系统优化:
解决方案
前两个warning
WARNING: /sys/kernel/mm/transparent_hugepage/enabled is ‘always’.We suggest setting it to ‘never’
WARNING: /sys/kernel/mm/transparent_hugepage/defrag is ‘always’.We suggest setting it to ‘never’
WARNING: soft rlimits too low. rlimits set to 1024 processes, 65535 files. Number of processes should be at least 32767.5 : 0.5 times number of files.
sudo echo "never" > /sys/kernel/mm/transparent_hugepage/enabled
sudo echo "never" > /sys/kernel/mm/transparent_hugepage/defrag
第三个warning
vim /etc/security/limits.conf
添加一下几行
mongod soft nofile 64000
mongod hard nofile 64000
mongod soft nproc 32000
mongod hard nproc 32000
问题:
The server generated these startup warnings when booting
2023-01-31T10:46:31.604+08:00: Access control is not enabled for the database. Read and write access to data and configuration is unrestricted
解决方案如下:
一、创建管理员
use admin
db.createUser(
{
user: "root", //用户名
pwd: "123.com", //密码
roles: [ { role: "userAdminAnyDatabase", db: "admin" } ] //权限
}
)
二,修改配置文件
添加安全选项
security:
authorization: enabled
三、重启MongoDB服务器
systemctl restart mongod
连接并认证
mongosh 登录后进行验证
test> use admin
admin> db.auth
db.auth
admin> db.auth('root','123.com')
{ ok: 1 }
admin>
mongo --port 27017 -u "root" -p "123.com" --authenticationDatabase "admin"
1
添加额外权限用户
use test
db.createUser(
{
user: "tester",
pwd: "123",
roles: [ { role: "readWrite", db: "test" },
{ role: "read", db: "reporting" } ]
}
)
mongo --port 27017 -u "myTester" -p "xyz123" --authenticationDatabase "test"
MongoDB更新了,使用mongoose也不能简单的建立连接了
必须要添加必要参数
var mongoose = require('mongoose');
var db = mongoose.createConnection('localhost', 'test', 27017, {user: 'tester', pass: '123'});
问题3:
2023-01-31T10:46:31.605+08:00: vm.max_map_count is too low
解决
主要问题就是:Linux Distro Virtual Memory Areas 默认的vm.max_map_count值是65530,太小不足以支撑ELK的运行。需要将该值增大到至少262144。
方法一
进入到你所使用的WSL 2 distro中(本人使用的是Ubuntu 20)
以管理员身份进入
~$ sudo -i
1
编辑sysctl.conf,增加参数
~$ vim /etc/sysctl.conf (需要是root账户)
~$ vm.max_map_count=262144 (文件最后添加一行)
重启
~$ sysctl -p (重启生效)
1
yum 安装
#more /etc/yum.repos.d/mongodb-org-6.repo
[mongodb-org-6.0]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/6.0/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-6.0.asc
yum install mongodb-org -y
单实例基础配置文件
[root@VM-24-6-centos ~]# more /etc/mongod.conf
#####################################################################
# mongod.conf
# for documentation of all options, see:
# http://docs.mongodb.org/manual/reference/configuration-options/
# where to write logging data.
systemLog:
destination: file
logAppend: true
path: /app/mongodb/27017/log/mongod.log
# Where and how to store data.
storage:
dbPath: /app/mongodb/27017/data
journal:
enabled: true
# engine:
# wiredTiger:
# how the process runs
processManagement:
fork: true # fork and run in background
pidFilePath: /app/mongodb/27017/tmp/mongod.pid # location of pidfile
timeZoneInfo: /usr/share/zoneinfo
# network interfaces
net:
port: 27017
bindIp: 127.0.0.1 # Enter 0.0.0.0,:: to bind to all IPv4 and IPv6 addresses or, alternatively, use the net.bindIpAll setting.
#security:
#operationProfiling:
#replication:
#sharding:
## Enterprise-Only Options
#auditLog:
#snmp:
##########################################################################################################################################
使用systemctl 管理mongod
more /usr/lib/systemd/system/mongod.server
[root@VM-24-6-centos ~]# more /usr/lib/systemd/system/mongod.service
[Unit]
Description=MongoDB Database Server
Documentation=https://docs.mongodb.org/manual
After=network-online.target
Wants=network-online.target
[Service]
User=mongod
Group=mongod
Environment="OPTIONS=-f /etc/mongod.conf"
#EnvironmentFile=-/etc/sysconfig/mongod
ExecStart=/usr/bin/mongod $OPTIONS
ExecStartPre=/usr/bin/mkdir -p /app/mongodb/27017
ExecStartPre=/usr/bin/chown mongod:mongod /app/mongodb/27017
ExecStartPre=/usr/bin/chmod 0755 /app/mongodb/27017
PermissionsStartOnly=true
PIDFile=/app/mongodb/27017/tmp/mongod.pid
Type=forking
# file size
LimitFSIZE=infinity
# cpu time
LimitCPU=infinity
# virtual memory size
LimitAS=infinity
# open files
LimitNOFILE=64000
# processes/threads
LimitNPROC=64000
# locked memory
LimitMEMLOCK=infinity
# total threads (user+kernel)
TasksMax=infinity
TasksAccounting=false
# Recommended limits for mongod as specified in
# https://docs.mongodb.com/manual/reference/ulimit/#recommended-ulimit-settings
[Install]
WantedBy=multi-user.target
修改mongod.service文件中的相关目录参数与mongod.conf 中的设置的目录相识
报错排查:
{"t":{"$date":"2023-01-31T10:42:07.856+08:00"},"s":"E", "c":"NETWORK", "id":23024, "ctx":"initandlisten","msg":"Failed to unlink socket file","attr":{"path":"/t
mp/mongodb-27017.sock","error":"Operation not permitted"}}
修改/tmp/mongodb-27017.sock 的属组授权给mongod.mongod
chown mongod.mongod /tmp/mongodb-27017.sock
使用非默认存储路径时需要给数据路径授权
chown mongod.mongod /app/mongodb/ -R
卸载mongodb
systemctl stop mongod
删除安装包
yum erase $(rpm -qa | grep mongodb-org )
删除数据目录
sudo rm -r /var/log/mongodb
sudo rm -r /var/lib/mongo
二、使用tar包进行安装
2.1 安装依赖包
yum install libcurl openssl xz-libs -y
下载地址
https://www.mongodb.com/try/download/community
https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-rhel70-6.0.4.tgz
wget https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-rhel70-6.0.4.tgz