小碗汤 · 2020年03月11日

kubernetes部署mongoDB 单机版 自定义配置文件、密码、日志路径等

官方镜像地址: https://hub.docker.com/_/mong...

docker版的mongo移除了默认的/etc/mongo.conf, 修改了db数据存储路径为 /data/db.

创建configmap配置,注意不能加fork=true,否则Pod会变成Completed。

apiVersion: v1
kind: ConfigMap
metadata:
  name: mongodb-conf
data:
  mongodb.conf: |
        dbpath=/data/middleware-data/mongodb
        logpath=/data/middleware-data/mongodb/mongodb.log
        pidfilepath=/data/middleware-data/mongodb/master.pid
        directoryperdb=true
        logappend=true
        bind_ip=0.0.0.0
        port=27017

创建StatefulSet:

apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: mongodb
spec:
  replicas: 1
  serviceName: mongodb
  selector:
    matchLabels:
      name: mongodb
  template:
    metadata:
      labels:
        name: mongodb
    spec:
      containers:
      - name: mongodb
        image: mongo:4.2.1
        command:
        - sh
        - -c
        - "exec mongod -f /data/middleware-data/mongodb/conf/mongodb.conf"
        imagePullPolicy: IfNotPresent
        ports:
        - containerPort: 27017
          name: mongodb
          protocol: TCP
        volumeMounts:
        - name: mongodb-config
          mountPath: /data/middleware-data/mongodb/conf/
        - name: data
          mountPath: /data/middleware-data/mongodb/
      volumes:
      - name: mongodb-config
        configMap:
          name: mongodb-conf
      - name: data
        hostPath:
          path: /data/middleware-data/mongodb/

创建Service暴露端口:

kind: Service
apiVersion: v1
metadata:
  labels:
    name: mongodb
  name: mongodb
spec:
  type: NodePort
  ports:
  - name: mongodb
    port: 27017
    targetPort: 27017
    nodePort: 30002
  selector:
    name: mongodb

接着使用以下命令添加用户和设置密码,并且尝试连接,以及修改密码:

[root@liabio mongodb]# kubectl exec -ti mongodb-0 -- mongo admin
MongoDB shell version v4.2.1
connecting to: mongodb://127.0.0.1:27017/admin?compressors=disabled&gssapiServiceName=mongodb
Implicit session: session { "id" : UUID("6d31af3f-3749-3111-87d2-7c8745pob66c") }
MongoDB server version: 4.2.1
Welcome to the MongoDB shell.
For interactive help, type "help".
For more comprehensive documentation, see
    http://docs.mongodb.org/
Questions? Try the support group
    http://groups.google.com/group/mongodb-user
Server has startup warnings: 
2019-11-29T08:57:58.414+0000 I  CONTROL  [initandlisten] 
2019-11-29T08:57:58.414+0000 I  CONTROL  [initandlisten] ** WARNING: Access control is not enabled for the database.
2019-11-29T08:57:58.414+0000 I  CONTROL  [initandlisten] **          Read and write access to data and configuration is unrestricted.
2019-11-29T08:57:58.414+0000 I  CONTROL  [initandlisten] 
2019-11-29T08:57:58.414+0000 I  CONTROL  [initandlisten] 
2019-11-29T08:57:58.414+0000 I  CONTROL  [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/enabled is 'always'.
2019-11-29T08:57:58.414+0000 I  CONTROL  [initandlisten] **        We suggest setting it to 'never'
2019-11-29T08:57:58.415+0000 I  CONTROL  [initandlisten] 
2019-11-29T08:57:58.415+0000 I  CONTROL  [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/defrag is 'always'.
2019-11-29T08:57:58.415+0000 I  CONTROL  [initandlisten] **        We suggest setting it to 'never'
2019-11-29T08:57:58.415+0000 I  CONTROL  [initandlisten] 
---
Enable MongoDB's free cloud-based monitoring service, which will then receive and display
metrics about your deployment (disk utilization, CPU, operation statistics, etc).

The monitoring data will be available on a MongoDB website with a unique URL accessible to you
and anyone you share the URL with. MongoDB may use this information to make product
improvements and to suggest MongoDB products and deployment options to you.

To enable free monitoring, run the following command: db.enableFreeMonitoring()
To permanently disable this reminder, run the following command: db.disableFreeMonitoring()
---

> db.createUser({ user:'admin',pwd:'910921',roles:[ { role:'userAdminAnyDatabase', db: 'admin'}]});
Successfully added user: {
    "user" : "admin",
    "roles" : [
        {
            "role" : "userAdminAnyDatabase",
            "db" : "admin"
        }
    ]
}
> db.auth('admin', '910921')
1
> db.changeUserPassword("admin","390191");

db.createUser({ user:'admin',pwd:'910921',roles:[ { role:'userAdminAnyDatabase', db: 'admin'}]});
admin用户只对admin这个db有权限。

要操作mall这个db,可以这样:

use mall;
db.createUser({ user:'mall',pwd:'390191',roles:[ { role:'readWrite', db: 'mall'}]});

查看权限:

db.system.users.find()

参考

docker安装各种中间件、数据库教程
docker安装mongodb并备份
使用Docker和Kubernetes将MongoDB作为微服务运行

作者简洁

作者:小碗汤,一位热爱、认真写作的小伙,目前维护原创公众号:『我的小碗汤』,专注于写go语言、docker、kubernetes、java等开发、运维知识等提升硬实力的文章,期待你的关注。转载说明:务必注明来源(注明:来源于公众号:我的小碗汤,作者:小碗汤)
推荐阅读
关注数
1
文章数
116
微信公众号【我的小碗汤】博主,分享技术文章和记录编程中遇到的问题及解决方案,工作中提高效率的工具,推送原创文章及优秀文章等
目录
极术微信服务号
关注极术微信号
实时接收点赞提醒和评论通知
安谋科技学堂公众号
关注安谋科技学堂
实时获取安谋科技及 Arm 教学资源
安谋科技招聘公众号
关注安谋科技招聘
实时获取安谋科技中国职位信息