1.集群规划
数据节点1: 192.168.81.95 端口:27017
数据节点2: 192.168.81.96 端口:27017
仲裁节点: 192.168.81.100 端口:27017
2.配置文件(/etc/mongod.conf)
##数据节点1: 192.168.81.95
systemLog:
destination: file
path: "/var/log/mongodb/mongod.log"
logAppend: true
storage:
journal:
enabled: true
dbPath: /home/aspire/apps/mongodb/data
setParameter:
enableLocalhostAuthBypass: false
replication:
replSetName: rspoint
processManagement:
fork: true
security:
authorization: enabled
keyFile: "/home/aspire/apps/mongodb/data/security/mongodb-keyfile"
#------------------------------------------------------
##数据节点2: 192.168.81.96
systemLog:
destination: file
path: "/var/log/mongodb/mongod.log"
logAppend: true
storage:
journal:
enabled: true
dbPath: /home/aspire/apps/mongodb/data
setParameter:
enableLocalhostAuthBypass: false
replication:
replSetName: rspoint
processManagement:
fork: true
security:
authorization: enabled
keyFile: "/home/aspire/apps/mongodb/data/security/mongodb-keyfile"
#------------------------------------------------------
##仲裁节点: 192.168.81.100
systemLog:
destination: file
path: "/var/log/mongodb/mongod.log"
logAppend: true
storage:
journal:
enabled: false
dbPath: /home/aspire/apps/mongodb/data
processManagement:
fork: true
setParameter:
enableLocalhostAuthBypass: false
replication:
replSetName: rspoint
security:
authorization: enabled
keyFile: "/home/aspire/apps/mongodb/data/security/mongodb-keyfile"
3.创建相关目录并授权
#root用户创建日志目录:
mkdir /var/log/mongodb/
chown -R aspire:aspire /var/log/mongodb/
#aspire用户创建数据目录
mkdir -p /home/aspire/apps/mongodb/data
4.分别依次启动三个节点
mongod --config /etc/mongod.conf
5.连接到节点1,初始化集群
mongo
rs.initiate()
> rs.initiate()
{
"info2" : "no configuration specified. Using a default configuration for the set",
"me" : "BJ-YZ-103R-81-96:27017",
"ok" : 1
}
6.查看集群配置
rs.conf()
rspoint:OTHER> rs.conf()
{
"_id" : "rspoint",
"version" : 1,
"protocolVersion" : NumberLong(1),
"members" : [
{
"_id" : 0,
"host" : "BJ-YZ-103R-81-96:27017",
"arbiterOnly" : false,
"buildIndexes" : true,
"hidden" : false,
"priority" : 1,
"tags" : {
},
"slaveDelay" : NumberLong(0),
"votes" : 1
}
],
"settings" : {
"chainingAllowed" : true,
"heartbeatIntervalMillis" : 2000,
"heartbeatTimeoutSecs" : 10,
"electionTimeoutMillis" : 10000,
"getLastErrorModes" : {
},
"getLastErrorDefaults" : {
"w" : 1,
"wtimeout" : 0
}
}
}
7.将另外两个节点加入到集群
rs.add("BJ-YZ-103R-81-96")
rs.addArb("BJ-YZ-103R-81-100")
8.检查集群状态
rs.status()
9.创建用户
先把配置文件中security部分去掉,并重启
--创建管理用户
use admin
db.createUser(
{
user: "root",
pwd: "root",
roles: [ { role: "root", db: "admin" } ]
}
)
mongo -u "admin" -p "ptadmin" --authenticationDatabase "admin"
mongo -u "root" -p "root" --authenticationDatabase "admin"
--创建应用用户
use point
db.createUser(
{
user: "point",
pwd: "point",
roles: [
{ role: "read", db: "point" },
{ role: "readWrite", db: "point" }
]
}
)
mongo -u "test" -p "test" --authenticationDatabase "test" 192.168.81.95:27017
mongo -u "point" -p "point" --authenticationDatabase "point" 192.168.81.95:27017
10.集群间安全认证
--创建keyfile
openssl rand -base64 741 > /home/aspire/apps/mongodb/data/security/mongodb-keyfile
chmod 600 /home/aspire/apps/mongodb/data/security/mongodb-keyfile
将mongodb-keyfile上传到另外两个节点相同目录下,重启
11.python连接mongodb测试
from pymongo import MongoClient
client = MongoClient('192.168.81.95',27017)
db = client.point
db.authenticate('point', 'point', source='point')
collection = db.alerts
for i in range(10000):
collection.insert({"foo":"bar","baz":i,"z":10 - i})
数据节点1: 192.168.81.95 端口:27017
数据节点2: 192.168.81.96 端口:27017
仲裁节点: 192.168.81.100 端口:27017
2.配置文件(/etc/mongod.conf)
##数据节点1: 192.168.81.95
systemLog:
destination: file
path: "/var/log/mongodb/mongod.log"
logAppend: true
storage:
journal:
enabled: true
dbPath: /home/aspire/apps/mongodb/data
setParameter:
enableLocalhostAuthBypass: false
replication:
replSetName: rspoint
processManagement:
fork: true
security:
authorization: enabled
keyFile: "/home/aspire/apps/mongodb/data/security/mongodb-keyfile"
#------------------------------------------------------
##数据节点2: 192.168.81.96
systemLog:
destination: file
path: "/var/log/mongodb/mongod.log"
logAppend: true
storage:
journal:
enabled: true
dbPath: /home/aspire/apps/mongodb/data
setParameter:
enableLocalhostAuthBypass: false
replication:
replSetName: rspoint
processManagement:
fork: true
security:
authorization: enabled
keyFile: "/home/aspire/apps/mongodb/data/security/mongodb-keyfile"
#------------------------------------------------------
##仲裁节点: 192.168.81.100
systemLog:
destination: file
path: "/var/log/mongodb/mongod.log"
logAppend: true
storage:
journal:
enabled: false
dbPath: /home/aspire/apps/mongodb/data
processManagement:
fork: true
setParameter:
enableLocalhostAuthBypass: false
replication:
replSetName: rspoint
security:
authorization: enabled
keyFile: "/home/aspire/apps/mongodb/data/security/mongodb-keyfile"
3.创建相关目录并授权
#root用户创建日志目录:
mkdir /var/log/mongodb/
chown -R aspire:aspire /var/log/mongodb/
#aspire用户创建数据目录
mkdir -p /home/aspire/apps/mongodb/data
4.分别依次启动三个节点
mongod --config /etc/mongod.conf
5.连接到节点1,初始化集群
mongo
rs.initiate()
> rs.initiate()
{
"info2" : "no configuration specified. Using a default configuration for the set",
"me" : "BJ-YZ-103R-81-96:27017",
"ok" : 1
}
6.查看集群配置
rs.conf()
rspoint:OTHER> rs.conf()
{
"_id" : "rspoint",
"version" : 1,
"protocolVersion" : NumberLong(1),
"members" : [
{
"_id" : 0,
"host" : "BJ-YZ-103R-81-96:27017",
"arbiterOnly" : false,
"buildIndexes" : true,
"hidden" : false,
"priority" : 1,
"tags" : {
},
"slaveDelay" : NumberLong(0),
"votes" : 1
}
],
"settings" : {
"chainingAllowed" : true,
"heartbeatIntervalMillis" : 2000,
"heartbeatTimeoutSecs" : 10,
"electionTimeoutMillis" : 10000,
"getLastErrorModes" : {
},
"getLastErrorDefaults" : {
"w" : 1,
"wtimeout" : 0
}
}
}
7.将另外两个节点加入到集群
rs.add("BJ-YZ-103R-81-96")
rs.addArb("BJ-YZ-103R-81-100")
8.检查集群状态
rs.status()
9.创建用户
先把配置文件中security部分去掉,并重启
--创建管理用户
use admin
db.createUser(
{
user: "root",
pwd: "root",
roles: [ { role: "root", db: "admin" } ]
}
)
mongo -u "admin" -p "ptadmin" --authenticationDatabase "admin"
mongo -u "root" -p "root" --authenticationDatabase "admin"
--创建应用用户
use point
db.createUser(
{
user: "point",
pwd: "point",
roles: [
{ role: "read", db: "point" },
{ role: "readWrite", db: "point" }
]
}
)
mongo -u "test" -p "test" --authenticationDatabase "test" 192.168.81.95:27017
mongo -u "point" -p "point" --authenticationDatabase "point" 192.168.81.95:27017
10.集群间安全认证
--创建keyfile
openssl rand -base64 741 > /home/aspire/apps/mongodb/data/security/mongodb-keyfile
chmod 600 /home/aspire/apps/mongodb/data/security/mongodb-keyfile
将mongodb-keyfile上传到另外两个节点相同目录下,重启
11.python连接mongodb测试
from pymongo import MongoClient
client = MongoClient('192.168.81.95',27017)
db = client.point
db.authenticate('point', 'point', source='point')
collection = db.alerts
for i in range(10000):
collection.insert({"foo":"bar","baz":i,"z":10 - i})
来自 “ ITPUB博客 ” ,链接:http://blog.itpub.net/10972173/viewspace-1990721/,如需转载,请注明出处,否则将追究法律责任。
转载于:http://blog.itpub.net/10972173/viewspace-1990721/