MongoDB Master-slave replication architecture with authentication

Let's start with a few commands about MongoDB:

1. Create User Db.adduser (' username ', ' password ');

2. Query the current library user information db,system.users.find ();

3. Enter the response database use DatabaseName;

4. Displays the size information for all libraries in the current database show DBS;

5. Display all table information for the current library show collections;

6. User authentication of Data db.auth (' username ', ' password ');

Back to the Chase

About MongoDB master-slave replication

master-slave replication without account verification

This scheme is very well understood and easy to operate, but not safe to use. The operation steps are as follows:

Introduction to the System environment: Ubuntu 12.04.1, MongoDB Shell version:2.6.1

When you start, you only need to specify Master and slave as follows:

Mongod--dbpath=/usr/local/mongodb/data/mongodb_27017/--fork--logpath=/var/log/mongod.log--port 27017--master

Mongod--dbpath=/usr/local/mongodb/data/mongodb_27018/--fork--logpath=/var/log/mongod27018.log--port 27018-- Slave--source=127.0.0.1:2701

master-slave replication with account verification

This kind of solution is a bit troublesome, MongoDB Official document noted, need to use a keyfile keyword for data synchronization, just yo--auth is not. The operation steps are as follows:

Introduction to the System environment: Ubuntu 12.04.1, MongoDB Shell version:2.6.1

Step one, the first to enter the admin library to set up an admin account, this account for the Administrator account, all the libraries have added and deleted to change the permissions, the following steps:

MONGO--host = 127.0.0.1:27017 use
admin;
Db.adduser (' admin ', ' admin ');

Step two, stop the existing MongoDB, and then start with the following parameters, test the admin account is correct

Mongod--dbpath=/usr/local/mongodb/data/mongodb_27017/--fork--logpath=/var/log/mongod.log--port 27017--auth
MONGO--host = 127.0.0.1:27017 use
admin;
Db.auth (' admin ', ' admin ');

Step three, the same operation steps on the slave, to set the slave admin account and verify (remember if the master and slave on the same machine, use the same port,)

Step four, stop to master and slave, and then generate the key file. The steps are as follows:

OpenSSL rand-base64 741 >/root/mongo-keyfile

Generates a file in Root's host directory Mongo-keyfile file ll, look at this file size, the first time I generated a file size of 0, resulting in a failure to start

Fifth step, start the master-slave two MONGO. Steps are as follows

Mongod--dbpath=/usr/local/mongodb/data/mongodb_27017/--fork--logpath=/var/log/mongod.log--port 27017--auth-- Master--keyfile/root/mongo-keyfile
mongod--dbpath=/usr/local/mongodb/data/mongodb_27018/--fork--logpath=/ Var/log/mongod27018.log--port 27018--slave--source=127.0.0.1:27017--auth--keyfile/root/mongo-keyfile

So that when the Lord is operated, it will change from nature.

About MongoDB account Settings management and non-administrator settings

The above describes how to create an "administrator" account, which is not described here, the following describes how to create normal user rights

Create a logdb library of ordinary users, this user can only operate this database, the code is as follows

#创建一个可读写账户 use
logdb;
Db.adduser (' username ', ' password ');
#创建一个只读账户 use
logdb;
Db.adduser (' username ', ' password ', true)

This article from "Loyalty" blog, reproduced please contact the author!

MongoDB Master-slave replication architecture with authentication