· mongo用户权限
#查看当前库下用户及授权
> use admin
> show users;
#新建用户并授权
> db.createUser({user: "mongoadmin", pwd: "password", roles: [{ role: "dbAdminAnyDatabase", db: "admin" },{ role: "readWriteAnyDatabase", db: "admin" },{ role: "userAdminAnyDatabase", db: "admin" }, { role: "clusterMonitor", db: "admin" }]})
#修改用户密码
> db.updateUser("myuser", {pwd: "newpassword"})
#mongo 用户myuser 新增授权clusterMonitor
> db.grantRolesToUser("myuser", [{ role: "clusterMonitor", db: "admin" }])
> db.grantRolesToUser("mongobackup", ["hostManager","clusterMonitor"])
#mongo回收mongoadmin用户的hostManager权限角色
>db.revokeRolesFromUser("mongoadmin",[{role:"hostManager",db:"admin"}])
#更新用户myuser授权为 clusterMonitor
> db.updateUser("myuser", { $addToSet: { roles: { role: "clusterMonitor", db: "admin" } } })
#mongo新增自定义killOp权限操作role,并授权用户db.createRole({ role: “killOpRole”, privileges: [ { resource: { anyResource: true }, actions: [“killCursors”] } ], roles: [] }) db.grantRolesToUser(“mongoadmin”, [“killOpRole”])
· mongo查看数据库业务连接
#mongo shell连接db
mongo 127.0.0.1/admin -uadmin -pxxx
#--authenticationDatabase 指定用于身份验证的数据库
mongo 127.0.0.1:27017/test -u testuser -p testpass --authenticationDatabase admin
#执行js操作
mongo --host 127.0.0.1 --port 27017 -uadmin -p{{admin_password}} --quiet /tmp/get_master.jscat <code class="language-bash">/tmp/get_master.js</code> primary = rs.isMaster().primary; primary_ip = primary.split(“:”)[0]; print(primary_ip)
> use dbyewu; > db.currentOp(true) #默认false为当前用户连接,true为所有用户 #结果过滤 client查看来源ip # mongo 127.0.0.1/admin -uadmin -pxxxxxxx --quiet --eval "db.currentOp(true)"|grep -w "client"|sort #less搜索指定的ns的db.collection, 过滤该连接操作的opid # less res.txt #终止连接的操作 ,例如 opid 61552685 # db.killOp(61552685) #查看当前连接数信息 >db.serverStatus().connections; #查看当前使用连接数 >db.serverStatus().connections.current #查看可用连接数 >db.serverStatus().connections.available
· mongo调整oplog&回收空间
#查看副本集架构节点
PRIMARY> rs.printSlaveReplicationInfo()
source: 10.102.124.83:27017
syncedTo: Thu Sep 21 2023 19:04:38 GMT+0800 (CST)
2 secs (0 hrs) behind the primary
source: 10.102.124.12:27017
syncedTo: Thu Sep 21 2023 13:47:11 GMT+0800 (CST)
19049 secs (5.29 hrs) behind the primary
#验证oplog大小
PRIMARY> db.getReplicationInfo()
{
"logSizeMB" : 51200,
"usedMB" : 50772.73,
"timeDiff" : 11249,
"timeDiffHours" : 3.12,
"tFirst" : "Thu Sep 21 2023 15:51:30 GMT+0800 (CST)",
"tLast" : "Thu Sep 21 2023 18:58:59 GMT+0800 (CST)",
"now" : "Thu Sep 21 2023 18:58:59 GMT+0800 (CST)"
}
#调整oplog size 100G
PRIMARY> db.adminCommand({replSetResizeOplog:1,size:100000})
{
"ok" : 1,
"operationTime" : Timestamp(1695294210, 854),
"$clusterTime" : {
"clusterTime" : Timestamp(1695294210, 854),
"signature" : {
"hash" : BinData(0,"SK8m9N1M4hS68QhibjiEzMqH3vg="),
"keyId" : NumberLong("7238507120675520721")
}
}
}
#整理碎片,回收空间
SECONDARY> use local
switched to db local
handong1:SECONDARY> db.runCommand({"compact" : "oplog.rs"})
{
"ok" : 1,
"$clusterTime" : {
"clusterTime" : Timestamp(1619694840, 1),
"signature" : {
"hash" : BinData(0,"AAAAAAAAAAAAAAAAAAAAAAAAAAA="),
"keyId" : NumberLong(0)
}
},
"operationTime" : Timestamp(1619694840, 1)
}· shard集群开启集合分片
#进入admin库
mongos> use admin;
#开启业务库db_testshard 分片
mongos> sh.enableSharding("db_testshard");
#进入业务库
mongos> use db_testshard;
#开启集合col_test hash分片片键索引
mongos> db.col_test.createIndex({"rid":"hashed"},{background:true})
#开启集合col_test分片
mongos> sh.shardCollection("db_testshard.col_test",{"rid":"hashed"});
#查看集群分片情况
mongos> sh.status()
#开启分片均衡器状态
mongos> sh.getBalancerState()
#停止分片均衡器
mongos> sh.stopBalancer()
#启动分片均衡器
mongos> sh.startBalancer()
#查看均衡器窗口期
mongos> sh.getBalancerWindow()
#设置均衡器窗口期
mongos> db.settings.update({_id: "balancer"}, {$set: {"activeWindow": {start: "01:00", stop: "07:00"}}}, {upsert:true})
WriteResult({ "nMatched" : 0, "nUpserted" : 1, "nModified" : 0, "_id" : "balancer" })
#分片数量过多,前端无法展示输出到文本shard_status
# mongo 127.0.0.1:27017/admin -uadmin -pxxxxxxxxxx --quiet --eval "sh.status()" > shard_status·提升隐藏备库为业务从
# 查看从库延时
rs.printSlaveReplicationInfo()
source: 10.102.124.100:27017
syncedTo: Fri Nov 10 2023 14:14:54 GMT+0800 (CST)
2 secs (0 hrs) behind the primary
source: 10.102.124.141:27017
syncedTo: Fri Nov 10 2023 12:38:19 GMT+0800 (CST)
5797 secs (1.61 hrs) behind the primary
#获取副本就配置赋值给cfg
> cfg = rs.conf()
... { "_id" : 2, "host" : "10.102.124.141:27017", "arbiterOnly" : false, "buildIndexes" : true, "hidden" : true, "priority" : 0, "tags" : { }, "slaveDelay" : NumberLong(43200), "votes" : 1 } ...
#优先级改成1
> cfg.members[2].priority = 1
#节点延时设置为0s
> cfg.members[2].slaveDelay = 0
#取消隐藏
> cfg.members[2].hidden = false
#配置生效
> rs.reconfig(cfg)
同步停止流控
kdb-3935:PRIMARY> db.serverStatus().flowControl;
{
"enabled" : true,
"targetRateLimit" : 1000000000,
"timeAcquiringMicros" : NumberLong(999620728),
"locksPerOp" : 1.366,
"sustainerRate" : 0,
"isLagged" : false,
"isLaggedCount" : 0,
"isLaggedTimeMicros" : NumberLong(0)
}
kdb-3935:PRIMARY> db.adminCommand( { setParameter: 1,enableFlowControl: false } )
{
"was" : true,
...
},
"operationTime" : Timestamp(1747826743, 449)
}
kdb-3935:PRIMARY> db.serverStatus().flowControl;
{
"enabled" : false,
"targetRateLimit" : 1000000000,
...
}
加快wg空闲内存释放
kdb-3935:PRIMARY> db.adminCommand({ getParameter: 1, tcmallocReleaseRate: 1 });{“tcmallocReleaseRate” : 1,“ok” : 1,“$clusterTime” : {“clusterTime” : Timestamp(1747828187, 472),“signature” : {“hash” : BinData(0,”0qO0keAc71llzxOBkp9/rlECqP8=”),“keyId” : NumberLong(“7454106868252672157”)}},“operationTime” : Timestamp(1747828187, 472)}kdb-3935:PRIMARY> db.adminCommand({ setParameter: 1, tcmallocReleaseRate: 2 });kdb-3935:PRIMARY> db.adminCommand({ getParameter: 1, tcmallocReleaseRate: 1 });