环境:

OS:CentOS 7

DB:3.0.15

机器角色:

192.168.1.134:10001 主

192.168.1.135:10002 从

192.168.1.135:10003 仲裁节点

1.下载相应的版本

https://www.mongodb.com/download-center/community

我这里下载的是mongodb-linux-x86_64-3.0.15.tgz

---------------------------------------安装部署---------------------------------------

1.安装数据库

每个节点都安装数据库,安装方法一样

[root@pxc01 soft]#tar -xvf mongodb-linux-x86_64-3.0.15.tgz

[root@localhost soft]# mv mongodb-linux-x86_64-3.0.15 /opt/mongodb3015

[root@pxc01 soft]#cd /opt/mongodb3015

[root@pxc01 soft]#mkdir data ##数据文件目录

[root@pxc01 soft]#mkdir log ##日志文件目录

[root@pxc01 soft]#mkdir key ##认证文件目录

[root@pxc01 soft]#mkdir conf ##配置文件目录

2.产生秘钥验证

[root@pxc01 key]# cd /opt/mongodb3015/key

[root@pxc01 key]# openssl rand -base64 741 >>keyfile

[root@pxc01 key]# chmod 700 keyfile

3.将节点1上的整个目录都拷贝到另外的机器

因为我们第二个节点即做从节点也做仲裁节点,索引拷贝过去后需要重命名文件夹

[root@pxc01 opt]# scp -r ./mongodb3015 root@192.168.1.135:/opt/mongodb3015_slave

[root@pxc01 opt]# scp -r ./mongodb3015 root@192.168.1.135:/opt/mongodb3015_arbiter

 

4.创建配置文件mongo.cnf

##主节点的配置参数

port = 10001

fork = true

dbpath = /opt/mongodb3015/data

logpath = /opt/mongodb3015/log/logs

logappend = true

shardsvr = true

replSet = repltest

##keyFile=/opt/mongodb3015/key/keyfile

##auth = true

##从节点的配置参数

port = 10002

fork = true

dbpath = /opt/mongodb3015_slave/data

logpath = /opt/mongodb3015_slave/log/logs

logappend = true

shardsvr = true

replSet = repltest

##keyFile=/opt/mongodb3015_slave/key/keyfile

##auth = true

##仲裁节点的配置参数

port = 10003

fork = true

dbpath = /opt/mongodb3015_arbiter/data

logpath = /opt/mongodb3015_arbiter/log/logs

logappend = true

shardsvr = true

replSet = repltest

##keyFile=/opt/mongodb3015_arbiter/key/keyfile

##auth = true

这里keyFile和auth先注释,因为等部署完初始化完集群后再启用

5.启动

主节点启动:

[root@pxc01 bin]# ./mongod -f /opt/mongodb3015/conf/mongo.cnf

从节点启动:

[root@pxc02 bin]# ./mongod -f /opt/mongodb3015_slave/conf/mongo.cnf

仲裁节点启动:

[root@pxc02 bin]# ./mongod -f /opt/mongodb3015_arbiter/conf/mongo.cnf

6.初始化副本集

[root@localhost bin]# cd /opt/mongodb3015/bin

[root@localhost bin]# ./mongo 192.168.1.134:10001

use admin

config={_id:'repltest',members:[{_id:0,host:'192.168.1.134:10001'},{_id:1,host:'192.168.1.135:10002'},{_id:2,host:'192.168.1.135:10003', arbiterOnly:true}]}

rs.initiate(config)

到这里要是不需要带认证的副本集的化，就配置完成了,下面的部署我们继续配置带认证的

7.创建用户

在节点1上创建管理员账号sa

[root@localhost bin]# ./mongo 192.168.1.134:10001

use admin

db.createUser({user:"sa",pwd:"123456",roles:["root"]}); --创建用户

db.auth("sa","123456"); --设置用户登陆权限，密码一定要和创建用户时输入的密码相同

show users; --查看创建的用户

登录另外的两个节点,查看是否完成同步

[root@localhost bin]# ./mongo 192.168.1.135:10002

repltest:SECONDARY> use admin;

switched to db admin

repltest:SECONDARY> show users;

{

"_id" : "admin.sa",

"user" : "sa",

"db" : "admin",

"roles" : [

{

"role" : "root",

"db" : "admin"

}

]

}

仲裁节点是不存放数据的:

[root@localhost bin]# ./mongo 192.168.1.135:10003

repltest:ARBITER> use admin;

repltest:ARBITER> show users;

repltest:ARBITER>

 

8.关闭集群启用认证参数

采用localhost登录进行关闭数据库,每个节点操作一致,可以先停掉从库和仲裁节点再停主库

192.168.1.135机器:

[root@pxc03 bin]# ./mongo localhost:10002

repltest:SECONDARY> use admin

repltest:SECONDARY> db.shutdownServer()

[root@localhost bin]# ./mongo localhost:10003

repltest:ARBITER> use admin

switched to db admin

repltest:ARBITER> db.shutdownServer()

192.168.1.134机器

[root@localhost bin]# ./mongo localhost:10001

repltest:SECONDARY> use admin

repltest:SECONDARY> db.shutdownServer()

可以查看各进程是否存在

[root@localhost log]# ps -ef|grep mongo

9.修改配置文件启用认证

分别修改3个节点的配置文件,将之前注释的两行,启用

keyFile=/opt/mongodb3015/key/keyfile

auth = true

10.再次启动数据库

主节点启动:

[root@pxc01 bin]# ./mongod -f /opt/mongodb3015/conf/mongo.cnf

从节点启动:

[root@pxc02 bin]# ./mongod -f /opt/mongodb3015_slave/conf/mongo.cnf

仲裁节点启动:

[root@pxc02 bin]# ./mongod -f /opt/mongodb3015_arbiter/conf/mongo.cnf

登陆主数据库

[root@localhost bin]# ./mongo 192.168.1.134:10001

MongoDB shell version: 3.0.15

connecting to: 192.168.1.134:10001/test

repltest:PRIMARY> show databases;

2019-02-20T09:50:06.784+0800 E QUERY Error: listDatabases failed:{

"ok" : 0,

"errmsg" : "not authorized on admin to execute command { listDatabases: 1.0 }",

"code" : 13

}

at Error (<anonymous>)

at Mongo.getDBs (src/mongo/shell/mongo.js:47:15)

at shellHelper.show (src/mongo/shell/utils.js:630:33)

at shellHelper (src/mongo/shell/utils.js:524:36)

at (shellhelp2):1:1 at src/mongo/shell/mongo.js:47

repltest:PRIMARY> use admin

switched to db admin

repltest:PRIMARY> db.auth("sa","123456");

1

repltest:PRIMARY> show databases;

admin 0.078GB

local 22.067GB

登陆从数据库

./mongo 192.168.1.135:10002

repltest:SECONDARY> use admin

switched to db admin

repltest:SECONDARY> db.auth("sa","123456");

1

repltest:SECONDARY> show databases;

admin 0.078GB

local 22.067GB

登陆仲裁节点,仲裁节点是不存放数据库的,所以无法执行如下命令

repltest:ARBITER> use admin

switched to db admin

repltest:ARBITER> db.auth("sa","123456");

Error: 18 Authentication failed.

0

11.查看副本集状态

[root@localhost bin]# ./mongo 192.168.1.134:10001

repltest:PRIMARY> use admin

repltest:PRIMARY> db.auth("sa","123456")

repltest:PRIMARY> rs.status()

{

"set" : "repltest",

"date" : ISODate("2019-02-20T01:55:24.159Z"),

"myState" : 1,

"members" : [

{

"_id" : 0,

"name" : "192.168.1.134:10001",

"health" : 1,

"state" : 1,

"stateStr" : "PRIMARY",

"uptime" : 481,

"optime" : Timestamp(1550626644, 4),

"optimeDate" : ISODate("2019-02-20T01:37:24Z"),

"electionTime" : Timestamp(1550627289, 1),

"electionDate" : ISODate("2019-02-20T01:48:09Z"),

"configVersion" : 1,

"self" : true

},

{

"_id" : 1,

"name" : "192.168.1.135:10002",

"health" : 1,

"state" : 2,

"stateStr" : "SECONDARY",

"uptime" : 434,

"optime" : Timestamp(1550626644, 4),

"optimeDate" : ISODate("2019-02-20T01:37:24Z"),

"lastHeartbeat" : ISODate("2019-02-20T01:55:23.957Z"),

"lastHeartbeatRecv" : ISODate("2019-02-20T01:55:22.426Z"),

"pingMs" : 1,

"lastHeartbeatMessage" : "could not find member to sync from",

"configVersion" : 1

},

{

"_id" : 2,

"name" : "192.168.1.135:10003",

"health" : 1,

"state" : 7,

"stateStr" : "ARBITER",

"uptime" : 402,

"lastHeartbeat" : ISODate("2019-02-20T01:55:23.950Z"),

"lastHeartbeatRecv" : ISODate("2019-02-20T01:55:23.233Z"),

"pingMs" : 1,

"configVersion" : 1

}

],

"ok" : 1

}

12.创建普通账号,并写入记录

use db_yeemiao

db.createUser({user:'threedev',pwd:'threedev123',roles:[{role:'dbOwner',db:'db_yeemiao'}]})

db.auth("threedev","threedev123")

db.tb_test02.insert( {"name":"yiibai tutorials"})

save方法写入数据

>db.createCollection("tb_test01") 创建表

>show collections 查看表是否创建成功

>db.tb_test01.save({age:1}) 添加数据

>db.tb_test01.find() 查看表数据

insert方法写入数据

db.inventory.insert( { _id: 10, type: "misc", item: "card", qty: 15 } )

java连接带有仲裁节点的副本集，只需要配置主从节点即可，不需要配置仲裁节点。