要重命名副本集,您必须关闭副本集的所有成员,然后使用新的副本集名称配置每个成员的数据库。
此过程需要停机。
确保您的副本集未分片。重命名过程仅适用于未分片的副本集。
在重命名副本集之前,请 对 MongoDB 部署执行完整备份。
做好备份非常重要,无论如何,请先在测试环境验证后再执行该操作
启用身份验证后,请确保您的用户角色对每个成员数据库中的集合具有 find、insert 和 remove 权限。
db.runCommand(
{
rolesInfo: { role: "xxxxx", db: "yyyyyy" },
showPrivileges: true
}
)
授权
db.getUser("admin")
{
"_id" : "admin.admin",
"userId" : UUID("adb37ec9-89e9-464b-a241-029194bec6ef"),
"user" : "admin",
"db" : "admin",
"roles" : [
{
"role" : "root",
"db" : "admin"
}
],
"mechanisms" : [
"SCRAM-SHA-1",
"SCRAM-SHA-256"
]
}
db.createRole(
{
role: "collectionRole",
privileges: [
{ resource: { db: "local", collection: "system.replset" }, actions: [ "find", "remove", "insert" ] }
],
roles: []
}
)
db.grantRolesToUser("admin",[{"role":"collectionRole","db":"admin"}])
db.getUser("admin")
{
"_id" : "admin.admin",
"userId" : UUID("adb37ec9-89e9-464b-a241-029194bec6ef"),
"user" : "admin",
"db" : "admin",
"roles" : [
{
"role" : "root",
"db" : "admin"
},
{
"role" : "collectionRole",
"db" : "admin"
}
],
"mechanisms" : [
"SCRAM-SHA-1",
"SCRAM-SHA-256"
]
}
此步骤需要停机,因为所有副本成员都需要关闭。
当前副本集名称 “set” : “sit_rs1”
{
"set" : "sit_rs1",
"date" : ISODate("2023-11-10T08:08:08.707Z"),
"myState" : 1,
......
"members" : [
{
"_id" : 1,
"name" : "192.168.88.11:27018",
"health" : 1,
"state" : 2,
"stateStr" : "SECONDARY",
......
},
{
"_id" : 3,
"name" : "192.168.88.11:27017",
"health" : 1,
"state" : 1,
"stateStr" : "PRIMARY",
......
},
{
"_id" : 4,
"name" : "192.168.88.11:27019",
"health" : 1,
"state" : 2,
"stateStr" : "SECONDARY",
.....
}
],
"ok" : 1,
"$clusterTime" : {
"clusterTime" : Timestamp(1699603684, 1),
"signature" : {
"hash" : BinData(0,"yDDKmbDiNNhNxzN+xh20IjGyr3o="),
"keyId" : NumberLong("7236938018798436354")
}
},
"operationTime" : Timestamp(1699603684, 1)
}
关闭副本集成员,三台都关闭
# shutdown 27019
su mongodb -s /bin/bash -c "/usr/local/mongodb/bin/mongod --dbpath /data/mongodb27019/data --port 27019 --shutdown"
# shutdown 27018
su mongodb -s /bin/bash -c "/usr/local/mongodb/bin/mongod --dbpath /data/mongodb27018/data --port 27018 --shutdown"
# shutdown 27017
su mongodb -s /bin/bash -c "/usr/local/mongodb/bin/mongod --dbpath /data/mongodb/data --port 27017 --shutdown"
对每个副本集成员执行以下步骤: ( 以其中一台 27019 为例 )
root@ubuntu-x64_01:/opt# cat /etc/mongod27019.conf
systemLog:
destination: file
path: "/data/mongodb27019/log/mongod.log"
logAppend: true
storage:
dbPath: "/data/mongodb27019/data"
journal:
enabled: true
directoryPerDB: true
processManagement:
fork: true
net:
bindIp: localhost,192.168.88.11
#port: 27019
port: 28019
maxIncomingConnections: 65536
security:
keyFile: "/data/mongodb27019/data/replsetAIK"
clusterAuthMode: "keyFile"
authorization: enabled
#replication:
# replSetName: "sit_rs1"
# enableMajorityReadConcern: true
启动副本集成员:
root@ubuntu-x64_01:/opt# su mongodb -s /bin/bash -c "/usr/local/mongodb/bin/mongod --config /etc/mongod27019.conf 2>&1 >/dev/null &"
更新副本集名称。
如果使用配置文件,请设置 replication.replSetName 为新名称。replSetName: “sit_rs1” 变更为 replSetName: “local_rs1”
root@ubuntu-x64_01:/opt# cat /etc/mongod27019.conf
systemLog:
destination: file
path: "/data/mongodb27019/log/mongod.log"
logAppend: true
storage:
dbPath: "/data/mongodb27019/data"
journal:
enabled: true
directoryPerDB: true
processManagement:
fork: true
net:
bindIp: localhost,192.168.88.11
#port: 27019
port: 28019
maxIncomingConnections: 65536
security:
keyFile: "/data/mongodb27019/data/replsetAIK"
clusterAuthMode: "keyFile"
authorization: enabled
replication:
replSetName: "local_rs1"
enableMajorityReadConcern: true
使用以下命令更新本地数据库中的副本集名称:
> use local
switched to db local
> db.system.replset.find().pretty()
{
"_id" : "sit_rs1",
"version" : 20,
"term" : 249,
"protocolVersion" : NumberLong(1),
"writeConcernMajorityJournalDefault" : true,
"members" : [
{
"_id" : 1,
"host" : "192.168.88.11:27018",
"arbiterOnly" : false,
"buildIndexes" : true,
"hidden" : false,
"priority" : 1,
"tags" : {
},
"slaveDelay" : NumberLong(0),
"votes" : 1
},
{
"_id" : 3,
"host" : "192.168.88.11:27017",
"arbiterOnly" : false,
"buildIndexes" : true,
"hidden" : false,
"priority" : 1,
"tags" : {
},
"slaveDelay" : NumberLong(0),
"votes" : 1
},
{
"_id" : 4,
"host" : "192.168.88.11:27019",
"arbiterOnly" : false,
"buildIndexes" : true,
"hidden" : false,
"priority" : 1,
"tags" : {
},
"slaveDelay" : NumberLong(0),
"votes" : 1
}
],
"settings" : {
"chainingAllowed" : true,
"heartbeatIntervalMillis" : 2000,
"heartbeatTimeoutSecs" : 10,
"electionTimeoutMillis" : 10000,
"catchUpTimeoutMillis" : -1,
"catchUpTakeoverDelayMillis" : 30000,
"getLastErrorModes" : {
},
"getLastErrorDefaults" : {
"w" : 1,
"wtimeout" : 0
},
"replicaSetId" : ObjectId("6305db8beb57aaf6f57b130e")
}
}
> var newId = 'local_rs1'
> var doc = db.getSiblingDB("local").system.replset.findOne()
> var oldId = doc._id
> print(oldId, newId)
sit_rs1 local_rs1
> doc._id = newId
local_rs1
> db.getSiblingDB("local").system.replset.insertOne(doc)
{ "acknowledged" : true, "insertedId" : "local_rs1" }
> db.getSiblingDB("local").system.replset.deleteOne({_id: oldId})
{ "acknowledged" : true, "deletedCount" : 1 }
> db.getSiblingDB("local").system.replset.find().pretty()
{
"_id" : "local_rs1",
"version" : 20,
"term" : 249,
"protocolVersion" : NumberLong(1),
"writeConcernMajorityJournalDefault" : true,
"members" : [
{
"_id" : 1,
"host" : "192.168.88.11:27018",
"arbiterOnly" : false,
"buildIndexes" : true,
"hidden" : false,
"priority" : 1,
"tags" : {
},
"slaveDelay" : NumberLong(0),
"votes" : 1
},
{
"_id" : 3,
"host" : "192.168.88.11:27017",
"arbiterOnly" : false,
"buildIndexes" : true,
"hidden" : false,
"priority" : 1,
"tags" : {
},
"slaveDelay" : NumberLong(0),
"votes" : 1
},
{
"_id" : 4,
"host" : "192.168.88.11:27019",
"arbiterOnly" : false,
"buildIndexes" : true,
"hidden" : false,
"priority" : 1,
"tags" : {
},
"slaveDelay" : NumberLong(0),
"votes" : 1
}
],
"settings" : {
"chainingAllowed" : true,
"heartbeatIntervalMillis" : 2000,
"heartbeatTimeoutSecs" : 10,
"electionTimeoutMillis" : 10000,
"catchUpTimeoutMillis" : -1,
"catchUpTakeoverDelayMillis" : 30000,
"getLastErrorModes" : {
},
"getLastErrorDefaults" : {
"w" : 1,
"wtimeout" : 0
},
"replicaSetId" : ObjectId("6305db8beb57aaf6f57b130e")
}
}
关闭副本集成员,在其原始端口上启动副本集成员。如果使用配置文件,请确保将其 replication.replSetName 已经设置为新的副本集名称。
replication:
replSetName: "local_rs1"
enableMajorityReadConcern: true
在其原始端口上启动副本集成员。
root@ubuntu-x64_01:/opt# cat /etc/mongod27019.conf
systemLog:
destination: file
path: "/data/mongodb27019/log/mongod.log"
logAppend: true
storage:
dbPath: "/data/mongodb27019/data"
journal:
enabled: true
directoryPerDB: true
processManagement:
fork: true
net:
bindIp: localhost,192.168.88.11
port: 27019
maxIncomingConnections: 65536
security:
keyFile: "/data/mongodb27019/data/replsetAIK"
clusterAuthMode: "keyFile"
authorization: enabled
replication:
replSetName: "local_rs1"
enableMajorityReadConcern: true
按上面的操作,在另外两个实例都执行一遍后, 执行修改后,整个副本集状态如下:
local_rs1:PRIMARY> rs.status()
{
"set" : "local_rs1",
"date" : ISODate("2023-11-15T11:25:05.087Z"),
"myState" : 1,
"term" : NumberLong(251),
"syncSourceHost" : "",
"syncSourceId" : -1,
"heartbeatIntervalMillis" : NumberLong(2000),
"majorityVoteCount" : 2,
"writeMajorityCount" : 2,
"votingMembersCount" : 3,
"writableVotingMembersCount" : 3,
"optimes" : {
"lastCommittedOpTime" : {
"ts" : Timestamp(1700047503, 1),
"t" : NumberLong(251)
},
"lastCommittedWallTime" : ISODate("2023-11-15T11:25:03.985Z"),
"readConcernMajorityOpTime" : {
"ts" : Timestamp(1700047503, 1),
"t" : NumberLong(251)
},
"readConcernMajorityWallTime" : ISODate("2023-11-15T11:25:03.985Z"),
"appliedOpTime" : {
"ts" : Timestamp(1700047503, 1),
"t" : NumberLong(251)
},
"durableOpTime" : {
"ts" : Timestamp(1700047503, 1),
"t" : NumberLong(251)
},
"lastAppliedWallTime" : ISODate("2023-11-15T11:25:03.985Z"),
"lastDurableWallTime" : ISODate("2023-11-15T11:25:03.985Z")
},
"lastStableRecoveryTimestamp" : Timestamp(1700047503, 1),
"electionCandidateMetrics" : {
"lastElectionReason" : "electionTimeout",
"lastElectionDate" : ISODate("2023-11-15T11:16:43.867Z"),
"electionTerm" : NumberLong(251),
"lastCommittedOpTimeAtElection" : {
"ts" : Timestamp(0, 0),
"t" : NumberLong(-1)
},
"lastSeenOpTimeAtElection" : {
"ts" : Timestamp(1699610346, 1),
"t" : NumberLong(249)
},
"numVotesNeeded" : 2,
"priorityAtElection" : 1,
"electionTimeoutMillis" : NumberLong(10000),
"numCatchUpOps" : NumberLong(0),
"newTermStartDate" : ISODate("2023-11-15T11:16:43.877Z"),
"wMajorityWriteAvailabilityDate" : ISODate("2023-11-15T11:16:44.535Z")
},
"members" : [
{
"_id" : 1,
"name" : "192.168.88.11:27018",
"health" : 1,
"state" : 2,
"stateStr" : "SECONDARY",
"uptime" : 511,
"optime" : {
"ts" : Timestamp(1700047503, 1),
"t" : NumberLong(251)
},
"optimeDurable" : {
"ts" : Timestamp(1700047503, 1),
"t" : NumberLong(251)
},
"optimeDate" : ISODate("2023-11-15T11:25:03Z"),
"optimeDurableDate" : ISODate("2023-11-15T11:25:03Z"),
"lastAppliedWallTime" : ISODate("2023-11-15T11:25:03.985Z"),
"lastDurableWallTime" : ISODate("2023-11-15T11:25:03.985Z"),
"lastHeartbeat" : ISODate("2023-11-15T11:25:04.468Z"),
"lastHeartbeatRecv" : ISODate("2023-11-15T11:25:03.448Z"),
"pingMs" : NumberLong(0),
"lastHeartbeatMessage" : "",
"syncSourceHost" : "192.168.88.11:27019",
"syncSourceId" : 4,
"infoMessage" : "",
"configVersion" : 20,
"configTerm" : 251
},
{
"_id" : 3,
"name" : "192.168.88.11:27017",
"health" : 1,
"state" : 2,
"stateStr" : "SECONDARY",
"uptime" : 26,
"optime" : {
"ts" : Timestamp(1700047503, 1),
"t" : NumberLong(251)
},
"optimeDurable" : {
"ts" : Timestamp(1700047503, 1),
"t" : NumberLong(251)
},
"optimeDate" : ISODate("2023-11-15T11:25:03Z"),
"optimeDurableDate" : ISODate("2023-11-15T11:25:03Z"),
"lastAppliedWallTime" : ISODate("2023-11-15T11:25:03.985Z"),
"lastDurableWallTime" : ISODate("2023-11-15T11:25:03.985Z"),
"lastHeartbeat" : ISODate("2023-11-15T11:25:04.520Z"),
"lastHeartbeatRecv" : ISODate("2023-11-15T11:25:04.285Z"),
"pingMs" : NumberLong(0),
"lastHeartbeatMessage" : "",
"syncSourceHost" : "192.168.88.11:27019",
"syncSourceId" : 4,
"infoMessage" : "",
"configVersion" : 20,
"configTerm" : 251
},
{
"_id" : 4,
"name" : "192.168.88.11:27019",
"health" : 1,
"state" : 1,
"stateStr" : "PRIMARY",
"uptime" : 16264,
"optime" : {
"ts" : Timestamp(1700047503, 1),
"t" : NumberLong(251)
},
"optimeDate" : ISODate("2023-11-15T11:25:03Z"),
"lastAppliedWallTime" : ISODate("2023-11-15T11:25:03.985Z"),
"lastDurableWallTime" : ISODate("2023-11-15T11:25:03.985Z"),
"syncSourceHost" : "",
"syncSourceId" : -1,
"infoMessage" : "",
"electionTime" : Timestamp(1700047003, 1),
"electionDate" : ISODate("2023-11-15T11:16:43Z"),
"configVersion" : 20,
"configTerm" : 251,
"self" : true,
"lastHeartbeatMessage" : ""
}
],
"ok" : 1,
"$clusterTime" : {
"clusterTime" : Timestamp(1700047503, 1),
"signature" : {
"hash" : BinData(0,"FkEFPk5B3ZB364V3c3RkkEoBChI="),
"keyId" : NumberLong("7236938018798436354")
}
},
"operationTime" : Timestamp(1700047503, 1)
}
回收权限,由于角色是临时授权的,操作结束后,回收该集合的变更权限
local_rs1:PRIMARY> use admin
switched to db admin
local_rs1:PRIMARY> db.getUser("admin")
{
"_id" : "admin.admin",
"userId" : UUID("adb37ec9-89e9-464b-a241-029194bec6ef"),
"user" : "admin",
"db" : "admin",
"roles" : [
{
"role" : "root",
"db" : "admin"
},
{
"role" : "collectionRole",
"db" : "admin"
}
],
"mechanisms" : [
"SCRAM-SHA-1",
"SCRAM-SHA-256"
]
}
local_rs1:PRIMARY> db.revokeRolesFromUser("admin",[{"role":"collectionRole","db":"admin"}])
local_rs1:PRIMARY> db.getUser("admin")
{
"_id" : "admin.admin",
"userId" : UUID("adb37ec9-89e9-464b-a241-029194bec6ef"),
"user" : "admin",
"db" : "admin",
"roles" : [
{
"role" : "root",
"db" : "admin"
}
],
"mechanisms" : [
"SCRAM-SHA-1",
"SCRAM-SHA-256"
]
}