副本多分片
https://blog.csdn.net/jianhao2010303/article/details/113541109
创建网络 overly
docker network create -d overlay mongo_test
创建 keyfile
mkdir -p /home/data/db/testm/mongos
cd /home/data/db/testm/mongos
openssl rand -base64 741 > key.file
chmod 600 /home/data/db/testm/mongos/key.file
chown 999 /home/data/db/testm/mongos/key.file
创建数据存储路径
rm -Rf /home/data/db/testm/shard11 /home/data/db/testm/shard12 /home/data/db/testm/shard13
mkdir -p /home/data/db/testm/shard11 /home/data/db/testm/shard12 /home/data/db/testm/shard13
rm -Rf /home/data/db/testm/shard21 /home/data/db/testm/shard22 /home/data/db/testm/shard23
mkdir -p /home/data/db/testm/shard21 /home/data/db/testm/shard22 /home/data/db/testm/shard23
rm -Rf /home/data/db/testm/shard31 /home/data/db/testm/shard32 /home/data/db/testm/shard33
mkdir -p /home/data/db/testm/shard31 /home/data/db/testm/shard32 /home/data/db/testm/shard33
rm -Rf /home/data/db/testm/config1 /home/data/db/testm/config2 /home/data/db/testm/config3
mkdir -p /home/data/db/testm/config1 /home/data/db/testm/config2 /home/data/db/testm/config3
创建配置文件
cd /home/data/db/testm/mongos
以下配置文件注意 security 需要先注释掉方便我们进行配置
mongod.conf
# mongod.conf
storage:
dbPath: /data/db
journal:
enabled: true
systemLog:
destination: file
logAppend: true
path: /var/log/mongodb/mongod.log
net:
port: 27017
bindIp: 0.0.0.0
processManagement:
timeZoneInfo: /usr/share/zoneinfo
#security:
# #KeyFile鉴权文件
# keyFile: /etc/key.file
# #开启认证方式运行
# authorization: enabled
replication:
replSetName: cfg
sharding:
clusterRole: configsvr
mongos.conf
# mongos.conf
systemLog:
destination: file
logAppend: true
path: /var/log/mongodb/mongod.log
net:
port: 27020
bindIp: 0.0.0.0
processManagement:
fork: true
timeZoneInfo: /usr/share/zoneinfo
#security:
# #KeyFile鉴权文件
# keyFile: /etc/key.file
sharding:
configDB: cfg/config1:27017,config2:27017,config3:27017
shard{1,2,3}.conf
# shard1.conf
storage:
dbPath: /data/db
journal:
enabled: true
systemLog:
destination: file
logAppend: true
path: /var/log/mongodb/mongod.log
net:
port: 27017
bindIp: 0.0.0.0
processManagement:
timeZoneInfo: /usr/share/zoneinfo
#security:
# #KeyFile鉴权文件
# keyFile: /etc/key.file
# #开启认证方式运行
# authorization: enabled
replication:
# 名称需要对应修改 我使用的是 rs{1,2,3}
replSetName: rs1
sharding:
clusterRole: shardsvr
docker-compose.yml
version: '3.7'
services:
shard11:
hostname: shard11
container_name: shard11
image: mongo:4.0.3
restart: always
networks:
- mongo_test
command: mongod -f /data/conf/shard1.conf
privileged: true
ports:
- 19001:27017
volumes:
- /etc/localtime:/etc/localtime
- /home/data/db/testm/shard11:/data/db
- /home/data/db/testm/mongos/key.file:/etc/key.file
- /home/data/db/testm/mongos/shard1.conf:/data/conf/shard1.conf
deploy:
placement:
constraints:
- node.hostname == manager
shard12:
hostname: shard12
container_name: shard12
image: mongo:4.0.3
restart: always
command: mongod -f /data/conf/shard1.conf
privileged: true
networks:
- mongo_test
ports:
- 19002:27017
volumes:
- /etc/localtime:/etc/localtime
- /home/data/db/testm/shard12:/data/db
- /home/data/db/testm/mongos/key.file:/etc/key.file
- /home/data/db/testm/mongos/shard1.conf:/data/conf/shard1.conf
deploy:
placement:
constraints:
- node.hostname == manager
shard13:
hostname: shard13
container_name: shard13
image: mongo:4.0.3
restart: always
command: mongod -f /data/conf/shard1.conf
privileged: true
networks:
- mongo_test
ports:
- 19003:27017
volumes:
- /etc/localtime:/etc/localtime
- /home/data/db/testm/shard13:/data/db
- /home/data/db/testm/mongos/key.file:/etc/key.file
- /home/data/db/testm/mongos/shard1.conf:/data/conf/shard1.conf
deploy:
placement:
constraints:
- node.hostname == manager
shard21:
hostname: shard21
container_name: shard21
image: mongo:4.0.3
restart: always
networks:
- mongo_test
command: mongod -f /data/conf/shard2.conf
privileged: true
ports:
- 19021:27017
volumes:
- /etc/localtime:/etc/localtime
- /home/data/db/testm/shard21:/data/db
- /home/data/db/testm/mongos/key.file:/etc/key.file
- /home/data/db/testm/mongos/shard2.conf:/data/conf/shard2.conf
deploy:
placement:
constraints:
- node.hostname == manager
shard22:
hostname: shard22
container_name: shard22
image: mongo:4.0.3
restart: always
command: mongod -f /data/conf/shard2.conf
privileged: true
networks:
- mongo_test
ports:
- 19022:27017
volumes:
- /etc/localtime:/etc/localtime
- /home/data/db/testm/shard22:/data/db
- /home/data/db/testm/mongos/key.file:/etc/key.file
- /home/data/db/testm/mongos/shard2.conf:/data/conf/shard2.conf
deploy:
placement:
constraints:
- node.hostname == manager
shard23:
hostname: shard23
container_name: shard23
image: mongo:4.0.3
restart: always
command: mongod -f /data/conf/shard2.conf
privileged: true
networks:
- mongo_test
ports:
- 19023:27017
volumes:
- /etc/localtime:/etc/localtime
- /home/data/db/testm/shard23:/data/db
- /home/data/db/testm/mongos/key.file:/etc/key.file
- /home/data/db/testm/mongos/shard2.conf:/data/conf/shard2.conf
deploy:
placement:
constraints:
- node.hostname == manager
shard31:
hostname: shard31
container_name: shard31
image: mongo:4.0.3
restart: always
networks:
- mongo_test
command: mongod -f /data/conf/shard3.conf
privileged: true
ports:
- 19031:27017
volumes:
- /etc/localtime:/etc/localtime
- /home/data/db/testm/shard31:/data/db
- /home/data/db/testm/mongos/key.file:/etc/key.file
- /home/data/db/testm/mongos/shard3.conf:/data/conf/shard3.conf
deploy:
placement:
constraints:
- node.hostname == manager
shard32:
hostname: shard32
container_name: shard32
image: mongo:4.0.3
restart: always
command: mongod -f /data/conf/shard3.conf
privileged: true
networks:
- mongo_test
ports:
- 19032:27017
volumes:
- /etc/localtime:/etc/localtime
- /home/data/db/testm/shard32:/data/db
- /home/data/db/testm/mongos/key.file:/etc/key.file
- /home/data/db/testm/mongos/shard3.conf:/data/conf/shard3.conf
deploy:
placement:
constraints:
- node.hostname == manager
shard33:
hostname: shard33
container_name: shard33
image: mongo:4.0.3
restart: always
command: mongod -f /data/conf/shard3.conf
privileged: true
networks:
- mongo_test
ports:
- 19033:27017
volumes:
- /etc/localtime:/etc/localtime
- /home/data/db/testm/shard33:/data/db
- /home/data/db/testm/mongos/key.file:/etc/key.file
- /home/data/db/testm/mongos/shard3.conf:/data/conf/shard3.conf
deploy:
placement:
constraints:
- node.hostname == manager
config1:
image: mongo:4.0.3
restart: always
command: mongod -f /data/conf/mongod.conf
networks:
- mongo_test
volumes:
- /etc/localtime:/etc/localtime
- /home/data/db/testm/config1:/data/db
- /home/data/db/mongo/mongos/key.file:/etc/key.file
- /home/data/db/testm/mongos/mongod.conf:/data/conf/mongod.conf
deploy:
placement:
constraints:
- node.hostname == manager
config2:
image: mongo:4.0.3
restart: always
command: mongod -f /data/conf/mongod.conf
networks:
- mongo_test
volumes:
- /etc/localtime:/etc/localtime
- /home/data/db/testm/config2:/data/db
- /home/data/db/mongo/mongos/key.file:/etc/key.file
- /home/data/db/testm/mongos/mongod.conf:/data/conf/mongod.conf
deploy:
placement:
constraints:
- node.hostname == manager
config3:
image: mongo:4.0.3
restart: always
command: mongod -f /data/conf/mongod.conf
networks:
- mongo_test
volumes:
- /etc/localtime:/etc/localtime
- /home/data/db/testm/config3:/data/db
- /home/data/db/mongo/mongos/key.file:/etc/key.file
- /home/data/db/testm/mongos/mongod.conf:/data/conf/mongod.conf
deploy:
placement:
constraints:
- node.hostname == manager
# router
mongos:
image: mongo:4.0.3
restart: always
# command: mongos -f /data/conf/mongos.conf
networks:
- mongo_test
ports:
- 19100:27017
- 19101:27020
depends_on:
- config1
- config2
- config3
volumes:
- /etc/localtime:/etc/localtime
- /home/data/db/mongo/mongos/key.file:/etc/key.file
- /home/data/db/testm/mongos/mongos.conf:/etc/mongodb/mongos.conf
deploy:
placement:
constraints:
- node.hostname == manager
networks:
mongo_test:
external: true
image.png
image.png
将docker-compose.yml 中的内容复制到这里 注意修改command中 conf路径,volumes中的路径和deploy的机器名 然后点击 update the stack
image.png
image.png
用portainer 启动好后 开始配置角色信息
首先知道哪里找到容器的id或者容器名
image.png
image.png
# 初始化 分别进入
docker exec -it {容器的id或者容器名} /bin/bash
mongo
#rs1 shard11 上执行
rs.initiate( {_id : "rs1",members: [{ _id: 0, host: "shard11:27017",priority:2 },{ _id: 1, host: "shard12:27017",priority:1 },{ _id: 2, host: "shard13:27017", arbiterOnly:true }]})
# rs2 shard21上
rs.initiate( {_id : "rs2",members: [{ _id: 0, host: "shard21:27017",priority:1 },{ _id: 1, host: "shard22:27017", arbiterOnly:true },{ _id: 2, host: "shard23:27017",priority:2 }]})
# rs3 shard32上 仲裁节点不允许创建
rs.initiate( {_id : "rs3",members: [{ _id: 0, host: "shard31:27017", arbiterOnly:true},{ _id: 1, host: "shard32:27017",priority:2 },{ _id: 2, host: "shard33:27017",priority:1 }]})
# config config1上
rs.initiate( {_id : "cfg",members: [{ _id: 0, host: "config1:27017"},{ _id: 1, host: "config2:27017" },{ _id: 2, host: "config3:27017"}]})
最后找到 mongos的容器
image.png
image.png
进入容器内部,就和远程linux主机一样输入下面的命令完成搭建。
image.png
# 宿主机
#docker exec -it {mongos} /bin/bash
# 容器中
mongos -f /etc/mongodb/mongos.conf
#可以就在其中一个mongos容器中使用mongo shell连接mongos进程配置分片集群
# 连接mongos,端口号与mongos配置文件中设定一致
mongo -port 27020
# 将分片加入集群
sh.addShard("rs1/shard11:27017,shard12:27017,shard13:27017")
sh.addShard("rs2/shard21:27017,shard22:27017,shard23:27017")
sh.addShard("rs3/shard31:27017,shard32:27017,shard33:27017")
# 对数据库开启分片功能
sh.enableSharding("company")
#切换数据库并建立一张测试表才会真的创建数据库
use company
db.message.insert({"mid":"test"})
#创建一个索引才能开启集合分片
db.message.ensureIndex({uuid: 1}, {unique: true});
use admin
# 对数据库中集合开启分片,并指定片键
sh.shardCollection("company.message",{"uuid":1})
# sh.shardCollection("[dbName.collectionName]",{[keyName]:1})
# 查看分片状态
sh.status()
use company
# 新建角色
db.createRole(
{
role:"companyRole",//角色名称
privileges: [ // 权限集
{ resource: { cluster: true }, actions: [ "addShard" ] },
{ resource: { //资源
db:"company", //创建的companyRole角色具有对company库的操作权限,具体权限建actions
collection:"" //company库下对应的集合名.如果为""表示所有集合
},
actions: [ "find", "insert", "remove","update" ,"createCollection", "dropCollection","convertToCapped"] //角色可进行的操作,注意这里是一个数组
} ],
roles: [] // 是否继承其他的角色,如果指定了其他角色那么新创建的角色自动继承对应其他角色的所有权限,该参数必须显示指定
}
)
# 给角色授权
db.grantPrivilegesToRole(
"companyRole",
[{
resource:{ //权限可操作的资源
db:"company", // 授予companyRole角色具有操作company库的权限
collection:"" // company库下的集合 如果为"" 表示所有集合
},
actions: // 权限允许的操作
[ "createCollection", "dropCollection","convertToCapped"] //权限可进行的操作
}]
)
# 新建用户
use company
# 指定自定义角色来创建用户
db.createUser({
user:'wth', // 用户名
pwd:'wth', // 密码
roles:[{
role:'companyRole',// 通过指定内建角色root 来创建用户
db:'company' // 指定角色对应的认证数据库,内建角色通常认证库为admin
}]
}
);
# 指定内建角色来创建用户,这里是在admin下创建的用户故认证库也是admin
use admin
db.createUser(
{
user:"admin",// 用户名
pwd:"admin", // 密码
roles:[{
role:'root',// 通过指定内建角色root 来创建用户
db:'admin' // 指定角色对应的认证数据库,内建角色通常认证库为admin
} ]
}
)
quit()
修改配置文件 释放掉security 开启 权限 重启容器
下面没有填写密码登录测试ok,但是提示authentication
image.png
image.png
输入密码后登录正常可以查看数据库了
image.png
image.png
tips MongoDB 集群重启需要重新执行mongos 否则连接不到
# 宿主机
docker exec -it mongos /bin/bash
# 容器中
mongos -f /etc/mongodb/mongos.conf
点波关注 系统搭建(docker)
