在Ubuntu Server 14.04上安装MongoDB 3.2.6
- Import the public key used by the package management system
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv EA312927
- Create a list file for MongoDB
echo "deb http://repo.mongodb.org/apt/ubuntu trusty/mongodb-org/3.2 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-3.2.list
- Reload local package database
sudo apt-get update
- Install the MongoDB packages
sudo apt-get install -y mongodb-org=3.2.6 mongodb-org-server=3.2.6 mongodb-org-shell=3.2.6 mongodb-org-mongos=3.2.6 mongodb-org-tools=3.2.6
Pin a specific version of MongoDB
1
2
3
4
5echo "mongodb-org hold" | sudo dpkg --set-selections
echo "mongodb-org-server hold" | sudo dpkg --set-selections
echo "mongodb-org-shell hold" | sudo dpkg --set-selections
echo "mongodb-org-mongos hold" | sudo dpkg --set-selections
echo "mongodb-org-tools hold" | sudo dpkg --set-selections修改MongoDB的配置文件
/etc/mongod.conf- 修改
net.bindIp为0.0.0.0 - 增加配置
1
2storage:
directoryPerDB: true
- 修改
验证MongoDB是否成功安装
sudo service mongod restartmongo
Disable Transparent Huge Pages,参考这里
Create the init.d script
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
### BEGIN INIT INFO
# Provides: disable-transparent-hugepages
# Required-Start: $local_fs
# Required-Stop:
# X-Start-Before: mongod mongodb-mms-automation-agent
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Disable Linux transparent huge pages
# Description: Disable Linux transparent huge pages, to improve
# database performance.
### END INIT INFO
case $1 in
start)
if [ -d /sys/kernel/mm/transparent_hugepage ]; then
thp_path=/sys/kernel/mm/transparent_hugepage
elif [ -d /sys/kernel/mm/redhat_transparent_hugepage ]; then
thp_path=/sys/kernel/mm/redhat_transparent_hugepage
else
return 0
fi
echo 'never' > ${thp_path}/enabled
echo 'never' > ${thp_path}/defrag
unset thp_path
;;
esacMake it executable
1
sudo chmod 755 /etc/init.d/disable-transparent-hugepages
Configure your operating system to run it on boot
1
sudo update-rc.d disable-transparent-hugepages defaults
重启OS
配置MongoDB ReplicaSet副本集
副本集结构:
- 2数据节点,1个仲裁节点
配置步骤
- 准备2台高配ec2(假设为A、B)和1台低配ec2(假设为C)
- 在A、B、C上参考上一节的步骤安装MongoDB
在A的Shell中执行
mongo命令,然后创建超级管理员1
2
3$ mongo
> admin = db.getSiblingDB("admin");
> admin.createUser({ user: "ethan", pwd: "{ethan的密码}", roles: [{ role: "root", db: "admin" }] });准备keyfile
- 生成keyfile
openssl rand -base64 755 > rs0.key
- 上传
rs0.key到A、B、C的/etc目录 - 修改
rs0.key的权限和所有者chmod 400 rs0.keychown mongodb:mongodb /etc/rs0.key
- 生成keyfile
修改A、B的配置文件
/etc/mongod.conf- 增加配置
1
2
3
4
5
6security:
keyFile: "/etc/rs0.key"
authorization: enabled
replication:
replSetName: rs0
- 增加配置
修改C的配置文件
/etc/mongod.conf增加配置
1
2
3
4
5
6security:
keyFile: "/etc/rs0.key"
authorization: enabled
replication:
replSetName: rs0修改配置
1
2
3storage:
journal:
enabled: false
重启A、B、C上的
mongod实例配置集群
连接A上的
mongod实例1
$ mongo -u ethan -p {ethan的密码} --authenticationDatabase admin
通过下面的命令配置ReplicaSet:
1
2
3
4
5
6
7
8
9> rs.initiate()
> cfg = rs.conf()
> cfg.members[0].host = "{A的IP}:27017"
> rs.reconfig(cfg)
> rs.add("{B的IP}")
> rs.addArb("{C的IP}")
// 等待几秒...
> rs.status() // 检查副本集状态
为副本集客户端创建访问账户
1
2> use {dbname};
> db.createUser({ user: "{账户名}", pwd: "{账户密码}", roles: [{ role: "readWrite", db: "{dbname}" }] });
参考
- Install MongoDB on Ubuntu, 注意:
- 安装过程需要指定MongoDB的安装版本
- 锁定MongoDB的安装版本,避免执行
apt-get升级命令的时候连带升级MongoDB
- Enforce Keyfile Access Control in a Replica Set
- Security between members of the replica set using Internal Authentication
- Security between connecting clients and the replica set using User Access Controls
- MongoDB configuration file options