一、准备工作
- 创建项目目录
bash
mkdir mongodb-replica
cd mongodb-replica- 创建必要的子目录
bash
mkdir scripts
mkdir data二、生成密钥文件
- 生成MongoDB密钥文件
bash
openssl rand -base64 756 > mongodb-keyfile
chmod 400 mongodb-keyfile三、创建初始化脚本
- 创建setup.sh脚本
bash
touch scripts/setup.sh
chmod +x scripts/setup.sh- 编写setup.sh内容
bash
#!/bin/bash
sleep 30
mongosh --host mongo1:27017 -u root -p example --authenticationDatabase admin <<EOF
rs.initiate({
_id: "myReplicaSet",
members: [
{ _id: 0, host: "mongo1:27017" },
{ _id: 1, host: "mongo2:27017" },
{ _id: 2, host: "mongo3:27017" }
]
})
EOF四、配置Docker Compose
- 创建docker-compose.yml文件
yaml
version: '3.8'
services:
mongo1:
image: mongo:latest
container_name: mongo1
command: mongod --replSet myReplicaSet --bind_ip 0.0.0.0 --keyFile /data/mongodb-keyfile
networks:
- mongo-replica
ports:
- "27017:27017"
volumes:
- ./data/mongo1:/data/db
- ./mongodb-keyfile:/data/mongodb-keyfile:ro
restart: always
environment:
MONGO_INITDB_ROOT_USERNAME: root
MONGO_INITDB_ROOT_PASSWORD: example
healthcheck:
test: echo 'db.runCommand("ping").ok' | mongosh --quiet --eval "db.runCommand('ping').ok" localhost:27017/admin -u root -p example
interval: 10s
timeout: 5s
retries: 3
start_period: 30s
mongo2:
image: mongo:latest
container_name: mongo2
command: mongod --replSet myReplicaSet --bind_ip 0.0.0.0 --keyFile /data/mongodb-keyfile
networks:
- mongo-replica
ports:
- "27018:27017"
volumes:
- ./data/mongo2:/data/db
- ./mongodb-keyfile:/data/mongodb-keyfile:ro
restart: always
environment:
MONGO_INITDB_ROOT_USERNAME: root
MONGO_INITDB_ROOT_PASSWORD: example
healthcheck:
test: echo 'db.runCommand("ping").ok' | mongosh --quiet --eval "db.runCommand('ping').ok" localhost:27017/admin -u root -p example
interval: 10s
timeout: 5s
retries: 3
start_period: 30s
depends_on:
mongo1:
condition: service_healthy
mongo3:
image: mongo:latest
container_name: mongo3
command: mongod --replSet myReplicaSet --bind_ip 0.0.0.0 --keyFile /data/mongodb-keyfile
networks:
- mongo-replica
ports:
- "27019:27017"
volumes:
- ./data/mongo3:/data/db
- ./mongodb-keyfile:/data/mongodb-keyfile:ro
restart: always
environment:
MONGO_INITDB_ROOT_USERNAME: root
MONGO_INITDB_ROOT_PASSWORD: example
healthcheck:
test: echo 'db.runCommand("ping").ok' | mongosh --quiet --eval "db.runCommand('ping').ok" localhost:27017/admin -u root -p example
interval: 10s
timeout: 5s
retries: 3
start_period: 30s
depends_on:
mongo1:
condition: service_healthy
mongo-setup:
image: mongo:latest
container_name: mongo-setup
restart: on-failure
networks:
- mongo-replica
depends_on:
mongo1:
condition: service_healthy
mongo2:
condition: service_healthy
mongo3:
condition: service_healthy
volumes:
- ./scripts:/scripts
- ./mongodb-keyfile:/data/mongodb-keyfile:ro
entrypoint: [ "bash", "/scripts/setup.sh" ]
networks:
mongo-replica:
driver: bridge五、启动服务
- 启动MongoDB副本集
bash
docker-compose up -d- 查看服务状态
bash
docker-compose ps六、验证配置
- 检查副本集状态
bash
docker exec mongo1 mongosh --eval "rs.status()" -u root -p example- 测试写入操作
bash
docker exec mongo1 mongosh -u root -p example --eval '
db = db.getSiblingDB("test");
db.test.insertOne({x: 1});
'七、重要说明
- 端口映射
- mongo1: 27017
- mongo2: 27018
- mongo3: 27019
- 认证信息
- 用户名:root
- 密码:example
- 认证数据库:admin
- 数据持久化
- 数据存储在
./data目录下 - 每个节点有独立的子目录
- 安全注意事项
- 密钥文件权限必须为400
- 生产环境建议修改默认密码
- 建议配置防火墙规则
八、常见问题处理
- 服务无法启动
- 检查端口占用
- 检查目录权限
- 检查密钥文件权限
- 副本集初始化失败
- 检查网络连接
- 检查认证信息
- 检查setup.sh脚本权限
- 数据同步问题
- 检查节点健康状态
- 检查网络连接
- 检查日志信息
九、维护建议
- 定期备份
- 使用mongodump进行数据备份
- 保存配置文件
- 记录集群状态
- 监控
- 监控节点状态
- 监控数据同步
- 监控系统资源
- 更新维护
- 定期更新MongoDB版本
- 检查安全补丁
- 优化配置参数