· mongo用户权限

#查看当前库下用户及授权
> use admin
> show users;

#新建用户并授权
> db.createUser({user: "mongoadmin", pwd: "password", roles: [{ role: "dbAdminAnyDatabase", db: "admin" },{ role: "readWriteAnyDatabase", db: "admin" },{ role: "userAdminAnyDatabase", db: "admin" }, { role: "clusterMonitor", db: "admin" }]})

#修改用户密码
> db.updateUser("myuser", {pwd: "newpassword"})

#mongo 用户myuser 新增授权clusterMonitor
> db.grantRolesToUser("myuser", [{ role: "clusterMonitor", db: "admin" }])
> db.grantRolesToUser("mongobackup", ["hostManager","clusterMonitor"])

#mongo回收mongoadmin用户的hostManager权限角色
>db.revokeRolesFromUser("mongoadmin",[{role:"hostManager",db:"admin"}])

#更新用户myuser授权为 clusterMonitor
> db.updateUser("myuser", { $addToSet: { roles: { role: "clusterMonitor", db: "admin" } } })

#mongo新增自定义killOp权限操作role，并授权用户

db.createRole({
role: “killOpRole”,
privileges: [
{ resource: { anyResource: true }, actions: [“killCursors”] }
],
roles: []
})
db.grantRolesToUser(“mongoadmin”, [“killOpRole”])

· mongo查看数据库业务连接

#mongo shell连接db
mongo 127.0.0.1/admin -uadmin -pxxx

#--authenticationDatabase 指定用于身份验证的数据库
mongo 127.0.0.1:27017/test -u testuser -p testpass --authenticationDatabase admin

#执行js操作
mongo --host 127.0.0.1 --port 27017 -uadmin -p{{admin_password}} --quiet /tmp/get_master.js

cat <code class="language-bash">/tmp/get_master.js</code>​

primary = rs.isMaster().primary;

primary_ip = primary.split(“:”)[0];

print(primary_ip)

> use dbyewu;
> db.currentOp(true)       #默认false为当前用户连接，true为所有用户

#结果过滤 client查看来源ip
# mongo 127.0.0.1/admin -uadmin -pxxxxxxx --quiet --eval "db.currentOp(true)"|grep -w "client"|sort

#less搜索指定的ns的db.collection, 过滤该连接操作的opid
# less res.txt

#终止连接的操作 ,例如 opid 61552685
# db.killOp(61552685)

#查看当前连接数信息 
>db.serverStatus().connections; 
#查看当前使用连接数 
>db.serverStatus().connections.current 
#查看可用连接数 
>db.serverStatus().connections.available

· mongo调整oplog&回收空间

#查看副本集架构节点
PRIMARY> rs.printSlaveReplicationInfo()
source: 10.102.124.83:27017
        syncedTo: Thu Sep 21 2023 19:04:38 GMT+0800 (CST)
        2 secs (0 hrs) behind the primary 
source: 10.102.124.12:27017
        syncedTo: Thu Sep 21 2023 13:47:11 GMT+0800 (CST)
        19049 secs (5.29 hrs) behind the primary 

#验证oplog大小
PRIMARY> db.getReplicationInfo()
{
        "logSizeMB" : 51200,
        "usedMB" : 50772.73,
        "timeDiff" : 11249,
        "timeDiffHours" : 3.12,
        "tFirst" : "Thu Sep 21 2023 15:51:30 GMT+0800 (CST)",
        "tLast" : "Thu Sep 21 2023 18:58:59 GMT+0800 (CST)",
        "now" : "Thu Sep 21 2023 18:58:59 GMT+0800 (CST)"
}
#调整oplog size 100G
PRIMARY> db.adminCommand({replSetResizeOplog:1,size:100000})
{
        "ok" : 1,
        "operationTime" : Timestamp(1695294210, 854),
        "$clusterTime" : {
                "clusterTime" : Timestamp(1695294210, 854),
                "signature" : {
                        "hash" : BinData(0,"SK8m9N1M4hS68QhibjiEzMqH3vg="),
                        "keyId" : NumberLong("7238507120675520721")
                }
        }
}

#整理碎片，回收空间
SECONDARY> use local
switched to db local
handong1:SECONDARY> db.runCommand({"compact" : "oplog.rs"})

{
     "ok" : 1,
     "$clusterTime" : {
         "clusterTime" : Timestamp(1619694840, 1),
         "signature" : {
             "hash" : BinData(0,"AAAAAAAAAAAAAAAAAAAAAAAAAAA="),
             "keyId" : NumberLong(0)
         }
     },
     "operationTime" : Timestamp(1619694840, 1)
}

· shard集群开启集合分片

#进入admin库
mongos> use admin;

#开启业务库db_testshard 分片
mongos> sh.enableSharding("db_testshard");

#进入业务库
mongos> use db_testshard;

#开启集合col_test hash分片片键索引
mongos> db.col_test.createIndex({"rid":"hashed"},{background:true})

#开启集合col_test分片
mongos> sh.shardCollection("db_testshard.col_test",{"rid":"hashed"});

#查看集群分片情况
mongos> sh.status()

#开启分片均衡器状态
mongos> sh.getBalancerState()
#停止分片均衡器
mongos> sh.stopBalancer()
#启动分片均衡器
mongos> sh.startBalancer()

#查看均衡器窗口期
mongos> sh.getBalancerWindow()
#设置均衡器窗口期
mongos> db.settings.update({_id: "balancer"}, {$set: {"activeWindow": {start: "01:00", stop: "07:00"}}}, {upsert:true})
WriteResult({ "nMatched" : 0, "nUpserted" : 1, "nModified" : 0, "_id" : "balancer" })

#分片数量过多，前端无法展示输出到文本shard_status
# mongo 127.0.0.1:27017/admin -uadmin -pxxxxxxxxxx  --quiet --eval "sh.status()" > shard_status

·提升隐藏备库为业务从

# 查看从库延时
> rs.printSlaveReplicationInfo()
source: 10.102.124.100:27017
        syncedTo: Fri Nov 10 2023 14:14:54 GMT+0800 (CST)
        2 secs (0 hrs) behind the primary 
source: 10.102.124.141:27017
        syncedTo: Fri Nov 10 2023 12:38:19 GMT+0800 (CST)
        5797 secs (1.61 hrs) behind the primary 

#获取副本就配置赋值给cfg
> cfg = rs.conf()
...
                {
                        "_id" : 2,
                        "host" : "10.102.124.141:27017",
                        "arbiterOnly" : false,
                        "buildIndexes" : true,
                        "hidden" : true,
                        "priority" : 0,
                        "tags" : {

                        },
                        "slaveDelay" : NumberLong(43200),
                        "votes" : 1
                }
...
#优先级改成1
> cfg.members[2].priority = 1
#节点延时设置为0s
> cfg.members[2].slaveDelay = 0
#取消隐藏
> cfg.members[1].hidden = false
#配置生效
> rs.reconfig(cfg)