mongo 3.2 replica set 配置

221rrere

一、环境信息
CentOS release 6.7 (Final)
mongo version: 3.2.6

192.168.1.173    primary
192.168.1.174    secondary
192.168.1.172    secondary or arbiter
二、安装mongo

1、yum源配置（使用哪个版本enable=1）
# cat /etc/yum.repos.d/mongodb-org-3.2.repo
[mongodb-org-3.2]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/3.2/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-3.2.asc
[mongodb-org-2.6]
name=MongoDB 2.6 Repository
baseurl=http://downloads-distro.mongodb.org/repo/redhat/os/x86_64/
gpgcheck=0
enabled=0
2、yum install -y mongodb-org

三、replicat set 配置

1、修改配置文件(三台服务器除了ip不一样)：
cat /etc/mongod.conf
# mongod.conf
# for documentation of all options, see:
#   http://docs.mongodb.org/manual/reference/configuration-options/
# where to write logging data.
systemLog:
  destination: file
  logAppend: true
  path: /var/log/mongodb/mongod.log
# Where and how to store data.
storage:
  dbPath: /data/mongo
# dbPath: /var/lib/mongo
  journal:
    enabled: true
#  engine:
#  mmapv1:
#  wiredTiger:
# how the process runs
processManagement:
  fork: true  # fork and run in background
  pidFilePath: /var/run/mongodb/mongod.pid  # location of pidfile
# network interfaces
net:
  port: 27017
  bindIp: 192.168.1.173  # Listen to local interface only, comment to listen on all interfaces.
#security:
security:    #副本集配置成功之后才能打开安全认证
  authorization: enabled                #开启认证
  keyFile: /data/mongo/mongodb-keyfile       #副本集使用keyFile进行相互认证
#operationProfiling:
#replication:
replication:
  oplogSizeMB: 2000          #oplog的大小M
  replSetName: rongyi         #副本集的名称
#sharding:
## Enterprise-Only Options
#auditLog:
#snmp:

2、配置replicat set 过程
#启动mongod服务
#/usr/bin/mongod -f /etc/mongod.conf
启动成功之后因为还未开启auth认证，可以直接命令行登录

#mongo 192.168.1.173
use admin
admin> config = { _id:"rongyi",members:[
... {_id:172,host:"192.168.1.172:27017",arbiterOnly:true},
... {_id:173,host:"192.168.1.173:27017"},
... {_id:174,host:"192.168.1.174:27017"}]
... }
{
    "_id" : "rongyi",
    "members" : [
        {
            "_id" : 172,
            "host" : "192.168.1.172:27017",
            "arbiterOnly" : true
        },
        {
            "_id" : 173,
            "host" : "192.168.1.173:27017"
        },
        {
            "_id" : 174,
            "host" : "192.168.1.174:27017"
        }
    ]
}
admin> rs.initiate(config)
{ "ok" : 1 }

或者使用

config = { _id:"rongyi",members:[{_id:172,host:"192.168.1.172:27017"},{_id:173,host:"192.168.1.173:27017"},{_id:174,host:"192.168.1.174:27017"}]}

注：前者是一个备份节点，后者是两个备份节点，mongo选举的过程必须符合大多数，如果是偶数的节点，可以使用arbiter（仲裁节点），此节点只是为了参与选举

使用rs.status()查看replicat set的状态

3、创建管理员账户(这个账户要使用root role 否则会报错)：

admin> db.createUser({user:"admin",pwd:"********",roles:[{ role:"root", db:"admin" }]})
Successfully added user: {
    "user" : "admin",
    "roles" : [
        {
            "role" : "root",
            "db" : "admin"
        }
    ]
}

4、配置keyfile认证

在192.168.1.173上执行
    openssl rand -base64 741 > /data/mongo/mongodb-keyfile
    chmod 600 /data/mongo/mongodb-keyfile
    scp mongodb-keyfile 192.168.1.174:/data/mongo/
    scp mongodb-keyfile 192.168.1.172:/data/mongo/

在配置文件中开启认证：
security:
  authorization: enabled
  keyFile: /data/mongo/mongodb-keyfile

5、重启mongod服务
/etc/init.d/mongod stop && /usr/bin/mongod -f /etc/mongod.conf

四、登录验证
mongo 192.168.1.173:27017/admin -uadmin -p*******
admin> rs.status()
{
"set" : "rongyi",
"date" : ISODate("2016-06-24T08:31:28.549Z"),
"myState" : 1,
"term" : NumberLong(7),
"heartbeatIntervalMillis" : NumberLong(2000),
"members" : [
{
"_id" : 172,
"name" : "192.168.1.172:27017",
"health" : 1,
"state" : 7,
"stateStr" : "ARBITER",    #使用了仲裁
"uptime" : 19572,
"lastHeartbeat" : ISODate("2016-06-24T08:31:26.604Z"),
"lastHeartbeatRecv" : ISODate("2016-06-24T08:31:24.145Z"),
"pingMs" : NumberLong(0),
"configVersion" : 3
},
{
"_id" : 173,
"name" : "192.168.1.173:27017",
"health" : 1,
"state" : 1,
"stateStr" : "PRIMARY",
"uptime" : 19573,
"optime" : {
"ts" : Timestamp(1466740497, 1),
"t" : NumberLong(7)
},
"optimeDate" : ISODate("2016-06-24T03:54:57Z"),
"electionTime" : Timestamp(1466737527, 1),
"electionDate" : ISODate("2016-06-24T03:05:27Z"),
"configVersion" : 3,
"self" : true
},
{
"_id" : 174,
"name" : "192.168.1.174:27017",
"health" : 1,
"state" : 2,
"stateStr" : "SECONDARY",
"uptime" : 19567,
"optime" : {
"ts" : Timestamp(1466740497, 1),
"t" : NumberLong(7)
},
"optimeDate" : ISODate("2016-06-24T03:54:57Z"),
"lastHeartbeat" : ISODate("2016-06-24T08:31:26.604Z"),
"lastHeartbeatRecv" : ISODate("2016-06-24T08:31:26.604Z"),
"pingMs" : NumberLong(0),
"syncingTo" : "192.168.1.173:27017",
"configVersion" : 3
}
],
"ok" : 1
}