Cài đặt MongoDB Replicaset trên Ubuntu 20.04
Cài đặt MongoDB Replicaset trên Ubuntu 20.04
1./ cài đặt 3 server MongoDB trên 3 node
1.1/ Lý thuyết MongoDB Replicaset
Understanding MongoDB Replica Sets
As mentioned in the introduction, MongoDB handles replication through an implementation called replica sets. Each running instance of MongoDB that’s part of a given replica set is referred to as one of its members. Every replica set must have one primary member and at least one secondary member.
The primary member is the main access point for transactions with the replica set and is the only member that can accept write operations. Each replica set can have only one primary member at a time, as replication happens by copying the primary’s oplog (short for “operations log”) and repeating the logged changes on the secondaries’ respective data sets. Multiple primaries accepting write operations would lead to data conflicts.
By default, applications will only query the primary member for both read and write operations. You can configure your setup to read from one or more of the secondary members, but since data is transferred asynchronously, reads from secondary nodes can result in old data being served. Thus, such a configuration isn’t ideal for every use case.
One feature that distinguishes MongoDB’s replica sets from other replication implementations is their automatic failover mechanism. In the event that the primary member becomes unavailable, an automated election process happens among the secondary nodes to choose a new primary. A replica set can have up to 50 members, but a maximum of 7 can vote in an election.
If the secondary member pool contains an even number of nodes, however, it could result in an inability to elect a new primary due to a voting impasse. This would necessitate the inclusion of a third type of member in the replica set: an arbiter. An arbiter is an optional member of a replica set that votes in situations like this to ensure that the set is able to reach a decision. Be aware, though, that arbiters do not have a copy of the data set and they’re barred from becoming the replica set’s primary. If a replica set has only one secondary member, then an arbiter is required.
There may be times when you don’t want all of your secondaries to follow the standard rules for secondary members of a replica set. MongoDB allows you to configure secondary members of a replica set to take on the following nonstandard roles:
Priority 0 Replication Members: There are some situations where the election of certain set members to the primary position could have a negative impact on your application’s performance. For instance, if you are replicating data to a remote datacenter or a certain secondary member’s hardware is inadequate for it to function as the main access point for the set, setting its priority to 0 can ensure that this member will not become a primary but can continue copying data.
Hidden Replication Members: Some situations require you to keep one set of members accessible and visible to your clients while hiding background members which have separate purposes and shouldn’t be used for read operations. As an example, you may need a secondary member to be the base for analytics work, which would benefit from an up-to-date dataset but would cause a strain on working members. By setting this member to hidden, it will not interfere with the general operations of the replica set. Hidden members must be set to a priority of 0 to avoid becoming the primary member, but they can vote in elections.
Delayed Replication Members: By setting the delay option for a secondary member, you can control how long the secondary waits to perform each action it copies from the primary’s oplog. This is useful if you would like to safeguard against accidental deletions or recover from destructive operations. For instance, if you delay a secondary by a half-day, it would not immediately perform accidental operations on its own set of data and could be used to revert changes. Delayed members cannot become primary members, but can vote in elections. In most situations, they should also be hidden to prevent application processes from reading data that is out-of-date.
Tóm tắt
Priority 0 Replication Members: tuỳ chọn này sẽ không cho node này được chuyển sang Primary. vẫn có thể bầu chọn
Hidden Replication Members: Tuỳ chọn này sẽ không cho sang Primary và ẩn đi không thể nhìn được từ ứng dụng. vẫn có thể bầu chọn.
Delayed Replication Members: Tuỳ chọn này sẽ làm cho node đọc dữ liệu từ các node khác cách 1 khoảng thoài gian cài đặt, ví dụ 1 ngày, 2 ngày. Mục đích tránh bị phá hoặc hoặc backup. Tất nhiên cũng nên ẩn và không nên được trở thành primary. nhưng vẫn có thể bầu chọn
2./ Cài đặt Replicaset
2.1/ Setup file Host
sudo nano /etc/hosts
#Paste trên cả 3 host
10.0.2.11 mongo0.replset.member
10.0.2.12 mongo1.replset.member
10.0.2.13 mongo2.replset.member
10.0.2.14 mongo3.replset.member
2.2/ Mở Firewall cho cả 3 node
có thể xài iptables hoặc ufw
2.3/ Bật Replicaset trên cả 3 node
Trên Node 1:
Mở file /etc/mongod.conf
sau đó thêm mongo0.replset.member
net:
port: 27017
bindIp: 127.0.0.1,mongo0.replset.member
Tìm đoạn
#replication:
Sửa thành
replication:
replSetName: "rs0"
File cấu hình sẽ như sau:
# mongod.conf
# for documentation of all options, see:
# http://docs.mongodb.org/manual/reference/configuration-options/
# Where and how to store data.
storage:
dbPath: /var/lib/mongodb
journal:
enabled: true
# engine:
# mmapv1:
# wiredTiger:
# where to write logging data.
systemLog:
destination: file
logAppend: true
path: /var/log/mongodb/mongod.log
# network interfaces
net:
port: 27017
bindIp: 127.0.0.1,mongo0.replset.member
# how the process runs
processManagement:
timeZoneInfo: /usr/share/zoneinfo
#security:
#operationProfiling:
#replication:
replication:
replSetName: "rs0"
#sharding:
## Enterprise-Only Options:
#auditLog:
#snmp:
Trên Node 2:
# network interfaces
net:
port: 27017
bindIp: 127.0.0.1,mongo1.replset.member
. . .
replication:
replSetName: "rs0"
Trên Node 3:
# network interfaces
net:
port: 27017
bindIp: 127.0.0.1,mongo2.replset.member
. . .
replication:
replSetName: "rs0"
Dùng lệnh nc để test connect
nc -zv mongo1.replset.member 27017
#
Connection to mongo1.replset.member 27017 port [tcp/*] succeeded!
2.4/ Start Replica Set và Add member
Now that you’ve configured each of your three MongoDB installations, you can open up a MongoDB shell to initiate replication and add each as a member.
For demonstration purposes, the examples in this step will use the MongoDB instance on mongo0 to initiate the replica set. However, you can initiate replication from any server whose mongod.conf file has been appropriately configured.
On mongo0, open up the MongoDB shell:
mongo
Copy
From the prompt, you can initiate a replica set from the mongo shell by running the rs.initiate() method. However, running this method by itself would only initiate replication for the machine on which you run the method, and you’d then need to add your other Mongo instances by issuing an rs.add() method for each member.
Recall that MongoDB stores its data in JSON-like structures known as documents. Because you’ve already edited the mongod.conf file on each of your servers to configure the three Mongo instances for replication, you can instead include a document that holds each member’s configuration details within the rs.initiate method. This will allow you to start the replica set and add each member at once, rather than having to run multiple separate methods.
To do this, begin an rs.initiate() method by typing the following and pressing ENTER:
rs.initiate(
Copy
Mongo won’t register the rs.initiate method as complete until you enter a closing parenthesis. Until you do, the prompt will change from a greater than sign (>) to an ellipsis (...).
As with objects in JSON, documents in MongoDB begin and end with curly braces ({ and }). To begin adding the replica set’s configuration document, enter an opening curly brace:
{
Copy
MongoDB documents are composed of any number of field-and-value pairs that take the form of field: value. The first field-and-value pair of this particular document must be an _id: field that provides a name to identify the replica set; this field’s value must be the same as the replSetName directive you set in your mongod.conf files, which is "rs0" in our examples.
Enter this field-and-value pair, following it with a comma, and then press ENTER to begin a new line:
_id: "rs0",
Copy
Next, add a members: field. Instead of a single value, though, follow this members: field with an array containing multiple documents, each of which represent a replica set member to add. In MongoDB documents, arrays are always placed within a pair of square brackets ([ and ]).
Add the members: field followed by an opening square bracket to begin the array, and then press ENTER to move to the next line:
members: [
Copy
Now add a document with two field-and-value pairs, separated by a comma, to represent the first member of the replica set. The first of this document’s fields is another _id: field which accepts an integer used to identify the member internally. The second is a host: field, which must be followed by a string containing a hostname that will resolve to an address where the member Mongo instance can be reached:
{ _id: 0, host: "mongo0.replset.member" },
Copy
Note: If any of your Mongo instances are running on a port other than MongoDB’s default — 27017 — you must follow the hostname with a colon (:) and then the port number, as in this example:
{ _id: 0, host: "mongo0.replset.member:27018" },
Copy
After entering the first one, enter additional documents for the other members of your replica set. Make sure to separate each document with a comma:
{ _id: 1, host: "mongo1.replset.member" },
{ _id: 2, host: "mongo2.replset.member" }
Copy
Next, end the array by entering a closing square bracket:
]
Copy
Lastly, end the configuration document with a closing curly brace, and then close the method with a closing parenthesis:
})
Copy
All together, the rs.initiate() method will look like this:
> rs.initiate(
... {
... _id: "rs0",
... members: [
... { _id: 0, host: "mongo0.replset.member" },
... { _id: 1, host: "mongo1.replset.member" },
... { _id: 2, host: "mongo2.replset.member" }
... ]
... })
Assuming that you entered all the details correctly, once you press ENTER after typing the closing parenthesis the method will run and initiate the replica set. If the method returns "ok" : 1 in the output, it means that the replica set was started correctly:
Output
{
"ok" : 1,
"$clusterTime" : {
"clusterTime" : Timestamp(1612389071, 1),
"signature" : {
"hash" : BinData(0,"AAAAAAAAAAAAAAAAAAAAAAAAAAA="),
"keyId" : NumberLong(0)
}
},
"operationTime" : Timestamp(1612389071, 1)
}
If the replica set was initiated as expected, you’ll notice that the MongoDB client’s prompt will change from just a greater-than sign (>) to the following:
Copy
MongoDB comes installed with a few built-in methods which you can use to manage and retrieve information about your replica set. Of these, the rs.help() method can be particularly helpful as it returns a list of these replica set methods and descriptions of what they do:
rs.help()
Copy
Output
rs.status() { replSetGetStatus : 1 } checks repl set status
rs.initiate() { replSetInitiate : null } initiates set with default settings
rs.initiate(cfg) { replSetInitiate : cfg } initiates set with configuration cfg
rs.conf() get the current configuration object from local.system.replset
rs.reconfig(cfg) updates the configuration of a running replica set with cfg (disconnects)
rs.add(hostportstr) add a new member to the set with default attributes (disconnects)
rs.add(membercfgobj) add a new member to the set with extra attributes (disconnects)
rs.addArb(hostportstr) add a new member which is arbiterOnly:true (disconnects)
rs.stepDown([stepdownSecs, catchUpSecs]) step down as primary (disconnects)
rs.syncFrom(hostportstr) make a secondary sync from the given member
rs.freeze(secs) make a node ineligible to become primary for the time specified
rs.remove(hostportstr) remove a host from the replica set (disconnects)
rs.secondaryOk() allow queries on secondary nodes
rs.printReplicationInfo() check oplog size and time range
rs.printSecondaryReplicationInfo() check replica set members and replication lag
db.isMaster() check who is primary
db.hello() check who is primary
reconfiguration helpers disconnect from the database so the shell will display
an error, even if the command succeeds.
After running rs.help() or another one of these methods, you may see the client prompt change again to the following:
Copy
This means that the MongoDB instance that you’re connected to was elected to serve as the primary set member.
Be aware that if you have additional nodes that you’d like to add to the replica set in the future, you can do so with the rs.add() method after configuring them as you did the current replica set members in the previous steps:
rs.add( "mongo3.replset.member" )
Copy
You can now close the MongoDB client by pressing CTRL + C or by running the exit command:
exit
Copy
Your replica set is now up and running, and you can begin integrating it with your application.
Lưu ý: ban đầu khi chưa join replicaset thì chỉ hiện dấu > ở trong mongo command
>
sau khi join replicaset
rs0:PRIMARY>
rs0:SECONDARY>
Kiểm tra kết quả:
Your replica set is now up and running, and you can begin integrating it with your application.
Warning: When you opened up the MongoDB prompt to initiate the replica set, you may have noticed a warning message like this:
. . .
2021-02-03T21:45:48.379+00:00: Access control is not enabled for the database. Read and write access to data and configuration is unrestricted
. . .
This message indicates that you haven’t yet enabled access control for your database. Per the MongoDB documentation:
MongoDB uses Role-Based Access Control (RBAC) to govern access to a MongoDB system. A user is granted one or more roles that determine the user’s access to database resources and operations.
Because access control hasn’t been enabled on any of your MongoDB instances, anyone with access to any of the three servers in the replica set could also gain access to the Mongo instance on that server. This poses an important security risk, since this means they could also gain access to your application data.
One way to remove this warning and add a layer of security to your replica set is by configuring keyfile authentication. As mentioned in the introduction, though, the MongoDB documentation describes keyfiles as “bare-minimum forms of security” that are “best suited for testing or development environments.”
Be aware that, for production deployments, the MongoDB documentation instead recommends using x.509 certificates for internal member authentication. The process of obtaining and configuring x.509 certificates comes with a number of caveats and decisions that must be made on a case-by-case basis, which is beyond the scope of this tutorial.
If you plan on using your replica set for testing or development, we strongly encourage you to follow our tutorial on How To Configure Keyfile Authentication for MongoDB Replica Sets on Ubuntu 20.04.
Conclusion
Database replication has found wide use as a strategy to improve performance, availability, and data security, to the point where it’s recommended that any database used in a production environment has some form of replication enabled. Replicas are also versatile, and can take on many different roles in a data architecture, like reporting or disaster recovery. The automatic failover feature found in MongoDB’s replica sets make them particularly valuable for helping to ensure that your data remains highly available in the event of an outage.
If you’d like to learn more about MongoDB, we encourage you to check out our entire collection of MongoDB tutorials.
https://www.digitalocean.com/community/tutorials/how-to-configure-a-mongodb-replica-set-on-ubuntu-20-04