前提 nfs及class已经创建ok
cluster-mongo.yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: mongo
spec:
selector:
matchLabels:
role: mongo
environment: test
serviceName: "mongo"
replicas: 3
template:
metadata:
labels:
role: mongo
environment: test
spec:
terminationGracePeriodSeconds: 10
containers:
- name: mongo
image: mongo:3.6.22
command:
- mongod
- "--replSet"
- rs0
- "--bind_ip"
- 0.0.0.0
- "--smallfiles"
- "--noprealloc"
ports:
- containerPort: 27017
volumeMounts:
- name: mongo-persistent-storage
mountPath: /data/db
- name: mongo-sidecar
image: cvallance/mongo-k8s-sidecar:latest
env:
- name: MONGO_SIDECAR_POD_LABELS
value: "role=mongo,environment=test"
volumeClaimTemplates:
- metadata:
name: mongo-persistent-storage
spec:
storageClassName: "cluster-mongo"
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: 20Gi
---
apiVersion: v1
kind: Service
metadata:
name: mongo
labels:
name: mongo
spec:
ports:
- port: 27017
targetPort: 27017
clusterIP: None
selector:
role: mongo
---
apiVersion: v1
kind: Service
metadata:
name: mongo-cs
labels:
name: mongo
spec:
ports:
- port: 27017
targetPort: 27017
#nodePort访问
nodePort: 30717
selector:
role: mongo
type: NodePort
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: mongo-default-view
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: view
subjects:
- kind: ServiceAccount
name: default
namespace: default
验证
kubectl exec -it mongo-0 -- mongo
rs0:SECONDARY> rs.status()
{
"set": "rs0",
"date": ISODate("2022-10-06T07:58:25.67Z"),
"myState": NumberInt("2"),
"term": NumberLong("1"),
"syncingTo": "10.244.2.3:27017",
"syncSourceHost": "10.244.2.3:27017",
"syncSourceId": NumberInt("0"),
"heartbeatIntervalMillis": NumberLong("2000"),
"optimes": {
"lastCommittedOpTime": {
"ts": Timestamp(1665043104, 1),
"t": NumberLong("1")
},
"readConcernMajorityOpTime": {
"ts": Timestamp(1665043104, 1),
"t": NumberLong("1")
},
"appliedOpTime": {
"ts": Timestamp(1665043104, 1),
"t": NumberLong("1")
},
"durableOpTime": {
"ts": Timestamp(1665043104, 1),
"t": NumberLong("1")
}
},
"members": [
{
"_id": NumberInt("0"),
"name": "10.244.2.3:27017",
"health": 1,
"state": NumberInt("1"),
"stateStr": "PRIMARY",
"uptime": NumberInt("1770"),
"optime": {
"ts": Timestamp(1665043104, 1),
"t": NumberLong("1")
},
"optimeDurable": {
"ts": Timestamp(1665043104, 1),
"t": NumberLong("1")
},
"optimeDate": ISODate("2022-10-06T07:58:24.000Z"),
"optimeDurableDate": ISODate("2022-10-06T07:58:24.000Z"),
"lastHeartbeat": ISODate("2022-10-06T07:58:24.576Z"),
"lastHeartbeatRecv": ISODate("2022-10-06T07:58:25.52Z"),
"pingMs": NumberLong("0"),
"lastHeartbeatMessage": "",
"syncingTo": "",
"syncSourceHost": "",
"syncSourceId": NumberInt("-1"),
"infoMessage": "",
"electionTime": Timestamp(1665041212, 2),
"electionDate": ISODate("2022-10-06T07:26:52.000Z"),
"configVersion": NumberInt("8")
},
{
"_id": NumberInt("1"),
"name": "10.244.1.3:27017",
"health": 1,
"state": NumberInt("2"),
"stateStr": "SECONDARY",
"uptime": NumberInt("1795"),
"optime": {
"ts": Timestamp(1665043104, 1),
"t": NumberLong("1")
},
"optimeDate": ISODate("2022-10-06T07:58:24.000Z"),
"syncingTo": "10.244.2.3:27017",
"syncSourceHost": "10.244.2.3:27017",
"syncSourceId": NumberInt("0"),
"infoMessage": "",
"configVersion": NumberInt("8"),
"self": true,
"lastHeartbeatMessage": ""
},
{
"_id": NumberInt("2"),
"name": "10.244.3.5:27017",
"health": 1,
"state": NumberInt("2"),
"stateStr": "SECONDARY",
"uptime": NumberInt("1679"),
"optime": {
"ts": Timestamp(1665043104, 1),
"t": NumberLong("1")
},
"optimeDurable": {
"ts": Timestamp(1665043104, 1),
"t": NumberLong("1")
},
"optimeDate": ISODate("2022-10-06T07:58:24.000Z"),
"optimeDurableDate": ISODate("2022-10-06T07:58:24.000Z"),
"lastHeartbeat": ISODate("2022-10-06T07:58:24.575Z"),
"lastHeartbeatRecv": ISODate("2022-10-06T07:58:24.657Z"),
"pingMs": NumberLong("0"),
"lastHeartbeatMessage": "",
"syncingTo": "10.244.2.3:27017",
"syncSourceHost": "10.244.2.3:27017",
"syncSourceId": NumberInt("0"),
"infoMessage": "",
"configVersion": NumberInt("8")
}
],
"ok": 1,
"operationTime": Timestamp(1665043104, 1),
"$clusterTime": {
"clusterTime": Timestamp(1665043104, 1),
"signature": {
"hash": BinData(0, "AAAAAAAAAAAAAAAAAAAAAAAAAAA="),
"keyId": NumberLong("0")
}
}
}
用户
rs0:PRIMARY> use admin #切换到admin数据库
switched to db admin
rs0:PRIMARY> db.createUser({user:"admin",pwd:"12300",roles:["root"]}) #创建用户名为admin、密码为password、角色为root的用户;
Successfully added user: { "user" : "admin", "roles" : [ "root" ] }
rs0:PRIMARY> db.getCollectionNames() #新增的用户在system.users;
[ "system.users", "system.version" ]
rs0:PRIMARY> db.auth("admin", "12300") #第一个用户添加完成后,便需要认证才能继续添加其他用户;
1
rs0:PRIMARY> use test; #创建test数据库;
switched to db test
rs0:PRIMARY> db.users.insertMany( [{ name: "bob", age: 42, status: "A", },{ name: "ahn", age: 22, status: "A", },{ name: "xi", age: 34, status: "D", }])
{
"acknowledged" : true,
"insertedIds" : [
ObjectId("61040bba1ce3378f75980aba"),
ObjectId("61040bba1ce3378f75980abb"),
ObjectId("61040bba1ce3378f75980abc")
]
}
rs0:PRIMARY> show collections; #查询集合
users
rs0:PRIMARY> db.users.find() #查询users集合中的数据;
{ "_id" : ObjectId("61040bba1ce3378f75980aba"), "name" : "bob", "age" : 42, "status" : "A" }
{ "_id" : ObjectId("61040bba1ce3378f75980abb"), "name" : "ahn", "age" : 22, "status" : "A" }
{ "_id" : ObjectId("61040bba1ce3378f75980abc"), "name" : "xi", "age" : 34, "status" : "D" }
# mongodb 创建普通用户
rs0:PRIMARY> use test
switched to db test
rs0:PRIMARY> db.createUser({user: "test", pwd: "123456", roles: [{ role: "dbOwner", db: "test" }]})
Successfully added user: {
"user" : "test",
"roles" : [
{
"role" : "dbOwner",
"db" : "test"
}
]
}
