MongoDBのインストールと合わせて、認証の有効化・テストデータの投入も行います。
Vagrantfile
VAGRANTFILE_API_VERSION = "2"
Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
config.vm.box = "bento/centos-7.4"
config.vm.hostname = "co74mongodb36"
config.vm.provider :virtualbox do |vbox|
vbox.name = "co74mongodb36"
vbox.cpus = 4
vbox.memory = 4096
vbox.customize ["modifyvm", :id, "--nicpromisc2","allow-all"]
end
# private network
config.vm.network "private_network", ip: "192.168.55.104", :netmask => "255.255.255.0"
# bridge netwrok
config.vm.network "public_network", ip: "192.168.1.104", :netmask => "255.255.255.0"
config.vm.provision "shell", inline: <<-SHELL
#yum -y install unzip
#useradd mongod
yum -y install curl
cat << EOF > /etc/init.d/disable-transparent-hugepages
#!/bin/bash
### BEGIN INIT INFO
# Provides: disable-transparent-hugepages
# Required-Start: $local_fs
# Required-Stop:
# X-Start-Before: mongod mongodb-mms-automation-agent
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Disable Linux transparent huge pages
# Description: Disable Linux transparent huge pages, to improve
# database performance.
### END INIT INFO
case \\$1 in
start)
if [ -d /sys/kernel/mm/transparent_hugepage ]; then
thp_path=/sys/kernel/mm/transparent_hugepage
elif [ -d /sys/kernel/mm/redhat_transparent_hugepage ]; then
thp_path=/sys/kernel/mm/redhat_transparent_hugepage
else
return 0
fi
echo 'never' > \\${thp_path}/enabled
echo 'never' > \\${thp_path}/defrag
re='^[0-1]+$'
if [[ \\$(cat \\${thp_path}/khugepaged/defrag) =~ \\$re ]]
then
# RHEL 7
echo 0 > \\${thp_path}/khugepaged/defrag
else
# RHEL 6
echo 'no' > \\${thp_path}/khugepaged/defrag
fi
unset re
unset thp_path
;;
esac
EOF
chmod 755 /etc/init.d/disable-transparent-hugepages
chkconfig --add disable-transparent-hugepages
/etc/init.d/disable-transparent-hugepages start
cat << EOF > /etc/yum.repos.d/mongodb-org-3.6.repo
[mongodb-org-3.6]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/7/mongodb-org/3.6/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-3.6.asc
EOF
yum install -y mongodb-org
mkdir -p /srv/mongodb/
openssl rand -base64 741 > /srv/mongodb/mongodb-keyfile
chmod 600 /srv/mongodb/mongodb-keyfile
chown mongod:mongod /srv/mongodb/mongodb-keyfile
systemctl enable mongod
systemctl start mongod
# wait until mongod starts listening.
while netstat -lnt | awk '$4 ~ /:27017$/ {exit 1}'; do sleep 10; done
cat << EOF | mongo
var db = db.getSiblingDB('admin');
db.createUser({user:"admin",pwd:"admin",roles:[{role:"userAdminAnyDatabase",db:"admin"}]});
EOF
echo 'security:' >> /etc/mongod.conf
echo ' authorization: enabled' >> /etc/mongod.conf
echo ' keyFile: /srv/mongodb/mongodb-keyfile' >> /etc/mongod.conf
sed -i -e 's/bindIp: 127.0.0.1/bindIp: 192.168.55.104/' /etc/mongod.conf
systemctl restart mongod
while netstat -lnt | awk '$4 ~ /:27017$/ {exit 1}'; do sleep 10; done
# create a test user.
cat << EOF | mongo --host 192.168.55.104 -u "admin" -p "admin" --authenticationDatabase "admin"
var db = db.getSiblingDB('test');
db.createUser({user:"test",pwd:"test",roles:[{role:"readWrite",db:"test"}]});
EOF
# create sample data
cat << EOF | mongo --host 192.168.55.104 -u "test" -p "test" --authenticationDatabase "test"
var db = db.getSiblingDB('test');
db.products.insert( { item: "chair", qty: 15 } );
db.products.insert( { item: "table", qty: 3 } );
db.products.find();
EOF
SHELL
end
0 件のコメント:
コメントを投稿