MongoDB 复制集管理
1.配置允许在从节点读取数据
默认MongoDB 复制集的从节点不能读取数据,可以使用 rs.slaveOk() 命令允许能够在从节点读取数据。
abc:PRIMARY> show dbs #在主节点上可以读取数据
admin 0.000GB
config 0.000GB
local 0.000GB
school 0.000GB
abc:PRIMARY> exit
bye
[root@localhost logs]# mongo --port 27018 #进入端口为27018 的从节点
MongoDB shell version v3.6.7
connecting to: mongodb://127.0.0.1:27018/
abc:SECONDARY> show dbs #查看数据库
2018-09-13T14:55:03.037+0800 E QUERY [thread1] Error: listDatabases failed:{ #无法读取数据
"operationTime" : Timestamp(1536821694, 1),
"ok" : 0,
"errmsg" : "not master and slaveOk=false",
abc:SECONDARY> rs.slaveOk() #使用命令 rs.slaveOk() 命令允许能够在从节点读取数据
abc:SECONDARY> show dbs
admin 0.000GB
config 0.000GB
local 0.000GB
school 0.000GB
abc:SECONDARY>
2.查看复制状态信息
abc:SECONDARY> rs.help()
rs.printReplicationInfo() check oplog size and time range
rs.printSlaveReplicationInfo() check replica set members and replication lagabc:SECONDARY> rs.printReplicationInfo() #查看日志大小和时间范围
configured oplog size: 990MB
log length start to end: 3482secs (0.97hrs)
oplog first event time: Thu Sep 13 2018 14:12:02 GMT+0800 (CST)
oplog last event time: Thu Sep 13 2018 15:10:04 GMT+0800 (CST)
now: Thu Sep 13 2018 15:10:06 GMT+0800 (CST)
abc:SECONDARY> rs.printSlaveReplicationInfo() #查看那些从节点复制数据
source: 192.168.213.184:27018
syncedTo: Thu Sep 13 2018 15:11:54 GMT+0800 (CST)
0 secs (0 hrs) behind the primary
source: 192.168.213.184:27019
syncedTo: Thu Sep 13 2018 15:11:54 GMT+0800 (CST)
0 secs (0 hrs) behind the primary由此可看出仲裁节点并不具备数据复制
3. .更改oplog 大小
oplog 即 opreations 的缩写,存储在 local 数据库中。oplog 中新操作会自动替换旧的操作,以保证 oplog 不会超过预设的大小。默认情况下。oplog 大小会占用64位的实例5% 的磁盘空间。尽量保证主节点的oplog 足够大,能够存放相当长时间的操作记录。
(1)首先关闭从节点服务器,从复制集中退出,暂时成为单实例
abc:SECONDARY> use admin
switched to db adminabc:SECONDARY> db.shutdownServer() #关闭服务
server should be down...[root@localhost logs]# vim /etc/mongod2.conf #更改实例2 的配置文件
port: 27028 #端口号更改
#replication:
# replSetName: abc #注销复制集
(2)以端口号为 27028 进入数据库
[root@localhost logs]# mongod -f /etc/mongod2.conf
about to fork child process, waiting until server is ready for connections.
forked process: 40575
child process started successfully, parent exiting
[root@localhost logs]# mongo --port 27028
MongoDB shell version v3.6.7
connecting to: mongodb://127.0.0.1:27028/
(3)对oplog 进行完全备份
[root@localhost logs]# mongodump --port 27028 --db local --collection 'oplog.rs'
2018-09-13T15:30:19.876+0800 writing local.oplog.rs to
2018-09-13T15:30:19.881+0800 done dumping local.oplog.rs (376 documents)
(4)删除原有的日志文件
> use local
switched to db local
> show tables
me
oplog.rs
replset.election
replset.minvalid
replset.oplogTruncateAfterPoint
startup_log
system.replset
system.rollback.id
> db.oplog.rs.drop()
true
> db.runCommand({create:"oplog.rs",capped:true,size:(2 * 1024 * 1024 * 1024)}) #原型创建 oplog.rs 指定大小
{ "ok" : 1 }
> use admin
switched to db admin
> db.shutdownServer() #关闭服务
server should be down...
(5)把独立的实例 mongodb2 恢复到复制集,登录。
> exit
bye
[root@localhost logs]# vim /etc/mongod2.conf #把独立的实例 mongodb2 恢复到复制集port: 27018 #把端口号改回为27018
replication: #启用复制集
replSetName: abc
oplogSizeMB: 2048 #指定 oplog 大小[root@localhost logs]# mongod -f /etc/mongod2.conf
about to fork child process, waiting until server is ready for connections.
forked process: 40835
child process started successfully, parent exiting
[root@localhost logs]# mongo --port 27018
MongoDB shell version v3.6.7
connecting to: mongodb://127.0.0.1:27018/abc:SECONDARY> rs.printReplicationInfo()
configured oplog size: 2048MB
log length start to end: 90secs (0.03hrs)
oplog first event time: Thu Sep 13 2018 15:44:15 GMT+0800 (CST)
oplog last event time: Thu Sep 13 2018 15:45:45 GMT+0800 (CST)
now: Thu Sep 13 2018 15:45:54 GMT+0800 (CST)
4 .部署认证复制
(1)
abc:PRIMARY> use admin
switched to db admin
abc:PRIMARY> db.createUser({"user":"root","pwd":"123","roles":["root"]}) #创建用户root 设置密码为 123
Successfully added user: { "user" : "root", "roles" : [ "root" ] }
(2)在每个实例的配置文件中开启认证功能
abc:PRIMARY> exit
bye
[root@localhost logs]# vim /etc/mongod.confsecurity:
keyFile: /usr/bin/abckey1 #验证文件路径
clusterAuthMode: keyFile #验证模式,文件验证[root@localhost logs]# vim /etc/mongod2.conf
security:
keyFile: /usr/bin/abckey2
clusterAuthMode:keyFile[root@localhost logs]# vim /etc/mongod3.conf
security:
keyFile: /usr/bin/abckey3
clusterAuthMode:keyFile[root@localhost logs]# vim /etc/mongod4.conf
security:
keyFile: /usr/bin/abckey4
clusterAuthMode:keyFile
[root@localhost logs]# cd /usr/bin/
[root@localhost bin]# echo "abc key" > abckey1 #生成4个密钥文件
[root@localhost bin]# echo "abc key" > abckey2
[root@localhost bin]# echo "abc key" > abckey3
[root@localhost bin]# echo "abc key" > abckey4
(3)重启4个实例
[root@localhost bin]# chmod 600 abc* # 把文件 abc 权限设置为600
[root@localhost bin]# mongod -f /etc/mongod.conf #启动服务
about to fork child process, waiting until server is ready for connections.
forked process: 41828
child process started successfully, parent exiting
[root@localhost bin]# mongod -f /etc/mongod2.conf --shutdown
killing process with pid: 40835
[root@localhost bin]# mongod -f /etc/mongod2.conf
about to fork child process, waiting until server is ready for connections.
forked process: 42252
child process started successfully, parent exiting
[root@localhost bin]# mongod -f /etc/mongod3.conf --shutdown
killing process with pid: 4881
[root@localhost bin]# mongod -f /etc/mongod3.conf
about to fork child process, waiting until server is ready for connections.
forked process: 42451
child process started successfully, parent exiting
[root@localhost bin]# mongod -f /etc/mongod4.conf --shutdown
killing process with pid: 4909
[root@localhost bin]# mongod -f /etc/mongod4.conf
about to fork child process, waiting until server is ready for connections.
forked process: 42634
child process started successfully, parent exiting
(4)登录主节点服务器验证
[root@localhost bin]# mongo --port 27018
MongoDB shell version v3.6.7
connecting to: mongodb://127.0.0.1:27018/
MongoDB server version: 3.6.7
abc:PRIMARY> show dbs #在主节点查看数据库
2018-09-13T16:49:14.542+0800 E QUERY [thread1] Error: listDatabases failed:{ #无法查询
"operationTime" : Timestamp(1536828545, 1),
"ok" : 0,abc:PRIMARY> rs.status() #查看各节点状态,也无法查询
{
"operationTime" : Timestamp(1536828575, 1),
"ok" : 0,
"errmsg" : "not authorized on admin to execute command { replSetGetStatus: 1.0, $clusterTime: { clusterTime: Timestamp(1536828545, 1), signature: { hash: BinData(0, 40060B8D2AC8AC1AE68D47E9332835D2040120C2), keyId: 6600587920397041666 } }, $db: \"admin\" }",
"code" : 13,
"codeName" : "Unauthorized",
"$clusterTime" : {
"clusterTime" : Timestamp(1536828575, 1),
"signature" : {
"hash" : BinData(0,"gSi7raqiqfKJKSF42wlgu2rvggE="),
"keyId" : NumberLong("6600587920397041666")
}
}
}abc:PRIMARY> use admin #进入admin 数据库
switched to db admin
abc:PRIMARY> db.auth("root","123") #进行身份验证
1
abc:PRIMARY> show dbs #再查看数据库
admin 0.000GB
config 0.000GB
local 0.000GB
school 0.000GB
(5)进入从节点服务器进行验证
[root@localhost bin]# mongo --port 27019
MongoDB shell version v3.6.7
connecting to: mongodb://127.0.0.1:27019/
MongoDB server version: 3.6.7
abc:SECONDARY> show dbs #查看数据库
2018-09-13T16:55:14.429+0800 E QUERY [thread1] Error: listDatabases failed:{
"operationTime" : Timestamp(1536828905, 1),
"ok" : 0,abc:SECONDARY> rs.slaveOk()
abc:SECONDARY> use admin #进行身份验证
switched to db admin
abc:SECONDARY> db.auth("root","123")
1abc:SECONDARY> show dbs
admin 0.000GB
config 0.000GB
local 0.000GB
school 0.000GB