mongodb_user、mongodb_replicaset模块是如何工作的?
mongodb_user、mongodb_replicaset模块是如何工作的?
提问于 2021-06-09 17:56:07
我正在尝试通过ansible自动化MongoDB安装和复制设置。因此,作为其中的一部分,我想利用ansible模块mongodb_user,mongodb_replicaset。在使用这个模块时,我面临一些问题。所以这需要点光
问题1:当我使用mongodb_user创建管理用户时,我得到了以下错误
- name: Create MongoDB root user admin
mongodb_user:
login_port: "{{ mongod_port }}"
database: "{{ mongodb_db_name }}"
name: "{{ mongodb_admin_user }}"
password: "{{ mongodb_admin_password }}"
roles: "root"获取错误如下
"msg": "Unable to add or update user: not master, full error: {'topologyVersion': {'processId': ObjectId('60c0f9ebe9bf9941528836df'), 'counter': 0}, 'ok': 0.0, 'errmsg': 'not master', 'code': 10107, 'codeName': 'NotWritablePrimary', '$gleStats': {'lastOpTime': Timestamp(0, 0), 'electionId': ObjectId('000000000000000000000000')}, 'lastCommittedOpTime': Timestamp(0, 0)}"
}从错误中,我可以理解它只有在进行MongoDB初始化之后才能工作。
所以我这样做了
- name: Initiate the Replicaset
command: "mongo --host 127.0.0.1 --port {{mongod_port}} --eval 'printjson(rs.initiate())'"在此之后,我能够成功地创建用户
现在我尝试使用下面的模块添加副本集,但不幸的是,它没有被添加,也没有引发任何发生的error.No更改
- name: Ensure replicaset Shard_0 exists
mongodb_replicaset:
login_host: localhost
login_user: xxxxx
login_password: yyyyy
replica_set: configRS
#members: "{{ groups['MongoC'] }}"
members: "{{ groups['MongoC'] | map('extract', hostvars, ['ansible_host']) | join(':27017,') }}:27017"
when: (groups['MongoC']|sort())[0] == inventory_hostname产出:
ok: [MongoC-1] => {
"changed": false,
"invocation": {
"module_args": {
"arbiter_at_index": null,
"auth_mechanism": null,
"chaining_allowed": true,
"connection_options": null,
"election_timeout_millis": 10000,
"heartbeat_timeout_secs": 10,
"login_database": "admin",
"login_host": "localhost",
"login_password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"login_port": 27017,
"login_user": "xxxxx",
"members": [
"10.0.1.141:27017",
"10.0.2.229:27017",
"10.0.3.30:27017"
],
"protocol_version": 1,
"replica_set": "configRS",
"ssl": false,
"ssl_ca_certs": null,
"ssl_cert_reqs": "CERT_REQUIRED",
"ssl_certfile": null,
"ssl_crlfile": null,
"ssl_keyfile": null,
"ssl_pem_passphrase": null,
"validate": true
}
},
"replica_set": "configRS"
}我用正确的方式使用模块了吗?
试用了rs.initiate而不是ansible模块,如下所示
replicaset.js
rs.initiate({
_id: "configRS",
configsvr: true,
members: [
{ _id: 1, host : "10.0.1.73:27017" },
{ _id: 2, host : "10.0.2.144:27017" },
{ _id: 3, host : "10.0.3.18:27017" },
]
}
);命令:
"mongo --port 27017 replicaset.js"得到的错误如下:
\t\"errmsg\" : \"not authorized on admin to execute command { replSetGetConfig: 1.0, lsid: { id: UUID(\\\"788e7cff-218c-4605-ab68-b3b6751634ca\\\") }, $db: \\\"admin\\\" }\",",
"\t\"code\" : 13,",
"\t\"codeName\" : \"Unauthorized\",",回答 1
Stack Overflow用户
回答已采纳
发布于 2021-06-09 19:44:20
而不是printjson(rs.initiate())尝试
rs.initiate(
{
_id: "configRS",
configsvr: true,
members: [
{ _id: 0, host: "10.0.1.141:27017" },
{ _id: 1, host: "10.0.2.229:27017" },
{ _id: 2, host: "10.0.3.30:27017" }
]
}
);
rs.status();
while (! db.isMaster().ismaster ) { sleep(1000) }那么您就不需要添加任何成员。
对于CSRS,我使用这样的剧本:
- hosts: config
tasks:
- name: Compose variables
set_fact:
rs_initiate: |
{% set members = [] %}
{% for host in groups['config'] | sort %}
{% set m = {'_id': loop.index0 } %}
{% set _ = m.update({'host': host + '.' + ansible_domain + ':' + ports.config | string }) %}
{% set _ = members.append(m) %}
{% endfor %}
{% set init = {'_id': replica_set.conf} %}
{% set _ = init.update({'members': members}) %}
{% set _ = init.update({'configsvr': true}) %}
{{ init }}
rs_members: |
{% set members = [] %}
{% for host in groups['config'] | sort %}
{% set _ = members.append(host + '.' + ansible_domain + ':' + ports.config | string) %}
{% endfor %}
{{ members }}
replicaSetURI: "mongodb://{{ groups['config'] | product([ports.config]) | map('join', ':') | join(',') }}/admin?authSource=admin&replicaSet={{ replica_set.conf }}"
- name: Check if Config Replicaset is initiated
shell:
cmd: "/usr/bin/mongo --norc --quiet localhost:{{ ports.config }}"
executable: /bin/bash
stdin: "rs.status().codeName"
register: result
changed_when: false
check_mode: no
- set_fact:
# Needed to ensure that the Config Server Replica Set (CSRS) is initiated only once
rs: |
{% set i = (result.stdout == 'NotYetInitialized') %}
{% for host in ansible_play_hosts %}
{% set i = i and (hostvars[host].result.stdout == 'NotYetInitialized') %}
{% endfor %}
{{ {'NotYetInitialized': i} }}
- name: Initiate Config Replicaset
shell:
cmd: "/usr/bin/mongo --norc --quiet localhost:{{ ports.config }}"
executable: /bin/bash
stdin: |
var i = rs.initiate({{ rs_initiate | to_json }})
if (i.ok != 1) print(i.errmsg)
var _ = rs.status()
while (! db.isMaster().ismaster ) sleep(1000)
rs.status().members.map(x => x.name)
if (i.ok == 1) {print(rs.status().ok)} else {print(0)}
register: ret
failed_when: ret.stdout_lines | last != "1"
when: rs.NotYetInitialized and inventory_hostname_short == groups['config'] | sort | first)
- debug:
msg: "{{ ret.stdout_lines }}"
when: not ansible_check_mode and rs.NotYetInitialized and inventory_hostname_short == (groups['config'] | sort | first) and ret.stdout != ''为了将主机添加到现有的CSRS中,我使用以下方法:
- hosts: config
tasks:
- meta: end_play
when: ansible_check_mode or rs.NotYetInitialized | default(false)
- name: Check current Config Server Replica Set members
shell:
cmd: "/usr/bin/mongo -u admin -p {{ password.admin }} --authenticationDatabase admin --norc --quiet localhost:{{ ports.config }}"
executable: /bin/bash
stdin: "rs.status().members.map(x => x.name)"
register: result
changed_when: false
when: inventory_hostname_short == (groups['config'] | sort | first)
- set_fact:
current_members: "{{ result.stdout | from_json }}"
when: inventory_hostname_short == (groups['config'] | sort | first)
- name: Add host to Config Server Replica Set
shell:
cmd: "/usr/bin/mongo -u admin -p {{ password.admin }} --authenticationDatabase admin --norc --quiet localhost:{{ ports.config }}"
executable: /bin/bash
stdin: "rs.add('{{ item }}')"
when: inventory_hostname_short == (groups['config'] | sort | first)
loop: "{{ rs_members | difference(current_members) | sort }}"
register: ret
failed_when: ret.stdout != ""我用这个剧本创建的用户
- hosts: application
tasks:
- name: Check if authentication is enabled
shell:
cmd: "/usr/bin/mongo -u admin -p {{ password.admin }} --authenticationDatabase admin --norc --quiet localhost:{{ ports.router }}"
executable: /bin/bash
stdin: exit
register: authenticate
failed_when: false
changed_when: false
check_mode: no
when: inventory_hostname_short == (groups['application'] | sort | first)
- name: Create admin user
shell:
cmd: "/usr/bin/mongo {{ (authenticate.rc == 0) | ternary('-u admin -p ' + password.admin + ' --authenticationDatabase admin', '') }} --norc --quiet localhost:{{ ports.router }}"
executable: /bin/bash
stdin: |
const admin = db.getSiblingDB("admin")
{% if authenticate.rc != 0 %}
admin.createUser({ user: "admin", pwd: "{{ password.admin }}", roles: ["root"] })
var _ = admin.auth("admin", "{{ password.admin }}")
{% endif %}
// Create more users if needed
when: inventory_hostname_short == (groups['application'] | sort | first)
register: ret_createUser
changed_when: ret_createUser.stdout != ''
- debug:
msg: "{{ ret_createUser.stdout.split('\n') }}"
when: not ansible_check_mode and inventory_hostname_short == (groups['application'] | sort | first) and ret_createUser.stdout != '' 页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/67909444
复制相关文章
相似问题
腾讯云开发者
