Mongodb副本集部署（Centos7）_dropping all pooled connections to 172.26.0.122:27-CSDN博客

本文链接：https://blog.csdn.net/eijiyey/article/details/123123503

服务器准备

准备三台服务器，以副本集集群方式部署Mongodb，假设服务器如下：

服务器	节点类型	IP地址	端口
Node1	Mongodb服务1（优先级最高，默认为主节点Master）	10.10.4.127	27017
Node2	Mongodb服务2（Slave）	10.10.4.128	27017
Node3	Mongodb服务3（Slave）	10.10.4.129	27017

Mongodb安装

分别在三台服务器上安装Mongodb，安装可参考： Mongodb单机安装（Centos7）
注：三台服务台中的mongodb配置 bind_ip 分别绑定自己服务器对应IP

三台服务器mongodb的配置

10.10.4.127 服务 /usr/local/mongodb/bin/mongodb.conf

dbpath = /usr/local/mongodb/data
logpath = /usr/local/mongodb/logs/mongodb.log
fork = true
logappend = true
noprealloc = true
bind_ip = 10.10.4.127
port = 27017

10.10.4.128 服务 /usr/local/mongodb/bin/mongodb.conf

dbpath = /usr/local/mongodb/data
logpath = /usr/local/mongodb/logs/mongodb.log
fork = true
logappend = true
noprealloc = true
bind_ip = 10.10.4.128
port = 27017

10.10.4.129 服务 /usr/local/mongodb/bin/mongodb.conf

dbpath = /usr/local/mongodb/data
logpath = /usr/local/mongodb/logs/mongodb.log
fork = true
logappend = true
noprealloc = true
bind_ip = 10.10.4.129
port = 27017

副本集集群配置

添加副本集名称

给三台服务服中的 /usr/local/mongodb/bin/mongodb.conf 文件中添加一项配置参数，如下：

# 副本集名称 rs
replSet = rs

例如 10.10.4.127 服务 /usr/local/mongodb/bin/mongodb.conf 配置如下

dbpath = /usr/local/mongodb/data
logpath = /usr/local/mongodb/logs/mongodb.log
fork = true
logappend = true
noprealloc = true
bind_ip = 10.10.4.127
port = 27017
replSet = rs

10.10.4.128，10.10.4.129服务如上添加一项配置。

修改完成后，重新启动三台服务器的mongodb服务。

初始化副本集

初始化前提

确保配置副本集名称后，重启mongodb服务
确保各服务之边网络通信正常，最好关闭每台服务器的防火墙，如下操作

# centos7防火墙关闭命令
$ systemctl stop firewalld
$ systemctl disable firewalld

初始化

连接任意一台服务器中的mongodb服务客户端进行副本集初始化，这里选择10.10.4.127服务器进行副本集初始化

进入mongodb客户端命令行

$ /usr/local/mongodb/bin/mongo 10.10.4.127:27017

mongodb客户端命令行中执行以下语句

> config={
	_id:"rs",
	members:[
        {_id:0,host:"10.10.4.127:27017",priority:3},
        {_id:1,host:"10.10.4.128:27017",priority:2},
        {_id:2,host:"10.10.4.129:27017",priority:1}
	]
}
> rs.initiate(config)

初始化语句说明

_id : 副本集名称rs
members : 副本集的服务器列表
members[0]._id:服务器的唯一ID
members[0].host:服务器IP+mongodb端口号
members[0].priority:优先级，默认为1，优先级0为被动节点，不能成为活跃节点。优先级不为0则按照由大到小选出活跃节点。

设置mongodb结点为可读状态

给三台服务器中，添加 mongorc.js 具体操作如下：

$ vi ~/.mongorc.js

进入vi编辑命令窗口中，添加如下内容

 rs.slaveOk();

保存退出(wq)

开启权限认证

根据需要，开启权限认证

添加认证配置

给三台服务服中的 /usr/local/mongodb/bin/mongodb.conf 文件中添加一项配置参数，如下：

# mongodb访问认证开启
auth = true
# 指定存储身份验证信息的密钥文件的路径。默认缺省。集群之间的安全认证
keyFile = /usr/local/mongodb/keyfile

例如 10.10.4.127 服务 /usr/local/mongodb/bin/mongodb.conf 配置如下

dbpath = /usr/local/mongodb/data
logpath = /usr/local/mongodb/logs/mongodb.log
fork = true
logappend = true
noprealloc = true
bind_ip = 10.10.4.127
port = 27017
replSet = rs
auth = true
keyFile = /usr/local/mongodb/keyfile

10.10.4.128，10.10.4.129服务如上添加一项配置。

keyfile文件生成

在 /usr/local/mongodb/bin/mongodb.conf 文件中配置的 keyFile = /usr/local/mongodb/keyfile 属于一个文件，是mongodb集群之间的安全认证，将keyfile放到集群中每一台mongodb服务机器上，keyfile文件必须保持一致

生成keyfile文件

在随意一台服务器上执行如下命令：

$ openssl rand -base64 745 > /usr/local/mongodb/keyfile
$ cat /usr/local/mongodb/keyfile 
yfd+EkREk/GNW+fIpSiz1i90t1A6P/ndau5DEn5kJKais3IAxFopg9MFi0sewLeN
w6ZlKEGQ3YkcofpYRqH3A47TbGWOrAdsFgqsuoegPcvAysU1I3hG7L2KY6yo0ZSO
X7nqvEN81ggke7WZp4cIzo3Vfhb9vpM81YZ4Q+Z8ooLEsD+KH6fwnGGliHPYTs09
vB+uLnW7UIhnerHZrqn2IW9sPGLWxWf3tf2+2CJe81ly4QU2ivSmY11HISPQCUth
HWlvqkjsqOqYjpn+Xb1GnqaqXuhuO8wO+Yc87QLksOAKzQsbUvygFHaqnWPb5rWb
BkHKrGoVFY9mOwegS8n8oquP2ijni8m2xSC2ofYT9act5YXt5JT7TL88Lhgeg87G
YC+TlqJHGDKR//DCvN/r6govoDYRa76zB6OTuW0p3fq3+lYQvdFjVNtEAMD2fm8F
Zqq1lglppUPvCUdyINFkxbjL3w5y0BRFXobYWmZu26xbb5aXntKtjTOdxvYvlUsB
7LtvN9BMnU9GmCEeZSNtyanP8VMC8Bl4dZr/x/jeGNzsXPvLzL+NTDeX2kB67ys4
DIzNz20bnfdWlVPVgFnK3/TrvxWZuUIxtrqfjkd3H5RcjHbdlzwMRgVFkXn8ElvX
CWygC+AF7hkwUPr+Z0WisqoZVKetoCb0M/6WyvUMwfU7ARyYN5O2gvKv9C0Bt4/p
YCp38Vt/Wc1Df6CPdI5VS08f5++sfo+gDRrWgdy1pdUpHcsbtMr2BYPp8BdPFFwM
ZbLTE83RH1Nu8zuyKjR5re6x9B2sbJ/v4dxn4bYojaDb4EDF6FMpQPp8cOCm+oGr
aA2ATxBmz8VsE1XYX4/1H2x/K7+eD9j4ufHJY1Bsj/wMOO+6M51Ici0FQTCZLyXO
cxYNcmn/0wV8ald9oPUz7ZUQTLmmdhOIRURns1mpO71BcNW15snON3RYeIXztJ4e
yp1Ycl+bKl4t1EZnkXf/ofcj8oMddj4BRA==

执行完以上命令后，将在目录 /usr/local/mongodb 下生成一个 keyfile 文件

keyfile文件授权

注：必须给keyfile文件授权为 600，权限不能太高，太高时mongodb服务启动会失败。

keyfile 文件授权命令如下：

$ chmod 600 /usr/local/mongodb/keyfile

附: keyfile文件权限不能过大，过大时启会报错，如下报错信息

$ /usr/local/mongodb/bin/mongod -f /usr/local/mongodb/bin/mongodb.conf
note: noprealloc may hurt performance in many applications
about to fork child process, waiting until server is ready for connections.
forked process: 12400
ERROR: child process failed, exited with error number 1
To see additional information in this output, start without the "--fork" option.
$ tail logs/mongodb.log 
2022-02-23T23:28:50.165+0800 I ASIO     [NetworkInterfaceASIO-Replication-0] Dropping all pooled connections to 172.22.17.94:27017 due to failed operation on a connection
2022-02-23T23:28:50.165+0800 I REPL_HB  [replexec-3] Error in heartbeat (requestId: 634) to 172.22.17.94:27017, response status: HostUnreachable: Connection refused
2022-02-23T23:28:50.166+0800 I ASIO     [NetworkInterfaceASIO-Replication-0] Connecting to 172.22.17.94:27017
2022-02-23T23:28:50.166+0800 I ASIO     [NetworkInterfaceASIO-Replication-0] Failed to connect to 172.22.17.94:27017 - HostUnreachable: Connection refused
2022-02-23T23:28:50.166+0800 I ASIO     [NetworkInterfaceASIO-Replication-0] Dropping all pooled connections to 172.22.17.94:27017 due to failed operation on a connection
2022-02-23T23:28:50.167+0800 I REPL_HB  [replexec-5] Error in heartbeat (requestId: 637) to 172.22.17.94:27017, response status: HostUnreachable: Connection refused
2022-02-23T23:28:50.167+0800 I REPL     [replexec-5] Member 172.22.17.94:27017 is now in state RS_DOWN
2022-02-23T23:28:53.829+0800 I REPL     [SyncSourceFeedback] SyncSourceFeedback error sending update to 172.22.17.94:27017: InvalidSyncSource: Sync source was cleared. Was 172.22.17.94:27017
2022-02-23T23:46:52.243+0800 I CONTROL  [main] ***** SERVER RESTARTED *****
2022-02-23T23:46:52.246+0800 I ACCESS   [main] permissions on /usr/local/mongodb/keyfile are too open