目录
环境信息
| IP | 端口 | 节点 |
|---|---|---|
| 10.0.0.1 | 27017 | 主 |
| 10.0.0.2 | 27017 | 从 |
| 10.0.0.3 | 27017 | 仲裁 |
环境准备
1.关闭THP
-
Transparent Huge Pages 简称 THP。透明大页面(THP)是一种Linux内存管理系统,通过使用更大的内存页面,可以减少具有大量内存的计算机上的Translation Lookaside Buffer(TLB)查找的开销。但是,数据库工作负载通常在THP上表现不佳,因为它们往往具有稀疏而不是连续的内存访问模式。 您应该在Linux机器上禁用THP以确保使用MongoDB获得最佳性能。
创建规则目录
root # mkdir /etc/tuned/no-thp
#创建规则配置文件
root # vim /etc/tuned/no-thp/tuned.conf
[main]
include=virtual-guest
[vm]
transparent_hugepages=never
#启动该规则(重启后可生效)
root # tuned-adm profile no-thp
#临时生效方法
root # echo 'never' >/sys/kernel/mm/transparent_hugepage/enabled
root # echo 'never' >/sys/kernel/mm/transparent_hugepage/defrag
#查看当前THP是否关闭(necer表示关闭)
root # cat /sys/kernel/mm/transparent_hugepage/enabled
always madvise [never]
root # cat /sys/kernel/mm/transparent_hugepage/defrag
always madvise [never]
2.创建MongoDB用户,并禁止登录。
root # groupadd mongodb
root # useradd -r -g mongodb -s /bin/false mongodb
3.设置mongodb用户的ulimit
cat> /etc/security/limits.d/mongodb.conf <<EOF
mongodb soft nofile 65535
mongodb hard nofile 65535
mongodb soft nproc 65535
mongodb hard nproc 65535
mongodb soft memlock unlimited
mongodb hardmemlock unlimited
EOF
4.安装MongoDB所需要的依赖包
root # yum install cyrus-sasl cyrus-sasl-gssapi cyrus-sasl-plain krb5-libs libcurl libpcap lm_sensors-libs net-snmp net-snmp-agent-libs openldap openssl rpm-libs tcp_wrappers-libs -y
mongoDB配置&部署
1.创建MongoDB目录
root # mkdir /data/mongodb
root # mkdir /data/mongodb/base
root # mkdir /data/mongodb/{data,conf,log}
root # mkdir /data/mongodb/data/27017
root # mkdir /data/mongodb/conf/27017
root # mkdir /data/mongodb/log/27017
#目录结构
root # tree /data/mongodb/
/data/mongodb/
├── base
├── conf
│ ├── 27017
├── data
│ ├── 27017
└── log
├── 27017
2.下载并解压mongodb安装包
root # wget https://downloads.mongodb.com/linux/mongodb-linux-x86_64-enterprise-rhel70-5.0.28.tgz
root # tar xf mongodb-linux-x86_64-enterprise-rhel70-5.0.28.tgz -C /data/mongodb/base/ --strip-components=1
#对mongodb目录进行授权
root # chown -R mongodb.mongodb /data/mongodb/
3.添加mongodb环境变量
[root@MongoDB~]# vim /etc/profile
export MONGODB_HOME=/data/mongodb/base
export PATH=$MONGODB_HOME/bin:$PATH
[root@MongoDB~]# source /etc/profile
4.添加mongodb的keyfile文件
#进入到conf目录
root # cd /data/mongodb/conf/27017
#生成keyfile文件
root # openssl rand -base64 756 >keyfile
#对keyfile文件进行授权
root # chmod 400 keyfile
#将keyfile文件传输到其他两个节点的conf目录,三个节点的keyfile文件需保持一致
root # scp keyfile root@10.0.0.2: /data/mongodb/conf/27017
root # scp keyfile root@10.0.0.3: /data/mongodb/conf/27017
5.配置mongodb的conf文件
- 配置文件需要修改项
-
复制集群名称:replSetName: test
-
监听地址:bindIp
主:
cat > /data/mongodb/conf/27017/mongodb.conf << EOF
systemLog:
destination: file
path: "/data/mongodb/log/27017/mongodb.log"
logAppend: true
storage:
dbPath: "/data/mongodb/data/27017"
directoryPerDB: true #设置为true,修改数据目录存储模式,每个数据库的文件存储在DBPATH指定目录的不同的文件夹中。使用此选项,可以配置的MongoDB将数据存储在不同的磁盘设备上,以提高写入吞吐量或磁盘容量。默认为false
journal:
enabled: true #启用操作日志,以确保写入持久性和数据的一致性,会在dbpath目录下创建journal目录
commitIntervalMs: 100
operationProfiling:
slowOpThresholdMs: 200
mode: slowOp
slowOpSampleRate: 1
processManagement:
fork: true
pidFilePath: "data/mongodb/data/27017/mongod.pid"
net:
port: 27017
bindIp: 127.0.0.1,10.0.0.1 #填写本地地址以及本机ip
replication:
oplogSizeMB: 20480
replSetName: test #复制集名称
security:
authorization: enabled
keyFile: "/data/mongodb/conf/27017/keyfile"
EOF副本:
cat > /data/mongodb/conf/27017/mongodb.conf << EOF
systemLog:
destination: file
path: "/data/mongodb/log/27017/mongodb.log"
logAppend: true
storage:
dbPath: "/data/mongodb/data/27017"
directoryPerDB: true
journal:
enabled: true
commitIntervalMs: 100
operationProfiling:
slowOpThresholdMs: 200
mode: slowOp
slowOpSampleRate: 1
processManagement:
fork: true
pidFilePath: "data/mongodb/data/27017/mongod.pid"
net:
port: 27017
bindIp: 127.0.0.1,10.0.0.2
replication:
oplogSizeMB: 20480
replSetName: test
security:
authorization: enabled
keyFile: "/data/mongodb/conf/27017/keyfile"
EOF仲裁:
cat > /data/mongodb/conf/27017/mongodb.conf << EOF
systemLog:
destination: file
path: "/data/mongodb/log/27017/mongodb.log"
logAppend: true
storage:
dbPath: "/data/mongodb/data/27017"
directoryPerDB: true
journal:
enabled: true
commitIntervalMs: 100
operationProfiling:
slowOpThresholdMs: 200
mode: slowOp
slowOpSampleRate: 1
processManagement:
fork: true
pidFilePath: "data/mongodb/data/27017/mongod.pid"
net:
port: 27017
bindIp: 127.0.0.1,10.0.0.3
replication:
oplogSizeMB: 20480
replSetName: test
security:
authorization: enabled
keyFile: "/data/mongodb/conf/27017/keyfile"
EOF
-
6.启动MongoDB
#分别启动三台mongodb,先启动主,再到从,再到仲裁。
root # mongod --config /data/mongodb/conf/27017/mongodb.conf
复制集群搭建
1.初始化主节点,登录mongodb的10.0.0.1:27017节点
root # mongo 127.0.0.1 -port 27017
#执行初始化主节点SQL
> rs.initiate()
test:SECONDARY> rs.isMaster().ismaster
#查看复制集状态
test:PRIMARY> rs.status().members
2.配置用户认证
- 创建用户规范
-
管理用户为admin,密码为admin,认证库默认为admin
#登录mongodb的27017节点
root # mongo 127.0.0.1 -port 27017
#进入admin库
test:PRIMARY> use admin
#创建admin用户,密码为admin,认证库为admin
test:PRIMARY> db.createUser({user:"admin",pwd:"admin",roles:[{role:"userAdminAnyDatabase",db:"admin"}]})
#认证这个用户
test:PRIMARY> db.auth("admin","admin")
#为admin这个用户授予最高权限
test:PRIMARY> db.grantRolesToUser("admin",[{role:"root",db:"admin"}])
#查看admin用户的权限信息
test:PRIMARY> db.getUser("admin")
#退出登录
cpos:PRIMARY> exit
-
3.添加副本和仲裁节点,添加副本以及仲裁节点,必须使用管理员权限的用户进行登录执行。
#使用admin用户登录
[root@MongoDB/data/mongodb/conf/27017]# mongo -port 27017 -u "admin" -p "admin" --authenticationDatabase "admin"
#添加副本
test:PRIMARY> rs.add("10.0.0.2:27017")
#添加仲裁节点
test:PRIMARY> rs.addArb("10.0.0.3:27017")
#查看集群状态
test:PRIMARY> rs.status().members
[
{
"_id" : 0,
"name" : "10.0.0.1:27017",
"health" : 1,
"state" : 1,
"stateStr" : "PRIMARY",
"uptime" : 1304,
"optime" : {
"ts" : Timestamp(1638327035, 1),
"t" : NumberLong(1)
},
"optimeDate" : ISODate("2024-09-01T02:50:35Z"),
"syncSourceHost" : "",
"syncSourceId" : -1,
"infoMessage" : "",
"electionTime" : Timestamp(1638326325, 2),
"electionDate" : ISODate("2024-09-01T02:38:45Z"),
"configVersion" : 3,
"configTerm" : 1,
"self" : true,
"lastHeartbeatMessage" : ""
},
{
"_id" : 1,
"name" : "10.0.0.2:27017",
"health" : 1,
"state" : 2,
"stateStr" : "SECONDARY",
"uptime" : 72,
"optime" : {
"ts" : Timestamp(1638327025, 1),
"t" : NumberLong(1)
},
"optimeDurable" : {
"ts" : Timestamp(1638327025, 1),
"t" : NumberLong(1)
},
"optimeDate" : ISODate("2024-09-01T02:50:25Z"),
"optimeDurableDate" : ISODate("2024-09-01T02:50:25Z"),
"lastHeartbeat" : ISODate("2024-09-01T02:50:35.324Z"),
"lastHeartbeatRecv" : ISODate("2024-09-01T02:50:35.421Z"),
"pingMs" : NumberLong(0),
"lastHeartbeatMessage" : "",
"syncSourceHost" : "10.0.0.1:27017",
"syncSourceId" : 0,
"infoMessage" : "",
"configVersion" : 3,
"configTerm" : 1
},
{
"_id" : 2,
"name" : "10.0.0.3:27017",
"health" : 1,
"state" : 7,
"stateStr" : "ARBITER",
"uptime" : 30,
"lastHeartbeat" : ISODate("2024-09-01T02:50:35.401Z"),
"lastHeartbeatRecv" : ISODate("2024-09-01T02:50:35.661Z"),
"pingMs" : NumberLong(0),
"lastHeartbeatMessage" : "",
"syncSourceHost" : "",
"syncSourceId" : -1,
"infoMessage" : "",
"configVersion" : 3,
"configTerm" : 1
}
]