1.簡介
MongoDB集群有三種方式:Replica Set操软、Sharding予颤、Master-Slaver。Replica Set是副本集的方式做高可用集群生棍,Sharding是數(shù)據(jù)分片颤霎,如果數(shù)據(jù)量大可以使用這種方式。Master-Slaver官方已經(jīng)不推薦使用了。
本篇只介紹Replica Set的方式友酱。數(shù)據(jù)分片將來單獨寫一篇介紹晴音。
1.2 Replica Set的兩種節(jié)點
Replica Set的節(jié)點分為兩種:Primary和Secondary。他們都包含完整的數(shù)據(jù)缔杉,Primary節(jié)點為客戶端提供讀寫服務(wù)锤躁,Secondary節(jié)點作為數(shù)據(jù)備份。如果Primary節(jié)點掛了或详,集群會選出一個Secondary節(jié)點作為Primary節(jié)點繼續(xù)提供讀寫服務(wù)系羞。
1.3. Replica Set的讀寫分離
默認(rèn)Secondary節(jié)點不提供讀服務(wù),如果讀的量非常大霸琴,并且允許客戶端讀取過時的臟數(shù)據(jù)椒振,那么客戶端可以直接連接到Secondary節(jié)點,設(shè)置Secondary節(jié)點可讀(不設(shè)置讀取會失斘喑恕)澎迎,就可以實現(xiàn)讀寫分離。
2. 搭建Replica Set步驟
2.1. 準(zhǔn)備三臺機(jī)器
mongo01.dev.oracleot.com
mongo02.dev.oracleot.com
mongo03.dev.oracleot.com
2.2. 使用docker啟動mongodb
三臺機(jī)器分別執(zhí)行下列命令
# 創(chuàng)建volumn
docker volumn create mongo_data_db
# 創(chuàng)建證書
docker run -rm -d mongo:3.6.1 bash
cd /data/db/
openssl rand -base64 756 > keyfile
chmod 400 keyfile
# 啟動mongodb
docker run --name mongo1 -p 27017:27017 -v mongo_data_db:/data/db --privileged -d mongo:3.6.1 mongod --replSet mongo-set --keyFile /data/db/keyfile
2.3. 配置集群
需要在primary機(jī)器上運行
docker exec -it mongo1 mongo
> config = {
"_id" : "mongo-set",
"members" : [
{
"_id" : 0,
"host" : "mongo01.dev.oracleot.com:27017",
"priority":2
},
{
"_id" : 1,
"host" : "mongo02.dev.oracleot.com:27017",
"priority":1
},
{
"_id" : 2,
"host" : "mongo03.dev.oracleot.com:27017",
"priority":1
}
]
}
> rs.initiate(config)
{
"ok" : 1,
"operationTime" : Timestamp(1515652730, 1),
"$clusterTime" : {
"clusterTime" : Timestamp(1515652730, 1),
"signature" : {
"hash" : BinData(0,"AAAAAAAAAAAAAAAAAAAAAAAAAAA="),
"keyId" : NumberLong(0)
}
}
}
2.4 創(chuàng)建賬戶
2.4.1 創(chuàng)建超級賬戶
use admin
> db.createUser(
{
user: "root",
pwd: "mongo_root_test",
roles: [ { role: "root", db: "admin" } ]
}
)
2.4.2 創(chuàng)建管理員賬戶
use admin
> db.createUser(
{
user: "admin",
pwd: "mongo_admin_test",
roles: [ { role: "userAdminAnyDatabase", db: "admin" } ]
}
)
2.4.3 創(chuàng)建普通賬戶
use mt
db.createUser(
{
user: "mt",
pwd: "mongo_mt_test",
roles: [ { role: "readWrite", db: "mt" } ]
}
)
2.5 解決警告
啟動后有可能會出現(xiàn)下面的警告
2018-01-17T05:35:04.275+0000 I CONTROL [initandlisten] ** WARNING: Access control is not enabled for the database.
2018-01-17T05:35:04.275+0000 I CONTROL [initandlisten] ** Read and write access to data and configuration is unrestricted.
2018-01-17T05:35:04.275+0000 I CONTROL [initandlisten]
2018-01-17T05:35:04.275+0000 I CONTROL [initandlisten]
2018-01-17T05:35:04.275+0000 I CONTROL [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/enabled is 'always'.
2018-01-17T05:35:04.275+0000 I CONTROL [initandlisten] ** We suggest setting it to 'never'
2018-01-17T05:35:04.275+0000 I CONTROL [initandlisten]
2018-01-17T05:35:04.275+0000 I CONTROL [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/defrag is 'always'.
2018-01-17T05:35:04.275+0000 I CONTROL [initandlisten] ** We suggest setting it to 'never'
第一條WARNING: Access control is not enabled for the database.是沒有創(chuàng)建用戶導(dǎo)致的警告选调,如果創(chuàng)建了用戶就可以了夹供,不過mongodb的鑒權(quán)比較費CPU,如果應(yīng)用使用短連接則不建議在mongodb中創(chuàng)建用戶仁堪。
第二三條是Centos7開啟了transparent_hugepage導(dǎo)致的哮洽,雖然開啟transparent_hugepage本意是提升內(nèi)存性能,不過像orale弦聂、mongodb等廠商均建議關(guān)閉鸟辅。下面是關(guān)閉方法
禁用transparent_hugepage,重啟后無效
echo never > /sys/kernel/mm/transparent_hugepage/enabled
echo never> /sys/kernel/mm/transparent_hugepage/defrag
開機(jī)就禁用transparent_hugepage
$ vim /etc/rc.d/rc.local
# 加上下面的話
if test -f /sys/kernel/mm/transparent_hugepage/defrag; then
echo never > /sys/kernel/mm/transparent_hugepage/defrag
fi
if test -f /sys/kernel/mm/transparent_hugepage/enabled; then
echo never > /sys/kernel/mm/transparent_hugepage/enabled
fi
設(shè)置執(zhí)行權(quán)限
$ chmod +x /etc/rc.d/rc.local
