1.建立三個裝有mongo的docker容器,這裡使用docker-compose,配置如下
mongo:
image: mongo
command: mongod -f /etc/mongo.conf
volumes:
- ${DATA_PATH_HOST}/mongo:/data/db
- ${CONF_PATH}/mongo/mongo_yaml.conf:/etc/mongo.conf
- ${CONF_PATH}/mongo/access.key:/etc/access.key
expose:
- 27017
ports:
- 27017:27017
networks:
- backend mongo2:
image: mongo
command: mongod -f /etc/mongo.conf
volumes:
- ${DATA_PATH_HOST}/mongo2:/data/db
- ${CONF_PATH}/mongo/mongo_yaml.conf:/etc/mongo.conf
- ${CONF_PATH}/mongo/access.key:/etc/access.key
expose:
- 27017
ports:
- 27018:27017
networks:
- backend mongo3:
image: mongo
command: mongod -f /etc/mongo.conf
volumes:
- ${DATA_PATH_HOST}/mongo3:/data/db
- ${CONF_PATH}/mongo/mongo_yaml.conf:/etc/mongo.conf
- ${CONF_PATH}/mongo/access.key:/etc/access.key
expose:
- 27017
ports:
- 27019:27017
networks:
- backend 其中mongo.conf 為yaml格式的mongodb配置檔案,内容如下
processManagement:
fork: false
net:
bindIp: 127.0.0.1
port: 27017
storage:
dbPath: /data/db
systemLog:
#destination: file
#path: log/mongo27017.log
logAppend: true
storage:
journal:
enabled: true
replication:
oplogSizeMB: 500
replSetName: "r1"
secondaryIndexPrefetch: "all" 執行docker-compose up -d mongo mongo2 mongo3 建立三個mongo容器 并指定副本集 r1
2. 登入任意一台機器的MongoDB執行:因為是全新的副本集是以可以任意進入一台執行;要是有一台有資料,則需要在有資料上執行;要多台有資料則不能初始化。我個人是mongo中有資料但是mongo2和mong3是空的資料庫,是以我登入mongo1進行副本集初始化。
執行指令 docker-compose exec mongo bash 進入容器
執行指令 mongo 在容器内部連接配接mongo
執行一下指令初始化副本集
> use admin
switched to db admin
> config = { "_id": "r1", "members": [{ "_id": 0, "host": "mongo:27017", "priority": 1 }, { "_id": 1, "host": "mongo2:27017", "priority": 1 }, { "_id": 2, "host": "mongo3:27017", "priority": 1 }] }
{
"_id" : "r1",
"members" : [
{
"_id" : 0,
"host" : "mongo:27017",
"priority" : 1
},
{
"_id" : 1,
"host" : "mongo2:27017",
"priority" : 1
},
{
"_id" : 2,
"host" : "mongo3:27017",
"priority" : 1
}
]
}
> rs.initiate(config)
{
"ok" : 1,
"operationTime" : Timestamp(1539830924, 1),
"$clusterTime" : {
"clusterTime" : Timestamp(1539830924, 1),
"signature" : {
"hash" : BinData(0,"AAAAAAAAAAAAAAAAAAAAAAAAAAA="),
"keyId" : NumberLong(0)
}
}
} 副本集初始化完成,可以使用指令rs.status()檢視目前副本集狀态,至此mongodb副本集設定完成
3.加入鑒權機制,如果服務端需要開啟auth認證,則在啟動時通過keyFile三個節點之間的通信授權
使用指令生成keyFile檔案
openssl rand -base64 745 > /docker/conf/mongo/mongo-keyfile
ch
如果伺服器啟動時加入了參數--keyFile = /docker/conf/mongo/mongo-keyfile 則mongo服務端啟動時會自動開啟auth,故應先建立賬号。
建立了賬号 root pass auth庫為admin (步驟省略)
停止所有節點,重新啟動mongo服務,并加上 --keyFile參數
發現報錯
mongo3_1 | 2018-10-24T06:13:06.323+0000 I CONTROL [main] Automatically disabling TLS 1.0, to force-enable TLS 1.0 specify --sslDisabledProtocols 'none'
mongo3_1 | 2018-10-24T06:13:06.331+0000 I ACCESS [main] permissions on /etc/access.key are too open
mongo2_1 | 2018-10-24T06:13:06.591+0000 I CONTROL [main] Automatically disabling TLS 1.0, to force-enable TLS 1.0 specify --sslDisabledProtocols 'none'
mongo2_1 | 2018-10-24T06:13:06.605+0000 I ACCESS [main] permissions on /etc/access.key are too open
mongo_1 | 2018-10-24T06:13:06.609+0000 I CONTROL [main] Automatically disabling TLS 1.0, to force-enable TLS 1.0 specify --sslDisabledProtocols 'none'
mongo_1 | 2018-10-24T06:13:06.614+0000 I ACCESS [main] permissions on /etc/access.key are too open
這是因為keyfile權限問題,執行指令将keyfile權限設定為600
chmod 600 /docker/conf/mongo/access.key
再次啟動,成功。
進入某一容器執行副本集連結操作,系統提示已成功連接配接到副本集
![ACS基本配置-權限等級管理[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)