Linux下安装Mongodb
1. 离线安装 MongoDB
1.1 文档编写时的安装环境
操作系统:CentOS Linux release 7.5.1804 (Core)
虚拟机环境:内存 974M,磁盘 20G,CPU 架构 x86_64
1.2 准备
安装版本:4.2.10
下载如下 5 个包,下载链接
mongodb-org-server-4.2.10-1.el7.x86_64.rpm
mongodb-org-shell-4.2.10-1.el7.x86_64.rpm
mongodb-org-mongos-4.2.10-1.el7.x86_64.rpm
mongodb-org-tools-4.2.10-1.el7.x86_64.rpm
mongodb-org-4.2.10-1.el7.x86_64.rpm
1.3 安装步骤
a. 将 rpm 的压缩包(mongodb4.2.10-rpm 安装包.tar)上传至业务账号的根目录;
b. 解压缩文件 mongodb4.2.10-rpm 安装包.tar;
[hadoop@Master ~]$ tar -xvf mongodb4.2.10-rpm 安装包.tar
c. 安装 rpm 包
[hadoop@Master ~]$ cd mongodb4.2.10-rpm [hadoop@Master mongodb4.2.10-rpm]$ sudo rpm -ivh mongodb-org-server-4.2.10-1.el7.x86_64.rpm [hadoop@Master mongodb4.2.10-rpm]$ sudo rpm -ivh mongodb-org-shell-4.2.10-1.el7.x86_64.rpm [hadoop@Master mongodb4.2.10-rpm]$ sudo rpm -ivh mongodb-org-mongos-4.2.10-1.el7.x86_64.rpm [hadoop@Master mongodb4.2.10-rpm]$ sudo rpm -ivh mongodb-org-tools-4.2.10-1.el7.x86_64.rpm [hadoop@Master mongodb4.2.10-rpm]$ sudo rpm -ivh mongodb-org-4.2.10-1.el7.x86_64.rpm
d. 防止在线升级
[hadoop@Master mongodb4.2.10-rpm]$ sudo vi /etc/yum.conf
exclude=mongodb-org,mongodb-org-server,mongodb-org-shell,mongodb-org-mongos,mongodb-org-tools
1.4 配置 mongdb
配置文件路径:/etc/mongod.conf
a. 创建 mongo 数据及日志存放路径
[hadoop@Master /]$ sudo mkdir -p /data/mongo/data
[hadoop@Master /]$ sudo mkdir -p /data/mongo/log
b. 修改几个重要默认配置
如:path,dbPath,pidFilePath,bindIp
systemLog: destination: file logAppend: true path: /data/mongo/log/mongod.log #日志存放路径 storage: dbPath: /data/mongo/data #数据存放路径 journal: enabled: true processManagement: fork: true # fork and run in background pidFilePath: /data/mongo/mongod.pid #pid 文件路径 timeZoneInfo: /usr/share/zoneinfo net: port: 27017 bindIp: 0.0.0.0 #任何主机皆可以连接
1.5 启动关闭
[hadoop@Master ~]$ sudo mongod -f /etc/mongod.conf #启动 [hadoop@Master ~]$ sudo mongod -f /etc/mongod.conf --shutdown #关闭 [hadoop@Master ~]$ mongo #客户端连接 mongo
1.6 配置 ssl
https://download.csdn.net/download/weixin_38701683/12844156
1.6.1 生成证书
a. 查看是否安装 openssl
[hadoop@Master ~]$ openssl version
b. 若没有安装请安装
c. 生成证书
参考文章 https://blog.csdn.net/Loiterer_Y/article/details/106709978
[root@Master ssl]# cd /etc/ssl/ #生成 ca.pem [root@Master ssl]# openssl req -out ca.pem -new -x509 -days 3650 输入密码 123456#生成 server.pem
[root@Master ssl]# openssl genrsa -out server.key 2048 #生成服务器端私钥
[root@Master ssl]# openssl req -key server.key -new -out server.req #生成服务器端申请文件
[root@Master ssl]# openssl x509 -req -in server.req -CA ca.pem -CAkey privkey.pem -CAcreateserial -out server.crt -days 3650 #生成服务器端证书
[root@Master ssl]# cat server.key server.crt > server.pem #合并服务器端私钥和服务器端证书,生成 server.pem
[root@Master ssl]# openssl verify -CAfile ca.pem server.pem #校验服务器端 pem 文件
server.pem: OK#生成 client.pem
[root@Master ssl]# openssl genrsa -out client.key 2048 #生成客户端私钥
[root@Master ssl]# openssl req -key client.key -new -out client.req #生成客户端申请文件
[root@Master ssl]# openssl x509 -req -in client.req -CA ca.pem -CAkey privkey.pem -CAserial ca.srl -out client.crt -days 3650 #生成客户端证书
[root@Master ssl]# openssl x509 -req -in client.req -CA ca.pem -CAkey privkey.pem -CAserial ca.srl -out client.crt -days 3650 #合并客户端私钥和客户端证书,生成 client.pem
[root@Master ssl]# openssl verify -CAfile ca.pem client.pem #校验客户端 pem 文件
client.pem: OK
1.6.2 配置 mongod.conf
#添加如下配置 net: tls: mode: requireTLS certificateKeyFile: /etc/ssl/server.pem certificateKeyFilePassword: 123456 CAFile: /etc/ssl/ca.pem allowConnectionsWithoutCertificates: true
1.6.3 mongo 客户端连接
参考链接 https://www.mongodb.com/docs/v4.2/tutorial/configure-ssl-clients/
[root@Master ssl]# mongo --tls --host 192.168.44.130 -tlsCAFile /etc/ssl/ca.pem --tlsCertificateKeyFile /etc/ssl/client.pem
1.6.4 java 驱动连接
参考文章 https://blog.csdn.net/loiterer_y/article/details/106716918
代码 https://gitee.com/idensir/CommonDemo/tree/master/MongoDBDemo
a. 将 ca.pem 入库
#keytool 为 jdk 安装自带的工具 [root@Master ssl]# keytool -import -keystore cacerts -file ca.pem -storepass 123456
b. 在 linux 服务器上将 client.pem 需转化为 pkcs12 格式
[root@Master ssl]# openssl pkcs12 -export -out mongodb.pkcs12 -in client.pem
c. 将 cacerts,mongodb.pkcs12 拷贝到客户端
d.maven 引入依赖
<!-- 新驱动 -->
<dependency>
<groupId>org.mongodb</groupId>
<artifactId>mongodb-driver-sync</artifactId>
<version>3.12.7</version>
</dependency>
<!-- 旧驱动 -->
<dependency>
<groupId>org.mongodb</groupId>
<artifactId>mongodb-driver-legacy</artifactId>
<version>3.12.7</version>
</dependency>
<!-- MongoTemplate 需要的依赖 -->
<dependency>
<groupId>org.springframework.data</groupId>
<artifactId>spring-data-mongodb</artifactId>
<version>2.2.10.RELEASE</version>
</dependency>
e. 旧版驱动连接
import com.mongodb.MongoClient; import com.mongodb.MongoClientURI; public class OldDriverConnector { public static void main(String[] args) {System.setProperty(</span>"javax.net.ssl.trustStore", "e://cacerts"<span style="color: rgba(0, 0, 0, 1)">); System.setProperty(</span>"javax.net.ssl.trustStorePassword", "123456"<span style="color: rgba(0, 0, 0, 1)">); </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)"> 配置信任证书</span> System.setProperty("javax.net.ssl.keyStore", "e://mongodb.pkcs12"<span style="color: rgba(0, 0, 0, 1)">); System.setProperty(</span>"javax.net.ssl.keyStorePassword", "123456"<span style="color: rgba(0, 0, 0, 1)">); </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)"> 连接mongo数据库</span> MongoClientURI uri = <span style="color: rgba(0, 0, 255, 1)">new</span> MongoClientURI("mongodb://192.168.44.130:27017/?serverSelectionTimeoutMS=1000&ssl=true" + "&sslinvalidhostnameallowed=true"<span style="color: rgba(0, 0, 0, 1)">); MongoClient client </span>= <span style="color: rgba(0, 0, 255, 1)">new</span> MongoClient(uri); <span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">注意引入的包为旧驱动中的包 </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)"> 获取mongo数据库中的库名</span>System.out.println(client.listDatabaseNames().first());
}}
f. 新版驱动连接
import com.mongodb.client.MongoClient; import com.mongodb.client.MongoClients; import org.springframework.data.mongodb.core.MongoTemplate; import java.util.List; public class NewDriverConnector { public static void main(String[] args) { System.setProperty("javax.net.ssl.trustStore", "e://cacerts"); System.setProperty("javax.net.ssl.trustStorePassword", "123456"); // 配置信任证书 System.setProperty("javax.net.ssl.keyStore", "e://mongodb.pkcs12"); System.setProperty("javax.net.ssl.keyStorePassword", "123456");</span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">注意引入的包为就版驱动包中的类</span> MongoClient mongoClient = MongoClients.create("mongodb://192.168.44.130:27017/?serverSelectionTimeoutMS=10000&ssl=true" + "&sslinvalidhostnameallowed=true"<span style="color: rgba(0, 0, 0, 1)">); System.out.println(mongoClient.listDatabaseNames().first()); MongoTemplate template </span>= <span style="color: rgba(0, 0, 255, 1)">new</span> MongoTemplate(mongoClient, "test"<span style="color: rgba(0, 0, 0, 1)">);// template.insert(new Person("aaa", 11, "女"));
List<Person> all = template.findAll(Person.class);
for (Person person : all) {
System.out.println(person.toString());
}
}
}
1.6.5 Navicat 连接
a. 设置连接
b. 将生成的 ca.pem,client.pem 拷贝到客户端,并设置 ssl
————————————————
版权声明:本文为 CSDN 博主「还之简」的原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接及本声明。
原文链接:https://blog.csdn.net/wuyindengliu/article/details/122364733