標籤:style man create like his exe des log replicat
一、安裝部署:
想直接一步建立叢集的小夥伴直接按以下步驟安裝(再往後是記錄自己出過的錯):
1、產生docker鏡像:
docker build -t 144.202.127.156/library/mongodb:3.4.10 .
docker push 144.202.127.156/library/mongodb:3.4.10 註:記得把地址換成自己的鏡像倉庫
FROM alpine:edgeMAINTAINER chengcuichaoRUN apk update && echo http://dl-4.alpinelinux.org/alpine/edge/testing >> /etc/apk/repositories && apk add --no-cache mongodb numactl numactl-tools
Dockerfile2、在kubernete上建立:
kubectl create -f mongodb.yml
在此注意幾下幾點:
1)、將為外置儲存的Secret和storageclass換成自己的。 註:我用的是ceph,其他的根據自己的更改,也可以不用持久化儲存,就當測試用。
2)、鏡像換成自己的鏡像地址。
3)、啟動參數--replSet換成自己的,不換也可以。
apiVersion: v1kind: Namespacemetadata: name: basic-app---apiVersion: v1kind: Secretmetadata: namespace: basic-app name: ceph-secrettype: "kubernetes.io/rbd"data: key: QVFEYmVRTmJZQ1B4TFJBQUg0QS9Tb01NZjF6NHB3L0p1Y3ZUQnc9PQ==---apiVersion: v1kind: Secretmetadata: namespace: basic-app name: mongo-keytype: Opaquedata: key: UERVU0hWVU9KT1ZQVUVYT0JXWU8=---apiVersion: v1kind: ConfigMapmetadata: name: mongodb-config namespace: basic-appdata: mongodb: | systemLog: destination: file path: "/var/log/mongodb/mongodb.log" logAppend: true processManagement: fork: false net: port: 27017 bindIp: 0.0.0.0 security: keyFile: "/etc/conf.d/secret-key/key" authorization: enabled storage: dbPath: /var/lib/mongodb setParameter: enableLocalhostAuthBypass: true authenticationMechanisms: SCRAM-SHA-1 mongos: | MONGOS_EXEC="/usr/bin/mongos" MONGOS_RUN="/var/run/mongodb" MONGOS_USER="mongodb" MONGOS_IP="127.0.0.1" MONGOS_PORT="27018" MONGOS_CONFIGDB="" MONGOS_OPTIONS=""---apiVersion: v1kind: Servicemetadata: name: mongodb namespace: basic-app labels: name: mongospec: clusterIP: None ports: - port: 27017 targetPort: 27017 selector: app: mongo-cluster---apiVersion: apps/v1beta1kind: StatefulSetmetadata: name: mongodb namespace: basic-appspec: serviceName: mongodb replicas: 3 template: metadata: labels: app: mongo-cluster spec: terminationGracePeriodSeconds: 10 containers: - name: mongod image: 144.202.127.156/library/mongodb:3.6.5 command: ["sh", "-c", "chmod 600 -R /etc/conf.d/secret-key;numactl --interleave=all mongod -f /etc/conf.d/mongodb --auth --replSet icsoc"] resources: limits: cpu: 2 memory: 2G requests: cpu: 1 memory: 1G volumeMounts: - name: mongodb-data mountPath: /var/lib/mongodb - name: mongo-config mountPath: /etc/conf.d - name: timezone-config mountPath: /etc/localtime - name: secret-key mountPath: /etc/conf.d/ ports: - containerPort: 27017 livenessProbe: tcpSocket: port: 27017 initialDelaySeconds: 15 periodSeconds: 20 volumes: - name: mongo-config configMap: name: mongodb-config - name: timezone-config hostPath: path: /usr/share/zoneinfo/Asia/Shanghai - name: secret-key secret: secretName: mongo-key volumeClaimTemplates: - metadata: name: mongodb-data annotations: volume.beta.kubernetes.io/storage-class: "ceph-db" spec: accessModes: [ "ReadWriteOnce" ] resources: requests: storage: 50Gi
mongodb.yml3、初始化叢集:
1、連進容器內:kubectl exec -it mongodb-0 /bin/sh2、執行初始化複本集:mongors.initiate({_id: "icsoc", version: 1, members: [ { _id: 0, host : "mongodb-0.mongodb.basic-app.svc.cluster.local:27017" }, { _id: 1, host : "mongodb-1.mongodb.basic-app.svc.cluster.local:27017" }, { _id: 2, host : "mongodb-2.mongodb.basic-app.svc.cluster.local:27017" } ]});2、建立系統管理使用者: 具體可參考:https://docs.mongodb.com/manual/tutorial/enable-authentication/use admindb.createUser( { user: "myUserAdmin", pwd: "[email protected]", roles: [ { role: "userAdminAnyDatabase", db: "admin" } ] })db.auth("myUserAdmin","[email protected]")
3、之後就可以連進去建立使用者,賦予角色許可權使用。
二、以下記錄建立詳細步驟:1、在kubenetes安裝mongodb叢集大體思路為:
1)、先在一個基礎的鏡像裡安裝mongodb,啟動正常後無報錯。
2)、再理清楚mogodb複本集叢集是怎麼啟動的。
3)、之後編寫在kubernetes建立資源的檔案。
4)、先建立看看那進行不下去,再一個個解決。
2、在alpine:edge基礎上編寫dockerfile:
編寫好的Dockerfile如下:
FROM alpine:edgeMAINTAINER chengcuichaoRUN apk update && echo http://dl-4.alpinelinux.org/alpine/edge/testing >> /etc/apk/repositories && apk add --no-cache mongodb numactlCOPY run.sh /root/RUN chmod +x /root/run.shCMD /root/run.sh
Dockerfile
先在docker上啟動,mongo連進去後報錯:
Server has startup warnings: 2018-07-15T12:25:52.064+0800 W CONTROL [main] --diaglog is deprecated and will be removed in a future release2018-07-15T12:25:52.183+0800 I STORAGE [initandlisten] 2018-07-15T12:25:52.183+0800 I STORAGE [initandlisten] ** WARNING: Using the XFS filesystem is strongly recommended with the WiredTiger storage engine2018-07-15T12:25:52.183+0800 I STORAGE [initandlisten] ** See http://dochub.mongodb.org/core/prodnotes-filesystem 第一個報錯2018-07-15T12:26:02.364+0800 I CONTROL [initandlisten] ** WARNING: You are running this process as the root user, which is not recommended. 第二個2018-07-15T12:26:02.364+0800 I CONTROL [initandlisten] 2018-07-15T12:26:02.364+0800 I CONTROL [initandlisten] 2018-07-15T12:26:02.364+0800 I CONTROL [initandlisten] ** WARNING: You are running on a NUMA machine.2018-07-15T12:26:02.364+0800 I CONTROL [initandlisten] ** We suggest launching mongod like this to avoid performance problems:2018-07-15T12:26:02.364+0800 I CONTROL [initandlisten] ** numactl --interleave=all mongod [other options] 第三個2018-07-15T12:26:02.365+0800 I CONTROL [initandlisten] 2018-07-15T12:26:02.365+0800 I CONTROL [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/enabled is ‘always‘.2018-07-15T12:26:02.365+0800 I CONTROL [initandlisten] ** We suggest setting it to ‘never‘ 第四個2018-07-15T12:26:02.365+0800 I CONTROL [initandlisten] 2018-07-15T12:26:02.365+0800 I CONTROL [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/defrag is ‘always‘.2018-07-15T12:26:02.365+0800 I CONTROL [initandlisten] ** We suggest setting it to ‘never‘ 第五個
1)、第一個報錯是檔案系統的問題,還沒解決 。
2)、第二個報錯是要開啟認證,在啟動參數上加入--auth就可以。
3)、第三個報錯需要在mongod命令前面加上numactl --interleave=all,在docker容器裡執行numactl --interleave=all mongod -f /etc/conf.d/mongodb 在直接用docker起的容器裡執行會報錯:
set_mempolicy: Operation not permittedsetting interleave mask: Operation not permitted
但在statefulset的yml檔案加上command: ["sh", "-c", "numactl --interleave=all mongod -f /etc/conf.d/mongodb --bind_ip 0.0.0.0"],kubectl create -f mongodb.yml建立後不會報錯。
4)、第四個和第五個報錯需要執行:echo never > /sys/kernel/mm/transparent_hugepage/enabled,echo never > /sys/kernel/mm/transparent_hugepage/defrag,
但是在容器裡執行會報錯,就算用initContainers
來為mongodb的容器建立運行環境,但是還會報:
/bin/sh: can‘t create /sys/kernel/mm/transparent_hugepage/enabled: Read-only file system
/bin/sh: can‘t create /sys/kernel/mm/transparent_hugepage/defrag: Read-only file system
有兩種解決方案:
1、在所有的node節點執行上面兩條命令,這樣執行後建立後就沒有報錯了。
2、建立demonset(暫時還沒搞懂),具體可以參考:http://pauldone.blogspot.com/2017/06/mongodb-kubernetes-production-settings.html
官方文檔:https://docs.mongodb.com/manual/replication/
專門在k8s上安裝Mongodb:http://k8smongodb.net/
kubernetes上安裝MongoDB-3.6.5叢集複本集方式