CockroachDB is a resilient, distributed SQL database designed for high availability and scalability. This tutorial provides a step-by-step guide to setting up a secure, three-node CockroachDB cluster on Ubuntu 22.04.
📋 Prerequisites
Before you begin, ensure you have:
- Three Ubuntu 22.04 servers (e.g., node1, node2, node3).
- Root or sudo access on each server.
- Static IP addresses assigned to each node.
🔧 Step 1: Update System Packages
Run the following commands on each node to update system packages:
sudo apt update -y
sudo apt upgrade -y
sudo reboot
⏱️ Step 2: Configure Time Synchronization
Accurate time synchronization is crucial for CockroachDB clusters. Install and configure chrony on each node:
sudo apt install chrony -y
sudo nano /etc/chrony/chrony.conf
Replace the default pool lines with:
pool 0.pool.ntp.org iburst
pool 1.pool.ntp.org iburst
pool 2.pool.ntp.org iburst
pool 3.pool.ntp.org iburst
Save and exit the file, then restart and enable chrony:
sudo systemctl restart chrony
sudo systemctl enable chrony
📥 Step 3: Install CockroachDB on All Nodes
Execute the following commands on each node:
wget https://binaries.cockroachdb.com/cockroach-latest.linux-amd64.tgz
tar -xvzf cockroach-latest.linux-amd64.tgz
sudo cp -i cockroach-*/cockroach /usr/local/bin/
cockroach version
🔐 Step 4: Generate Security Certificates
4.1 Create Certificate Directory
On each node:
mkdir -p ~/certs ~/my-safe-directory
4.2 Generate CA Certificate on
node1
On node1:
cockroach cert create-ca --certs-dir=~/certs --ca-key=~/my-safe-directory/ca.key
Distribute the CA certificate and key to node2 and node3:
scp ~/certs/ca.crt [email protected]:~/certs/
scp ~/my-safe-directory/ca.key [email protected]:~/my-safe-directory/
scp ~/certs/ca.crt [email protected]:~/certs/
scp ~/my-safe-directory/ca.key [email protected]:~/my-safe-directory/
4.3 Generate Node Certificates on Each Node
Replace <node-ip> with the respective IP address.
cockroach cert create-node <node-ip> localhost $(hostname) --certs-dir=~/certs --ca-key=~/my-safe-directory/ca.key
Repeat this step on each node with its corresponding IP address.
4.4 Generate Client Certificate on Each Node
On each node:
cockroach cert create-client root --certs-dir=~/certs --ca-key=~/my-safe-directory/ca.key
🚀 Step 5: Start the CockroachDB Cluster
5.1 Start CockroachDB on
node1
On node1:
cockroach start --certs-dir=~/certs --advertise-addr=192.168.10.10 --join=192.168.10.10,192.168.10.11,192.168.10.12 --background
Initialize the cluster:
cockroach init --certs-dir=~/certs --host=192.168.10.10
5.2 Start CockroachDB on
node2
and
node3
On node2:
cockroach start --certs-dir=~/certs --advertise-addr=192.168.10.11 --join=192.168.10.10,192.168.10.11,192.168.10.12 --background
On node3:
cockroach start --certs-dir=~/certs --advertise-addr=192.168.10.12 --join=192.168.10.10,192.168.10.11,192.168.10.12 --background
📊 Step 6: Access the CockroachDB Web Interface
Open a web browser and navigate to:
https://192.168.10.10:8080
Log in using the root user.
🔄 Step 7: Verify Cluster Status
On node1:
cockroach node status --certs-dir=~/certs --host=192.168.10.10
You should see all three nodes listed and marked as healthy.
🧪 Step 8: Test Database Replication
On node1:
cockroach sql --certs-dir=~/certs --host=192.168.10.10
Within the SQL shell:
CREATE DATABASE testdb;
SHOW DATABASES;
Exit the SQL shell:
\q
Repeat the SHOW DATABASES; command on node2 and node3 to confirm replication.
✅ Conclusion
You’ve successfully set up a secure, three-node CockroachDB cluster on Ubuntu 22.04. This configuration ensures high availability and resilience for your distributed SQL workloads.
Meta Description: Step-by-step guide to installing and configuring a secure CockroachDB cluster on Ubuntu 22.04. Learn how to set up certificates, start nodes, and verify replication.
SEO Keywords: CockroachDB cluster Ubuntu 22.04, install CockroachDB Ubuntu, CockroachDB secure setup, distributed SQL database Ubuntu
Hướng dẫn cài đặt Cluster Kafka trên Ubuntu
https://forum.congdonglinux.com
Add Comment