Untitled

mail@pastecode.io avatar
unknown
plain_text
3 years ago
3.0 kB
1
Indexable
Never
EBS_DEVICE='/dev/xvdb'
MONGODB_VERSION='4.0'
PORT='27017'
MONGODB_USER_ADMIN='admin'
MONGODB_PASSWORD_ADMIN='pass'
MONGODB_DATABASE_BUSINESS='helius_zgzmserver'
MONGODB_USER_BUSINESS='mongouser'
MONGODB_PASSWORD_BUSINESS='123123'




# Install MongoDB
sudo tee -a /etc/yum.repos.d/mongodb-org-${MONGODB_VERSION}.repo <<EOF
[mongodb-org-${MONGODB_VERSION}]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/amazon/2/mongodb-org/${MONGODB_VERSION}/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-${MONGODB_VERSION}.asc
EOF
sudo yum install -y mongodb-org




# Set up storage
sudo mkfs.xfs -f ${EBS_DEVICE}
echo "${EBS_DEVICE} /storage xfs defaults,auto,noatime,noexec 0 0" | sudo tee -a /etc/fstab
sudo mkdir -p /storage
sudo mount /storage
sudo chown -R mongod:mongod /storage
sudo blockdev --setra 32 ${EBS_DEVICE}
echo 'ACTION=="add", KERNEL=="'$1'", ATTR{bdi/read_ahead_kb}="16"' | sudo tee /etc/udev/rules.d/85-ebs.rules
sudo tee /etc/limits.conf <<EOF
* soft nofile 64000
* hard nofile 64000
* soft nproc 32000
* hard nproc 32000
EOF
sudo mkdir -p /storage/data /storage/log
sudo chown -R mongod:mongod /storage




# Set up authentication
sudo mkdir -p /mongo_auth
sudo tee /mongo_auth/mongodb.key <<EOF
不告诉你
EOF
sudo chmod 400 /mongo_auth/mongodb.key
sudo chown -R mongod:mongod /mongo_auth




# Configure and start mongod
sudo tee /etc/mongod.conf <<EOF
net:
port: ${PORT}
bindIpAll: true




systemLog:
destination: file
logAppend: true
path: /storage/log/mongod.log




storage:
dbPath: /storage/data
journal:
enabled: true




security:
authorization: enabled
keyFile: /mongo_auth/mongodb.key




processManagement:
fork: true
pidFilePath: /var/run/mongodb/mongod.pid




replication:
replSetName: s0
EOF
sudo systemctl enable mongod
sudo systemctl restart mongod




sleep 300 # Be safe! Wait for other servers to come up




# Deploy replication
REPLICA_CONFIG=$(cat <<EOF
{
"_id": "s0",
"version": 1,
"members": [
{
"_id": 1,
"host": "172.31.31.212:${PORT}",
"priority": 10
},
{
"_id": 2,
"host": "172.31.27.122:${PORT}",
"priority": 5
}
]
}
EOF
)
mongo --port ${PORT} <<EOF
rs.initiate(${REPLICA_CONFIG});
EOF




sleep 60 # Be safe! Wait for completion of election




# Create admin user
mongo --port ${PORT} <<EOF
use admin;
db.createUser(
{
user: "${MONGODB_USER_ADMIN}",
pwd: "${MONGODB_PASSWORD_ADMIN}",
roles: [ { role: "root", db: "admin" } ]
}
);
EOF




# Add arbiter
mongo --port ${PORT} <<EOF
use admin;
db.auth("${MONGODB_USER_ADMIN}", "${MONGODB_PASSWORD_ADMIN}")
rs.addArb("172.31.18.131:${PORT}")
EOF




sleep 60 # Be safe! Wait for completion of election




# Create database and user for business data
mongo --port ${PORT} <<EOF
use admin;
db.auth("${MONGODB_USER_ADMIN}", "${MONGODB_PASSWORD_ADMIN}")
use ${MONGODB_DATABASE_BUSINESS};
db.createUser(
{
user: "${MONGODB_USER_BUSINESS}",
pwd: "${MONGODB_PASSWORD_BUSINESS}",
roles: [ { role: "readWrite", db: "${MONGODB_DATABASE_BUSINESS}" } ]
}
);
EOF