operationTime" : Timestamp(1542248726, 1),
"$clusterTime" : {
"clusterTime" : Timestamp(1542248726, 1),
"signature" : {
"hash" : BinData(0,"AAAAAAAAAAAAAAAAAAAAAAAAAAA="),
"keyId" : NumberLong(0)
}
}
}例如,強制讓一個節點成為Primary,可以將該節點的優先順序設定成最高。
cfg = rs.conf()
cfg.members[0].priority = 5
cfg.members[1].priority = 1
cfg.members[2].priority = 1
rs.reconfig(cfg)副本集監控
# 檢視副本集的配置資訊
rs0:PRIMARY> rs.conf()
{
"_id" : "rs0",
"version" : 104658,
"protocolVersion" : NumberLong(1),
"writeConcernMajorityJournalDefault" : true,
"members" : [
{
"_id" : 0,
"host" : "172.16.250.234:27017",
"arbiterOnly" : false,
"buildIndexes" : true,
"hidden" : false,
"priority" : 1,
"tags" : {},
"slaveDelay" : NumberLong(0),
"votes" : 1
},
{
"_id" : 1,
"host" : "172.16.250.239:27017",
"arbiterOnly" : false,
"buildIndexes" : true,
"hidden" : false,
"priority" : 5,
"tags" : {},
"slaveDelay" : NumberLong(0),
"votes" : 1
},
{
"_id" : 2,
"host" : "172.16.250.240:27017",
"arbiterOnly" : false,
"buildIndexes" : true,
"hidden" : false,
"priority" : 1,
"tags" : {},
"slaveDelay" : NumberLong(0),
"votes" : 1
}],
"settings" : {
"chainingAllowed" : true,
"heartbeatIntervalMillis" : 2000,
"heartbeatTimeoutSecs" : 10,
"electionTimeoutMillis" : 10000,
"catchUpTimeoutMillis" : -1,
"catchUpTakeoverDelayMillis" : 30000,
"getLastErrorModes" : {},
"getLastErrorDefaults" : {
"w" : 1,
"wtimeout" : 0
},
"replicaSetId" : ObjectId("5becd39e360189766762e057")
}
}# 檢視副本集執行狀態
rs0:PRIMARY> rs.status()
{
"set" : "rs0",
"date" : ISODate("2018-11-15T02:46:15.138Z"),
"myState" : 1,
"term" : NumberLong(2),
"syncingTo" : "",
"syncSourceHost" : "",
"syncSourceId" : -1,
"heartbeatIntervalMillis" : NumberLong(2000),
"optimes" : {
"lastCommittedOpTime" : {
"ts" : Timestamp(1542249966, 1),
"t" : NumberLong(2)
},
"readConcernMajorityOpTime" : {
"ts" : Timestamp(1542249966, 1),
"t" : NumberLong(2)
},
"appliedOpTime" : {
"ts" : Timestamp(1542249966, 1),
"t" : NumberLong(2)
},
"durableOpTime" : {
"ts" : Timestamp(1542249966, 1),
"t" : NumberLong(2)
}
},
"lastStableCheckpointTimestamp" : Timestamp(1542249916, 1),
"members" : [
{
"_id" : 0,
"name" : "172.16.250.234:27017",
"health" : 1,
"state" : 2,
"stateStr" : "SECONDARY",
"uptime" : 2651,
"optime" : {
"ts" : Timestamp(1542249966, 1),
"t" : NumberLong(2)
},
"optimeDurable" : {
"ts" : Timestamp(1542249966, 1),
"t" : NumberLong(2)
},
"optimeDate" : ISODate("2018-11-15T02:46:06Z"),
"optimeDurableDate" : ISODate("2018-11-15T02:46:06Z"),
"lastHeartbeat" : ISODate("2018-11-15T02:46:13.520Z"),
"lastHeartbeatRecv" : ISODate("2018-11-15T02:46:13.519Z"),
"pingMs" : NumberLong(0),
"lastHeartbeatMessage" : "",
"syncingTo" : "172.16.250.239:27017",
"syncSourceHost" : "172.16.250.239:27017",
"syncSourceId" : 1,
"infoMessage" : "",
"configVersion" : 104658
},
{
"_id" : 1,
"name" : "172.16.250.239:27017",
"health" : 1,
"state" : 1,
"stateStr" : "PRIMARY",
"uptime" : 2799,
"optime" : {
"ts" : Timestamp(1542249966, 1),
"t" : NumberLong(2)
},
"optimeDate" : ISODate("2018-11-15T02:46:06Z"),
"syncingTo" : "",
"syncSourceHost" : "",
"syncSourceId" : -1,
"infoMessage" : "",
"electionTime" : Timestamp(1542248524, 1),
"electionDate" : ISODate("2018-11-15T02:22:04Z"),
"configVersion" : 104658,
"self" : true,
"lastHeartbeatMessage" : ""
},
{
"_id" : 2,
"name" : "172.16.250.240:27017",
"health" : 1,
"state" : 2,
"stateStr" : "SECONDARY",
"uptime" : 1855,
"optime" : {
"ts" : Timestamp(1542249966, 1),
"t" : NumberLong(2)
},
"optimeDurable" : {
"ts" : Timestamp(1542249966, 1),
"t" : NumberLong(2)
},
"optimeDate" : ISODate("2018-11-15T02:46:06Z"),
"optimeDurableDate" : ISODate("2018-11-15T02:46:06Z"),
"lastHeartbeat" : ISODate("2018-11-15T02:46:13.520Z"),
"lastHeartbeatRecv" : ISODate("2018-11-15T02:46:13.520Z"),
"pingMs" : NumberLong(0),
"lastHeartbeatMessage" : "",
"syncingTo" : "172.16.250.239:27017",
"syncSourceHost" : "172.16.250.239:27017",
"syncSourceId" : 1,
"infoMessage" : "",
"configVersion" : 104658
}],
"ok" : 1,
"operationTime" : Timestamp(1542249966, 1),
"$clusterTime" : {
"clusterTime" : Timestamp(1542249966, 1),
"signature" : {
"hash" : BinData(0,"AAAAAAAAAAAAAAAAAAAAAAAAAAA="),
"keyId" : NumberLong(0)
}
}
}# 檢視備份節點的複製資訊
rs0:PRIMARY> db.printSlaveReplicationInfo()
source: 172.16.250.234:27017
syncedTo: Thu Nov 15 2018 11:08:36 GMT+0800 (CST)
0 secs (0 hrs) behind the primary
source: 172.16.250.240:27017
syncedTo: Thu Jan 01 1970 08:00:00 GMT+0800 (CST)
1542251316 secs (428403.14 hrs) behind the primary副本集測試
複製測試
在Primary 上插入一萬條客戶資料:
rs0:PRIMARY> for(var i=0;i<10000;i++){db.customer.insert({"name":"user"+i})}
WriteResult({ "nInserted" : 1 })
rs0:PRIMARY> db.customer.count()
10000在Secondary上檢視客戶資料是否已經同步:
rs0:SECONDARY> rs.slaveOk()
rs0:SECONDARY> db.customer.count()
10000故障轉移測試
執行如下命令關閉Primary節點,檢視其他2個節點的情況:
mongod --shutdown --dbpath /usr/local/mongodb-4.0.2/data# 檢視Primary節點關閉之前的狀態
rs0:PRIMARY> rs.status()
{
"set" : "rs0",
"date" : ISODate("2018-11-15T03:36:31.393Z"),
"myState" : 1,
"term" : NumberLong(4),
"syncingTo" : "",
"syncSourceHost" : "",
"syncSourceId" : -1,
"heartbeatIntervalMillis" : NumberLong(2000),
"optimes" : {
"lastCommittedOpTime" : {
"ts" : Timestamp(1542252988, 1),
"t" : NumberLong(4)
},
"readConcernMajorityOpTime" : {
"ts" : Timestamp(1542252988, 1),
"t" : NumberLong(4)
},
"appliedOpTime" : {
"ts" : Timestamp(1542252988, 1),
"t" : NumberLong(4)
},
"durableOpTime" : {
"ts" : Timestamp(1542252988, 1),
"t" : NumberLong(4)
}
},
"lastStableCheckpointTimestamp" : Timestamp(1542252978, 1),
"members" : [
{
"_id" : 0,
"name" : "172.16.250.234:27017",
"health" : 1,
"state" : 2,
"stateStr" : "SECONDARY",
"uptime" : 425,
"optime" : {
"ts" : Timestamp(1542252988, 1),
"t" : NumberLong(4)
},
"optimeDurable" : {
"ts" : Timestamp(1542252988, 1),
"t" : NumberLong(4)
},
"optimeDate" : ISODate("2018-11-15T03:36:28Z"),
"optimeDurableDate" : ISODate("2018-11-15T03:36:28Z"),
"lastHeartbeat" : ISODate("2018-11-15T03:36:31.243Z"),
"lastHeartbeatRecv" : ISODate("2018-11-15T03:36:30.233Z"),
"pingMs" : NumberLong(0),
"lastHeartbeatMessage" : "",
"syncingTo" : "172.16.250.239:27017",
"syncSourceHost" : "172.16.250.239:27017",
"syncSourceId" : 1,
"infoMessage" : "",
"configVersion" : 104666
},
{
"_id" : 1,
"name" : "172.16.250.239:27017",
"health" : 1,
"state" : 1,
"stateStr" : "PRIMARY",
"uptime" : 428,
"optime" : {
"ts" : Timestamp(1542252988, 1),
"t" : NumberLong(4)
},
"optimeDate" : ISODate("2018-11-15T03:36:28Z"),
"syncingTo" : "",
"syncSourceHost" : "",
"syncSourceId" : -1,
"infoMessage" : "",
"electionTime" : Timestamp(1542252577, 2),
"electionDate" : ISODate("2018-11-15T03:29:37Z"),
"configVersion" : 104666,
"self" : true,
"lastHeartbeatMessage" : ""
},
{
"_id" : 2,
"name" : "172.16.250.240:27017",
"health" : 1,
"state" : 2,
"stateStr" : "SECONDARY",
"uptime" : 78,
"optime" : {
"ts" : Timestamp(1542252988, 1),
"t" : NumberLong(4)
},
"optimeDurable" : {
"ts" : Timestamp(1542252988, 1),
"t" : NumberLong(4)
},
"optimeDate" : ISODate("2018-11-15T03:36:28Z"),
"optimeDurableDate" : ISODate("2018-11-15T03:36:28Z"),
"lastHeartbeat" : ISODate("2018-11-15T03:36:31.376Z"),
"lastHeartbeatRecv" : ISODate("2018-11-15T03:36:29.597Z"),
"pingMs" : NumberLong(0),
"lastHeartbeatMessage" : "",
"syncingTo" : "172.16.250.239:27017",
"syncSourceHost" : "172.16.250.239:27017",
"syncSourceId" : 1,
"infoMessage" : "",
"configVersion" : 104666
}],
"ok" : 1,
"operationTime" : Timestamp(1542252988, 1),
"$clusterTime" : {
"clusterTime" : Timestamp(1542252988, 1),
"signature" : {
"hash" : BinData(0,"AAAAAAAAAAAAAAAAAAAAAAAAAAA="),
"keyId" : NumberLong(0)
}
}
}# 在任意其他節點上檢視Primary節點關閉之後的狀態
> rs.status()
{
"set" : "rs0",
"date" : ISODate("2018-11-15T03:41:31.213Z"),
"myState" : 1,
"term" : NumberLong(5),
"syncingTo" : "",
"syncSourceHost" : "",
"syncSourceId" : -1,
"heartbeatIntervalMillis" : NumberLong(2000),
"optimes" : {
"lastCommittedOpTime" : {
"ts" : Timestamp(1542253290, 1),
"t" : NumberLong(5)
},
"readConcernMajorityOpTime" : {
"ts" : Timestamp(1542253290, 1),
"t" : NumberLong(5)
},
"appliedOpTime" : {
"ts" : Timestamp(1542253290, 1),
"t" : NumberLong(5)
},
"durableOpTime" : {
"ts" : Timestamp(1542253290, 1),
"t" : NumberLong(5)
}
},
"lastStableCheckpointTimestamp" : Timestamp(1542253268, 1),
"members" : [
{
"_id" : 0,
"name" : "172.16.250.234:27017",
"health" : 1,
"state" : 1,
"stateStr" : "PRIMARY",
"uptime" : 6115,
"optime" : {
"ts" : Timestamp(1542253290, 1),
"t" : NumberLong(5)
},
"optimeDate" : ISODate("2018-11-15T03:41:30Z"),
"syncingTo" : "",
"syncSourceHost" : "",
"syncSourceId" : -1,
"infoMessage" : "could not find member to sync from",
"electionTime" : Timestamp(1542253288, 1),
"electionDate" : ISODate("2018-11-15T03:41:28Z"),
"configVersion" : 104666,
"self" : true,
"lastHeartbeatMessage" : ""
},
{
"_id" : 1,
"name" : "172.16.250.239:27017",
"health" : 0,
"state" : 8,
"stateStr" : "(not reachable/healthy)",
"uptime" : 0,
"optime" : {
"ts" : Timestamp(0, 0),
"t" : NumberLong(-1)
},
"optimeDurable" : {
"ts" : Timestamp(0, 0),
"t" : NumberLong(-1)
},
"optimeDate" : ISODate("1970-01-01T00:00:00Z"),
"optimeDurableDate" : ISODate("1970-01-01T00:00:00Z"),
"lastHeartbeat" : ISODate("2018-11-15T03:41:30.593Z"),
"lastHeartbeatRecv" : ISODate("2018-11-15T03:41:18.148Z"),
"pingMs" : NumberLong(0),
"lastHeartbeatMessage" : "Error connecting to 172.16.250.239:27017 :: caused by :: Connection refused",
"syncingTo" : "",
"syncSourceHost" : "",
"syncSourceId" : -1,
"infoMessage" : "",
"configVersion" : -1
},
{
"_id" : 2,
"name" : "172.16.250.240:27017",
"health" : 1,
"state" : 2,
"stateStr" : "SECONDARY",
"uptime" : 372,
"optime" : {
"ts" : Timestamp(1542253268, 1),
"t" : NumberLong(4)
},
"optimeDurable" : {
"ts" : Timestamp(1542253268, 1),
"t" : NumberLong(4)
},
"optimeDate" : ISODate("2018-11-15T03:41:08Z"),
"optimeDurableDate" : ISODate("2018-11-15T03:41:08Z"),
"lastHeartbeat" : ISODate("2018-11-15T03:41:30.591Z"),
"lastHeartbeatRecv" : ISODate("2018-11-15T03:41:31.106Z"),
"pingMs" : NumberLong(0),
"lastHeartbeatMessage" : "",
"syncingTo" : "",
"syncSourceHost" : "",
"syncSourceId" : -1,
"infoMessage" : "",
"configVersion" : 104666
}],
"ok" : 1,
"operationTime" : Timestamp(1542253290, 1),
"$clusterTime" : {
"clusterTime" : Timestamp(1542253290, 1),
"signature" : {
"hash" : BinData(0,"AAAAAAAAAAAAAAAAAAAAAAAAAAA="),
"keyId" : NumberLong(0)
}
}
}再次啟動 172.16.250.239:27017 節點,由於其選舉優先順序最高,自動被選舉為Primary。
# 待172.16.250.239:27017 節點啟動後再次檢視副本集狀態
> rs.status()
{
"set" : "rs0",
"date" : ISODate("2018-11-15T03:44:01.745Z"),
"myState" : 2,
"term" : NumberLong(6),
"syncingTo" : "172.16.250.239:27017",
"syncSourceHost" : "172.16.250.239:27017",
"syncSourceId" : 1,
"heartbeatIntervalMillis" : NumberLong(2000),
"optimes" : {
"lastCommittedOpTime" : {
"ts" : Timestamp(1542253435, 1),
"t" : NumberLong(6)
},
"readConcernMajorityOpTime" : {
"ts" : Timestamp(1542253435, 1),
"t" : NumberLong(6)
},
"appliedOpTime" : {
"ts" : Timestamp(1542253435, 1),
"t" : NumberLong(6)
},
"durableOpTime" : {
"ts" : Timestamp(1542253435, 1),
"t" : NumberLong(6)
}
},
"lastStableCheckpointTimestamp" : Timestamp(1542253400, 1),
"members" : [
{
"_id" : 0,
"name" : "172.16.250.234:27017",
"health" : 1,
"state" : 2,
"stateStr" : "SECONDARY",
"uptime" : 6265,
"optime" : {
"ts" : Timestamp(1542253435, 1),
"t" : NumberLong(6)
},
"optimeDate" : ISODate("2018-11-15T03:43:55Z"),
"syncingTo" : "172.16.250.239:27017",
"syncSourceHost" : "172.16.250.239:27017",
"syncSourceId" : 1,
"infoMessage" : "",
"configVersion" : 104666,
"self" : true,
"lastHeartbeatMessage" : ""
},
{
"_id" : 1,
"name" : "172.16.250.239:27017",
"health" : 1,
"state" : 1,
"stateStr" : "PRIMARY",
"uptime" : 23,
"optime" : {
"ts" : Timestamp(1542253435, 1),
"t" : NumberLong(6)
},
"optimeDurable" : {
"ts" : Timestamp(1542253435, 1),
"t" : NumberLong(6)
},
"optimeDate" : ISODate("2018-11-15T03:43:55Z"),
"optimeDurableDate" : ISODate("2018-11-15T03:43:55Z"),
"lastHeartbeat" : ISODate("2018-11-15T03:44:01.228Z"),
"lastHeartbeatRecv" : ISODate("2018-11-15T03:44:00.835Z"),
"pingMs" : NumberLong(0),
"lastHeartbeatMessage" : "",
"syncingTo" : "",
"syncSourceHost" : "",
"syncSourceId" : -1,
"infoMessage" : "",
"electionTime" : Timestamp(1542253424, 1),
"electionDate" : ISODate("2018-11-15T03:43:44Z"),
"configVersion" : 104666
},
{
"_id" : 2,
"name" : "172.16.250.240:27017",
"health" : 1,
"state" : 2,
"stateStr" : "SECONDARY",
"uptime" : 522,
"optime" : {
"ts" : Timestamp(1542253435, 1),
"t" : NumberLong(6)
},
"optimeDurable" : {
"ts" : Timestamp(1542253435, 1),
"t" : NumberLong(6)
},
"optimeDate" : ISODate("2018-11-15T03:43:55Z"),
"optimeDurableDate" : ISODate("2018-11-15T03:43:55Z"),
"lastHeartbeat" : ISODate("2018-11-15T03:44:01.166Z"),
"lastHeartbeatRecv" : ISODate("2018-11-15T03:44:01.414Z"),
"pingMs" : NumberLong(0),
"lastHeartbeatMessage" : "",
"syncingTo" : "172.16.250.239:27017",
"syncSourceHost" : "172.16.250.239:27017",
"syncSourceId" : 1,
"infoMessage" : "",
"configVersion" : 104666
}
],
"ok" : 1,
"operationTime" : Timestamp(1542253435, 1),
"$clusterTime" : {
"clusterTime" : Timestamp(1542253435, 1),
"signature" : {
"hash" : BinData(0,"AAAAAAAAAAAAAAAAAAAAAAAAAAA="),
"keyId" : NumberLong(0)
}
}
}
開啟安全認證
MongoDB使用者和身份驗證詳細內容,傳送門:
https://blog.csdn.net/pengjunlee/article/details/84106877
建立使用者
登入 PRIMARY節點建立使用者,在此我們對 test 庫開啟安全認證。
rs0:PRIMARY> show dbs
admin 0.000GB
config 0.000GB
local 0.002GB
test 0.000GB
rs0:PRIMARY> use admin
switched to db admin
rs0:PRIMARY> db.createUser({user:"root",pwd:"123456",roles:[{role:"userAdminAnyDatabase",db:"admin"}]})
Successfully added user: {
"user" : "root",
"roles" : [
{
"role" : "userAdminAnyDatabase",
"db" : "admin"
}
]
}
rs0:PRIMARY> use test
switched to db test
rs0:PRIMARY> db.createUser({user:"admin",pwd:"admin",roles:[{role:"readWrite",db:"test"}]})
Successfully added user: {
"user" : "admin",
"roles" : [
{
"role" : "readWrite",
"db" : "test"
}
]
}
建立keyFile檔案
先停掉所有SECONDARY節點的MongoDB服務,然後再停掉PRIMARY節點的MongoDB服務,並在PRIMARY節點所在伺服器上建立keyFile檔案。
[[email protected] mongodb-4.0.2]# openssl rand -base64 666 > /usr/local/mongodb-4.0.2/keyfile
[[email protected] mongodb-4.0.2]# chmod 600 /usr/local/mongodb-4.0.2/keyfile將生成的keyFile檔案拷貝到其他節點伺服器上,並修改檔案的操作許可權為 600。
chmod 600 /usr/local/mongodb-4.0.2/keyfile更新啟動配置檔案
修改PRIMARY節點的 mongodb.conf 檔案,增加如下內容:
# Add below Config
auth=true
oplogSize=100
keyFile=/usr/local/mongodb-4.0.2/keyfile修改SECONDARY節點的 mongodb.conf 檔案,增加如下內容:
# Add below Config
oplogSize=100
keyFile=/usr/local/mongodb-4.0.2/keyfile
啟動副本集
先以 --auth 方式啟動PRIMARY節點:
[[email protected] mongodb-4.0.2]# mongod -f /usr/local/mongodb-4.0.2/mongodb.conf再啟動SECONDARY節點:
mongod -f /usr/local/mongodb-4.0.2/mongodb.conf登入測試
[[email protected] mongodb-4.0.2]# mongo -uadmin -padmin 172.16.250.239:27017
MongoDB shell version v4.0.2
connecting to: mongodb://172.16.250.239:27017/test
MongoDB server version: 4.0.2
rs0:PRIMARY> show dbs;
test 0.000GBadmin使用者只能看到test庫。