mongDB环境部署
主机
echo "sh /root/iptables.sh" >> /etc/rc.local
echo "mount /dev/sdb /data" >> /etc/rc.local
chmod +x /etc/rc.d/rc.local
1.文件系统配置
新部署MongoDB集群,应部署与centos7及以上版本,MongoDB官文建议使用xfs文件系统,性能会更好。格式化磁盘命令如下:
mkfs.xfs -f [分区目录]
分区以后挂盘,写在启动文件中
Centos7已经写了要 chmod +x /etc/rc.d/rc.local 授权一下才会起作用
2.禁用NUMA
当机器中只有一个CPU时,所有内存存取时间基本相同。但当机器中开始有更多处理器时,会有一些内存设置离某CPU更近,访问速度会更快。每个CPU都有自己的“本地”内存结构,即NUMA(Non-uniform Memory Architecture 非一致内存结构)。但对于MongoDB来说,这种结构并不好,MongoDB需要大量内存。MongoDB同时需要访问其它CPU的“本地内存”。
禁用NUMA有几种方法。
1.通过bios来禁用NUMA;此方法比较麻烦。此处并没有使用。
2.通过numactl禁用NUMA
拉起MongoDB时,使用 numactl --interleave=all /opt/mongodb/bin/mongod -f xxxxxx
通过numactl进行即可以禁用NUMA
3.使用zone_reclaim_mode禁用
该选项被启用后,CPU访问一页内存时,该页内存就会被移动到此CPU的“本地内存”中。
echo 0 > /proc/sys/vm/zone_reclaim_mode
该选项无需重启mongod。
3.设置预读
预读,即操作系统从磁盘中读取比实际请求更多的数据。其实现思想是在载入数据时,从磁盘读取比实际请求更多的内容,并将其入于内存中,以便随后使用。
但是,MongoDB倾向于从磁盘随机地读取很多小块数据,所以默认系统设置不能很好工作。可以使用blockdev命令来设置预读。
命令如下:
blockdev --setra 32 /dev/nvme0n1
4.禁用大页
启用大内存页面导致的问题跟预读过多导致问题类似。一般不启用这一特性。
echo never > /sys/kernel/mm/transparent_hugepage/enabled
echo never > /sys/kernel/mm/transparent_hugepage/defrag
4.更改主机打开文件进程数限制
一般主机都会因为系统安全性考虑而对用户打开的进程跟最大文件数进行限制,数据库部署时,一般都会对取消其限制。数据库的限制不在操作系统层上实现。
设置 /etc/security/limits.conf,添加:
* soft nofile 102400
* hard nofile 102400
* soft nproc 102400
* hard nproc 102400
/etc/security/limits.d/20-nproc.conf 添加:
* soft nproc 102400
root soft nproc unlimited
5.更改selinux
一般主机系统因为安全因素都会配置selinux,这会容易带来一些问题,而且有可能影响性能。因此需要禁用selinux。
修改/etc/selinux/config
将SELINUX改为disabled
SELINUX=disabled
并重启主机。或者setenforce 0
6.修改主机名
一般为了监控易于区分每一台主机,需要每一台主机名。可以根据每一台主机在集群中的角色、作用命名。规则为:
主从分片 机房-{ipxx-xx-xx}
使用命令 hostnamectl --static set-hostname NM2-MS-157
hostnamectl set-hostname sx-hermes-ip
7.新增mongo用户
为了主机安全起见,MongoDB最好使用普通用户拉起。因此需要新增MongoDB用户。
useradd mongo; chage -m 0 -M 999999 mongo ; echo "21cnmongo" | passwd mongo --stdin
该用户一般用于拉起MongoDB数据库。
2.集群架构
MongoDB有比较完善的集群机制,易于切换,整个集群中任何一台主机出现宕机,一般不会对整个集群造成影响。MongoDB集群架构如下:
图1
下载
wget http://42.123.76.68:8086/dbmprp/tools/soft/mongodb-linux-x86_64-rhel70-4.2.0.tgz
3.1.2.MongoDB分片集群部署规范(以centos7为例)
1.程序安装目录:/opt/mongodb | /data/mongodb
2.数据目录:
shard: /data/mongoShard/27001/data
mongos: 无
config: /data/mongoConfig/26001/data
arbiter: /data/mongoArbiter/28001/data
/数据目录/端口号/data
3.日志目录及文件名:
shard: /opt/mongoShard/27001/log/shard01.1.mongo.forOracle.log
mongos: / opt /mongoS/30000/log/mongos.1.mongo.forOracle.log
config: / opt /mongoConfig/26001/log/Config.1.mongo.forOracle.log
arbiter: / opt /mongoArbiter/28001/log/Arb01.1.mongo.forOracle.log
/数据目录/端口号/log
4:配置文件目录及文件名:
/数据目录/端口号/conf
shard: / opt /mongoShard/27001/conf/shard01.1.mongo.forOracle.conf
mongos: / opt /mongoS/30000/conf/mongos.1.mongo.forOracle. conf
config: / opt /mongoConfig/26001/conf/Config.1.mongo.forOracle. conf
arbiter: / opt /mongoArbiter/28001/conf/Arb01.1.mongo.forOracle. conf
5.进程号目录及文件名:
shard: / opt /mongoShard/27001/ run /shard01.1.mongo.forOracle.pid
mongos: / opt /mongoS/30000/ run /mongos.1.mongo.forOracle. pid
config: / opt /mongoConfig/26001/ run /Config.1.mongo.forOracle. pid
arbiter: / opt /mongoArbiter/28001/ run /Arb01.1.mongo.forOracle. pid
/数据目录/端口号/run
6.相关脚本目录
/opt/mongodb/script
cat startmongoS.sh
su - mongo
/opt/mongodb/bin/mongos -f /data/mongoS/30000/conf/mongos.1.mongo.forOracle.conf"
启动mongos脚本:
cat startmongoConfig.sh
su - mongo -c "numactl --interleave=all /opt/mongodb/bin/mongod -f /data/mongoConfig/26001/conf/Config.1.mongo.forOracle.conf"
启动config脚本:
cat startshard04.sh
su - mongo -c "numactl --interleave=all /opt/mongodb/bin/mongod -f /opt/mongoShard/27004/conf/shard04.1.mongo.forOracle.conf"
启动shard脚本:
启动arbiter脚本:
cat startArb01.sh
su - mongo -c "numactl --interleave=all /opt/mongodb/bin/mongod -f /data/mongoArbiter/28001/conf/Arb01.1.mongo.forOracle.conf"
7、相关目录设置权限
chown -R mongo:mongo /data/mongoShard
chown -R mongo:mongo /data/mongoArbiter
chown -R mongo:mongo /data/mongoConfig
chown -R mongo:mongo /opt/mongoS
chown -R mongo:mongo /opt/mongoShard
chown -R mongo:mongo /opt/mongoConfig
chown -R mongo:mongo /opt/mongoArbiter
程序/日志/配置/运行文件可以放置于同一个物理分区,数据应与程序等分开放置,有多个磁盘的放置在不同磁盘,只有1个磁盘的,用物理分区隔离。
3.1.3 MongoDB分片集群配置文件范例(以centos7为例)
#在随意一台机器上执行,生成秘钥,作为整个集群的通行证###
shell>openssl rand -base64 753
chmod 600 keyfile
Config配置文件: /opt/mongoDB/bin/mongod -f /data/mongoConfig/26001/conf/config.1.mongo.forHERMES.conf
systemLog:
verbosity: 0
quiet: false
systemLog:
verbosity: 0
quiet: false
path: ‘/data/mongoConfig/26001/log/Config.1.mongo.forHERMES.log‘
logAppend: true
logRotate: ‘rename‘
destination: ‘file‘
timeStampFormat: ‘iso8601-local‘
processManagement:
fork: true
pidFilePath: ‘/data/mongoConfig/26001/run/Config.1.mongo.forHERMES.pid‘
net:
port: 26001
bindIpAll: true
wireObjectCheck: true
unixDomainSocket:
enabled: false
filePermissions: 0700
security:
keyFile: ‘/data/mongoConfig/26001/conf/forHERMES.keyfile‘
clusterAuthMode: ‘keyFile‘
authorization: ‘disabled‘ #the setting is available only for mongod.
storage:
dbPath: ‘/data/mongoConfig/26001/data‘ #the setting is available only for mongod.
journal:
enabled: true #the setting is available only for mongod.
#commitIntervalMs: 100 #milliseconds,the setting is available only for mongod. ## 4.2 不适用
directoryPerDB: true #the setting is available only for mongod.
engine: ‘wiredTiger‘
wiredTiger:
engineConfig:
journalCompressor: ‘snappy‘
directoryForIndexes: true
collectionConfig:
blockCompressor: ‘snappy‘
indexConfig:
prefixCompression: true
operationProfiling:
slowOpThresholdMs: 100 #milliseconds #the setting is available only for mongod.
mode: ‘off‘ #the setting is available only for mongod.
replication:
oplogSizeMB: 512
replSetName: ‘Config.1.mongo.forHERMES‘ #the setting is available only for mongod.
enableMajorityReadConcern: false
sharding:
clusterRole: ‘configsvr‘ #the setting is available only for mongod.
archiveMovedChunks: false
Arbiter配置文件: /opt/mongoDB/bin/mongod -f /data/mongoArbiter/28001/conf/Arb02.1.mongo.forHERMES.conf
systemLog:
verbosity: 0
quiet: false
path: ‘/data/mongoArbiter/28001/log/arbiter01.1.mongo.forJTMAIL.log‘
logAppend: true
logRotate: ‘rename‘
destination: ‘file‘
timeStampFormat: ‘iso8601-local‘
processManagement:
fork: true
pidFilePath: ‘/data/mongoArbiter/28001/run/arbiter01.1.mongo.forJTMAIL.pid‘
net:
bindIpAll: true
port: 28001
wireObjectCheck: true
unixDomainSocket:
enabled: false
filePermissions: 0700
security:
keyFile: ‘/data/mongoArbiter/28001/conf/forJTMAIL.keyfile‘
clusterAuthMode: ‘keyFile‘
authorization: ‘disabled‘ #the setting is available only for mongod.
storage:
dbPath: ‘/data/mongoArbiter/28001/data‘ #the setting is available only for mongod.
journal:
enabled: true #the setting is available only for mongod.
commitIntervalMs: 100 #milliseconds,the setting is available only for mongod.
directoryPerDB: true #the setting is available only for mongod.
engine: ‘wiredTiger‘
wiredTiger:
engineConfig:
cacheSizeGB: 2 #config server is not need to set this parameter
journalCompressor: ‘snappy‘
directoryForIndexes: true
collectionConfig:
blockCompressor: ‘snappy‘
indexConfig:
prefixCompression: true
operationProfiling:
slowOpThresholdMs: 100 #milliseconds #the setting is available only for mongod.
mode: ‘off‘ #the setting is available only for mongod.
replication:
oplogSizeMB: 512
replSetName: ‘shard01.mongo.forJTMAIL‘ #the setting is available only for mongod.
enableMajorityReadConcern: false
sharding:
clusterRole: ‘shardsvr‘ #the setting is available only for mongod.
archiveMovedChunks: false
Shard配置文件: /opt/mongoDB/bin/mongod -f /data/mongoShard/27001/conf/shard01.mongo.forHERMES.conf
systemLog:
verbosity: 0
quiet: false
path: ‘/opt/mongoShard/27001/log/shard02.mongo.forHERMES.log‘
logAppend: true
logRotate: ‘rename‘
destination: ‘file‘
timeStampFormat: ‘iso8601-local‘
processManagement:
fork: true
pidFilePath: ‘/opt/mongoShard/27001/run/shard02.mongo.forHERMES.pid‘
net:
bindIpAll: true ##绑定ip
port: 27002
wireObjectCheck: true
maxIncomingConnections: 18000
unixDomainSocket:
enabled: false
filePermissions: 0700
security:
keyFile: ‘/opt/mongoShard/27001/conf/forHERMES.keyfile‘
clusterAuthMode: ‘keyFile‘
authorization: ‘disabled‘ #the setting is available only for mongod.
storage:
dbPath: ‘/data/mongoShard/27001/data‘ #the setting is available only for mongod.
#indexBuildRetry: true #the setting is available only for mongod. ##4.2 不支持重建索引
journal:
enabled: true #the setting is available only for mongod.
commitIntervalMs: 100 #milliseconds,the setting is available only for mongod. ##4.2 不适用
directoryPerDB: true #the setting is available only for mongod.
engine: ‘wiredTiger‘
wiredTiger:
engineConfig:
cacheSizeGB: 30 #config server is not need to set this parameter
journalCompressor: ‘snappy‘ ## 4.0之后压缩必须使用snappy
directoryForIndexes: true
collectionConfig:
blockCompressor: ‘snappy‘ ## 4.0之后压缩必须使用snappy
indexConfig:
prefixCompression: false
operationProfiling:
slowOpThresholdMs: 100 #milliseconds #the setting is available only for mongod.
mode: ‘slowOp‘ #the setting is available only for mongod.
replication:
oplogSizeMB: 20480 #recommendation: 5% of available disk space. you must set a fixed size if your disk space is too small,i think that 20G of size is enough. the setting is available only for mongod.
replSetName: ‘shard01.mongo.forHERMES‘ #the setting is available only for mongod.
enableMajorityReadConcern: false
sharding:
clusterRole: ‘shardsvr‘
mongos 配置文件 /opt/mongoDB/bin/mongos -f /data/mongoS/30000/conf/mongos.forJTMAIL.conf(先不拉起mongos)
systemLog:
verbosity: 0
quiet: false
path: ‘/data/mongoS/30000/log/mongos.1.mongo.forHERMES.log‘
logAppend: true
logRotate: ‘rename‘
destination: ‘file‘
timeStampFormat: ‘iso8601-local‘
processManagement:
fork: true
pidFilePath: ‘/data/mongoS/30000/run/mongos.forHERMES.pid‘
net:
bindIpAll: true
port: 30000
#tls:
#mode: requireTLS
#certificateKeyFile: /etc/ssl/mongodb.pem
security:
keyFile: ‘/data/mongoS/30000/conf/forHERMES.keyfile‘
clusterAuthMode: ‘keyFile‘
sharding:
configDB: Config.mongo.forHERMES/sx-hermes-119:26001,sx-hermes-202:26001,sx-hermes-218:26001
##初始化
use admin
rs.initiate({_id: "config.forTY",configsvr: true,members:[{_id:0,host:"zmt-15-11.forTY:26001"},{_id:1,host:"zmt-15-12.forTY:26001"},{_id:2, host:"ZMT-15-13.forTY:26001"}]})
##初始化 分片shard
分片1
use admin
rs.initiate({_id: "shard01.mongo.forJTMAIL",version:1,members:[{_id:0,host:"zmt-15-11.forTY:27001"},{_id:1,host:"zmt-15-12.forTY:27001"},{_id:2, host:"ZMT-15-13.forTY:28001",arbiterOnly:true}]})
分片2
use admin
rs.initiate({_id: "shard01.mongo.forJTMAIL",version:1,members:[{_id:0,host:"zmt-15-11.forTY:27001"},{_id:1,host:"zmt-15-12.forTY:27001"},{_id:2, host:"ZMT-15-13.forTY:28001",arbiterOnly:true}]})
拉起mongs
/opt/mongodb/bin/mongos -f /opt/mongoS/30000/conf/mongos.forTY.conf
登录monos添加分片
use admin
sh.addShard("shard01.forTY/zmt-15-11.forTY:27001,zmt-15-12.forTY:27001,ZMT-15-13.forTY:28001")
sh.addShard("shard02.forTY/ZMT-15-13.forTY:27002,ZMT-20-12.forTY:27002,ZMT-15-12.forTY:28002")
添加超级管理员
use admin
db.createUser(
{
user: "root",
pwd: "21CN*%",
roles: [ { role: "root", db: "admin" } ]
}
)
//指定用户授权
use mydb
db.createUser(
{
user: "hermes",
pwd: "21CN2018",
roles: [ { role: "dbOwner", db: "hermes" } ]
}
)
删除用户
db.dropUser("hermes")
/opt/mongodb/bin/mongo -port=27001
/opt/mongodb/bin/mongo --port=30000 -uroot -p
use admin
db.auth("root","mdbzhpt)(*21cnTY")
db.auth("hermes","21CN2018")
wget http://121.14.133.104:8000/soft/mongodb-linux-x86_64-rhel62-3.2.10-rc0.tgz ./
脚本
/opt/mongodb/bin/mongo --quiet -uroot -p‘mdbzhpt)(*21cnTY‘ admin --port 27001
建用户授权
db.createUser({user:"hermes",pwd:"quyjZjdxyH",roles:["readWriteAnyDatabase"]})