以下是一个k8s上部署mongodb的简单例子 创建了一个mongodb的namespace, 创建了SA, clusterrole,名为mongo的服务, 名为mongo的3个有状态副本
mongo.yaml
# mongo.yaml
apiVersion: v1
kind: Namespace
metadata:
name: mongodb
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: mongo
namespace: mongodb
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: mongo
subjects:
- kind: ServiceAccount
name: mongo
namespace: mongodb
roleRef:
kind: ClusterRole
name: cluster-admin
apiGroup: rbac.authorization.k8s.io
---
apiVersion: v1
kind: Service
metadata:
name: mongo
namespace: mongodb
labels:
name: mongo
spec:
ports:
- port: 27017
targetPort: 27017
clusterIP: None
selector:
role: mongo
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: mongo
namespace: mongodb
spec:
serviceName: mongo
replicas: 3
selector:
matchLabels:
role: mongo
environment: staging
template:
metadata:
labels:
role: mongo
environment: staging
replicaset: MainRepSet
spec:
affinity:
podAntiAffinity: # 添加 Pod 反亲和性,将副本打散在不同的节点
preferredDuringSchedulingIgnoredDuringExecution: # 软策略
- weight: 100
podAffinityTerm:
labelSelector:
matchExpressions:
- key: replicaset
operator: In
values:
- MainRepSet
topologyKey: kubernetes.io/hostname
terminationGracePeriodSeconds: 10
serviceAccountName: mongo
containers:
- name: mongo
image: mongo:4.4
command:
- mongod
- "--wiredTigerCacheSizeGB"
- "0.25"
- "--bind_ip"
- "0.0.0.0"
- "--replSet"
- MainRepSet
#- "--smallfiles"
#- "--noprealloc"
ports:
- containerPort: 27017
volumeMounts:
- name: mongo-data
mountPath: /data/db
resources:
requests:
cpu: 1
memory: 2Gi
- name: mongo-sidecar
image: cvallance/mongo-k8s-sidecar
env:
- name: MONGO_SIDECAR_POD_LABELS
value: "role=mongo,environment=staging"
- name: KUBE_NAMESPACE
value: "mongo"
- name: KUBERNETES_MONGO_SERVICE_NAME
value: "mongo"
volumeClaimTemplates:
- metadata:
name: mongo-data
spec:
accessModes: [ "ReadWriteOnce" ]
storageClassName: openebs-hostpath # 提供一个可用的 Storageclass
resources:
requests:
storage: 30Gi
3个pod启动以后, 进入其中一个pod,然后执行集群创建命令
kubectl -n mongodb exec -it mongo-0 -- mongors.status() #查看集群状态#创建集群
config = { _id:"MainRepSet", members:[
{_id:0,host:"mongo-0.mongo.mongodb.svc.cluster.local:27017",priority:90},
{_id:1,host:"mongo-1.mongo.mongodb.svc.cluster.local:27017",priority:80},
{_id:2,host:"mongo-2.mongo.mongodb.svc.cluster.local:27017",priority:70}
]
}
rs.initiate(config);rs.status() #查看集群状态优化
set -o errexit
set -o pipefail
set -o nounset
echo 'never' > /sys/kernel/mm/transparent_hugepage/enabled
echo 'never' > /sys/kernel/mm/transparent_hugepage/defrag设置或修改密码
#查看数据库
show dbs
#切换admin库
use admin
#创建管理员账户,用于管理账号,不能进行关闭数据库
db.createUser({ user: "admin", pwd: "password", roles: [{ role: "userAdminAnyDatabase", db: "admin" }] })
#创建root,超级管理员root,可关闭数据库
db.createUser({user: "root",pwd: "password", roles: [ { role: "root", db: "admin" } ]})
#创建用户自己的数据库的管理角色,一定要切换到所在数据库上去创建用户,不然创建的用户还是属于admin。
use yourdatabase
db.createUser({user: "user",pwd: "password",roles: [ { role: "dbOwner", db: "yourdatabase" } ]})
#查看用户
show users
#删库用户
use admin
db.auth("admin","password")
#删除单个用户
db.system.users.remove({user:"XXXXXX"})
#删除所有用户
db.system.users.remove({}
#连接字符串
mongodb://username:password@ip:port/database
mongodb://username:password@ip0:port,ip1:port,ip2:port/database?replicaSet=MainRepSetspringboot 在nacos中的配置
mongodb:
uri: mongodb://mongo-0.mongo.mongodb.svc.cluster.local:27017,mongo-1.mongo.mongodb.svc.cluster.local:27017,mongo-2.mongo.mongodb.svc.cluster.local:27017/database?replicaSet=MainRepSet
auto-index-creation: true # 默认为false,即不会自动创建索引