mongodb 3.2.11 副本集 安装日志 主从仲裁

====================================================
系统环境: CentOS release 6.2+
安装软件: mongodb-linux-x86_64-rhel62-3.2.11.tgz

一、mongodb3 副本集规划
副本集名称: testrs   (项目中根据实际情况修改) 
以 192.168.100.x 为例

1.1 集群规划
192.168.100.1:27017  主
192.168.100.2:27017  从
192.168.100.3:27017  仲裁 - 不保存业务数据,节约硬盘空间

1.2 服务器目录规划
/home/mongodb3 mongodb-home目录
|_ bin    命令目录
|_ conf	  配置目录
|_ data   数据目录 - 可建立符号链接 指向nas/其他目录 
  |_ master  主     
  |_ slaver  从   
  |_ arbiter 仲裁     
|_ log  mongodb运行日志目录 - 可建立符号链接 指向其他目录
  
1.3 用户
以 mongodb3 用户名为例(项目中根据实际情况定):
# useradd mongodb3
  

二、操作系统配置
使用 root 用户登录 

2.1 如果启用了iptables,将27001端口加入防火墙

# vi /etc/sysconfig/iptables
下面一行内容加在COMMIT之前
-------------------------------------------
-A INPUT -p tcp --dport 27001 -j ACCEPT
-------------------------------------------

重启防火墙
# service iptables restart

2.2 大内存页面redhat_transparent_hugepage参数设置为never
先查看该参数值
# cat /sys/kernel/mm/redhat_transparent_hugepage/enabled
[always] madvise never
# cat /sys/kernel/mm/redhat_transparent_hugepage/defrag
[always] madvise never


配置disable-transparent-hugepages服务
# vi /etc/init.d/disable-transparent-hugepages
-------------------------------------------
#!/bin/bash
### BEGIN INIT INFO
# Provides: disable-transparent-hugepages
# Required-Start: $local_fs
# Required-Stop:
# X-Start-Before: mongod mongodb-mms-automation-agent
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Disable Linux transparent huge pages
# Description: Disable Linux transparent huge pages, to improve
# database performance.
### END INIT INFO

case $1 in
  start)
    if [ -d /sys/kernel/mm/transparent_hugepage ]; then
      thp_path=/sys/kernel/mm/transparent_hugepage
    elif [ -d /sys/kernel/mm/redhat_transparent_hugepage ]; then
      thp_path=/sys/kernel/mm/redhat_transparent_hugepage
    else
      return 0
    fi

    echo 'never' > ${thp_path}/enabled
    echo 'never' > ${thp_path}/defrag

    re='^[0-1]+$'
    if [[ $(cat ${thp_path}/khugepaged/defrag) =~ $re ]]
    then
      # RHEL 7
      echo 0 > ${thp_path}/khugepaged/defrag
    else
      # RHEL 6
      echo 'no' > ${thp_path}/khugepaged/defrag
    fi

    unset re
    unset thp_path
    ;;
esac
-------------------------------------------


对该服务器授权,并设置 开机自启动
# chmod 755 /etc/init.d/disable-transparent-hugepages
# chkconfig --add disable-transparent-hugepages

启动并检查该参数是否已经生效
# service disable-transparent-hugepages start
# cat /sys/kernel/mm/redhat_transparent_hugepage/enabled
always madvise [never]
# cat /sys/kernel/mm/redhat_transparent_hugepage/defrag
always madvise [never]


2.3 配置mongodb用户的ulimit
# vi /etc/security/limits.conf 
以用户名为mongodb3为例,在 # End of file 前添加
-------------------------------------------
mongodb3 hard nofile 64000
mongodb3 soft nofile 64000
mongodb3 hard nproc 64000
mongodb3 soft nproc 64000
-------------------------------------------

2.4 系统参数调优
# vi /etc/sysctl.conf 
追加如下内容
-------------------------------------------
net.core.somaxconn = 4096
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_intvl = 30
net.ipv4.tcp_keepalive_time = 120
net.ipv4.tcp_max_syn_backlog = 4096

vm.dirty_ratio = 15
vm.dirty_background_ratio = 5
vm.swappiness = 1
-------------------------------------------

使上述配置生效
# /sbin/sysctl -p

三、安装mongodb
3.1 获取 mongodb 3.2.11 RHEL 6 Linux 软件安装包
# su - mongodb3 
# pwd
/home/mongodb3

$ wget  https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-rhel62-3.2.11.tgz

3.2 解压安装包 并 创建响应目录(或者建立相应的符号链接)
$ tar -xvf mongodb-linux-x86_64-rhel62-3.2.11.tgz
$ mv mongodb-linux-x86_64-rhel62-3.2.8 mongodb-3.2.11
$ ln -s mongodb-3.2.11/bin bin
$ mkdir conf log
$ mkdir -p data/master data/slaver data/arbiter

3.3 创建配置文件 conf/master.conf conf/slaver.conf conf/arbiter.conf
$ vi conf/master.conf
-------------------------------------------
dbpath=/home/mongodb3/data/master
logpath=/home/mongodb3/log/master.log
pidfilepath=/home/mongodb3/log/master.pid
directoryperdb=true
logappend=true
replSet=testrs
bind_ip=192.168.100.1,localhost
port=27017
#oplogSize:10G
oplogSize=10240
fork=true
#keyFile = /home/mongodb3/conf/keyfile
-------------------------------------------

注:
* conf/slaver.conf 和 conf/arbiter.conf 类似,除了
bind_ip=192.168.100.1,localhost
这一行,将ip修改为服务器ip

* oplogSize 一般取硬盘可用空间的 5%
* replSet 副本集名称根据实际情况定,全文保持一致

3.4 创建启动脚本 start-master.sh start-slaver.sh start-arbiter.sh
$ vi start-master.sh 
-------------------------------------------
# !/bin/sh
cd `dirname $0`
bin/mongod -f conf/master.conf
-------------------------------------------

$ vi start-slaver.sh 
-------------------------------------------
# !/bin/sh
cd `dirname $0`
bin/mongod -f conf/slaver.conf 
-------------------------------------------

$ vi start-arbiter.sh 
-------------------------------------------
# !/bin/sh
cd `dirname $0`
bin/mongod -f conf/arbiter.conf
-------------------------------------------

赋予执行权限
$ chmod +x *.sh

3.5 启动/停止
在主节点上启动:
$ ./start-master.sh 

在备节点上启动
$ ./start-slaver.sh 

在仲裁服务器上启动
$ ./start-arbiter.sh 

通过端口号查看启动是否成功
$ netstat -lanp | grep 27017

使用mongo客户端访问一下主数据库
$ bin/mongo 192.168.100.1

停止数据库
$ killall mongod

3.6 配置副本集
登录主节点,配置并初始化副本集。
$ bin/mongo

> cfg={ _id:"testrs", members:[ 
{_id:0, host:'192.168.100.1:27017', priority:20}, 
{_id:1, host:'192.168.100.2:27017', priority:10},   
{_id:2, host:'192.168.100.3:27017', arbiterOnly:true}] }
 
> rs.initiate(cfg) 

> rs.status()

3.7 启用密码验证功能
3.7.1 登录主节点,并创建管理员 用户名/密码: root/123456 
-------------------------------------------
> db.createUser(
 {
 user:"root",
 pwd:"123456",
 roles:[{role:"userAdminAnyDatabase",db:"admin"}]
 }
 )
 
> db.grantRolesToUser("root",[{role:"clusterManager",db:"admin"}])
db.grantRolesToUser("root",[{role:"clusterAdmin",db:"admin"}])
db.grantRolesToUser("root",[{role:"clusterMonitor",db:"admin"}])
db.grantRolesToUser("root",[{role:"hostManager",db:"admin"}])
db.grantRolesToUser("root",[{role:"userAdminAnyDatabase",db:"admin"}])
db.grantRolesToUser("root",[{role:"readWrite",db:"admin"}]);
db.grantRolesToUser("root",[{role:"backup",db:"admin"}])
db.grantRolesToUser("root",[{role:"restore",db:"admin"}])
-------------------------------------------

注:
roles 角色:
- 数据库用户角色:read、readWrite;
- 数据库管理角色:dbAdmin、dbOwner、userAdmin;
- 集群管理角色:clusterAdmin、clusterManager、clusterMonitor、hostManager;
- 备份恢复角色:backup、restore;
- 所有数据库角色:readAnyDatabase、readWriteAnyDatabase、userAdminAnyDatabase、dbAdminAnyDatabase
- 超级用户角色:root
      
      
3.7.2 创建普通用户 
例如创建 user/123456  db:logevents 权限:readWrite

> use logevents
> db.createUser(
 {
 user:"user",
 pwd:"123456",
 roles:[{role:"readWrite",db:"logevents"}]
 }
 )

3.7.3  创建Keyfile,并分别复制到各节点的指定目录(创建一次,然后复制到其他节点)
# cd /home/mongodb3
# openssl rand -base64 741 > conf/keyfile
# chmod 600 conf/keyfile

重新修改 conf/*.conf 文件,将以下这个参数配置注释去掉,使其生效。
keyFile=/home/mongodb3/conf/keyfile

关闭所有进程,并重新启动进程。然后通过命令进行登录验证。

-------------------------------------------
[echo@EchoMa mongodb3]$ mongo localhost:27017/admin -u root -p 
MongoDB shell version: 3.2.11
Enter password: 
connecting to: localhost:27017/admin
-------------------------------------------


END

参考 
https://yq.aliyun.com/articles/63223
https://docs.mongodb.com/v3.2/reference/ulimit/#recommended-ulimit-settings
Tuning Linux for MongoDB
====================================================

No Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

粤ICP备15062915号-1