MongoDB Master-slave replication enables secure authentication

2.1.1DeploymentMongodbMaster-slave Example:Mongodb-masterExample

Environment:mongodb-master configuration file first commented out validation parameters:#auth = True

start mongodb-master and then set the Admin library login account and password:

[Email protected] logs]# mongo127.0.0.1:27017

MongoDB Shell version:3.0.5

Connecting To:127.0.0.1:27017/test

> Use admin;

Switched to DB admin

> Db.createuser (

... {

... User: "Root",

... pwd: "Zytest6699",

... roles: [{role: "root", DB: "admin"}]

...   }

... )

Successfully added User: {

"User": "Root",

"Roles": [

{

"Role": "Root",

"DB": "admin"

}

]

}

>db.auth ("root", "Zytest6699")

1

> Show Users;

{

"_id": "Admin.root",

"User": "Root",

"DB": "admin",

"Roles": [

{

"Role": "Root",

"DB": "admin"

}

]

}

to open the authentication login parameters of the Mongodb-master configuration file here:

Auth = True

Restart Mongodb-master service

login mongodb-master Create an administrative account for the Admin database under the Admin library:

[Email protected] ~]# MONGO 127.0.0.1:27017

MongoDB Shell version:3.0.5

Connecting To:127.0.0.1:27017/test

> Use admin;

Switched to DB admin

>db.auth ("root", "Zytest6699")

1

> Show Users;

{

"_id": "Admin.root",

"User": "Root",

"DB": "admin",

"Roles": [

{

"Role": "Root",

"DB": "admin"

}

]

}

> Db.createuser (

... {

... User: "Zydba",

... pwd: "Zytest6699",

... roles: [{role: "root", DB: "admin"}]

...   }

... )

Successfully added User: {

"User": "Zydba",

"Roles": [

{

"Role": "Root",

"DB": "admin"

}

]

}

> Shou users;

2017-09-10t09:36:18.511+0800 E QUERY syntaxerror:unexpected identifier

> Show Users;

{

"_id": "Admin.root",

"User": "Root",

"DB": "admin",

"Roles": [

{

"Role": "Root",

"DB": "admin"

}

]

}

{

"_id": "Admin." Zydba ",

"User": "Zydba",

"DB": "admin",

"Roles": [

{

"Role": "Root",

"DB": "admin"

}

]

}

Mongod-slavefrom an instance

To start a mongodb-slave instance:

[[email protected] mongodb-slave]#/etc/init.d/mongod1 start

Starting MongoDB Server ...

[[email protected] mongodb-slave]# about tofork child process, waiting until server was ready for connections.

Forked process:1896

Child process started successfully, parentexiting

[Email protected] mongodb-slave]# ss-lntup|grep MONGO

TCP LISTEN 0 *:27017 *:* Users: (("Mongod", 1709,6))

TCP LISTEN 0 *:27018 *:* Users: (("Mongod", 1896,6))

to view the log files for an Mongodb-slave instance:

[Email protected] logs]# Tailf/data/mongodb-slave/logs/mongodb.log

2017-09-10t09:55:44.007+0800 I REPL [Replslave] repl:syncing fromhost:127.0.0.1:27017

2017-09-10t09:55:54.008+0800 I REPL [Replslave] repl:syncing fromhost:127.0.0.1:27017

2017-09-10t09:56:04.008+0800 I REPL [Replslave] repl:syncing fromhost:127.0.0.1:27017

2017-09-10t09:56:14.008+0800 I REPL [Replslave] repl:syncing fromhost:127.0.0.1:27017

2017-09-10t09:56:24.008+0800 I REPL [Replslave] repl:syncing fromhost:127.0.0.1:27017

2017-09-10t09:56:34.009+0800 I REPL [Replslave] repl:syncing fromhost:127.0.0.1:27017

2017-09-10t09:56:44.009+0800 I REPL [Replslave] repl:syncing fromhost:127.0.0.1:27017

2017-09-10t09:56:54.009+0800 I REPL [Replslave] repl:syncing fromhost:127.0.0.1:27017

2017-09-10t09:57:04.009+0800 I REPL [Replslave] repl:syncing fromhost:127.0.0.1:27017

Tip the synchronization has started from the library.

2.1.2Verifying the master-slave replication configuration results

Install mongodb windows Client login software to verify that the operation master/slave is configured successfully

Robomongo 0.9.0-RC9

Main Library Validation:

2.1.3related configuration files and authentication files

Single server to open MongoDB Multi-instance, and configure authentication Master-slave replication

Mongodb Main Library configuration file

[Email protected] ~]# CAT/USR/LOCAL/MONGODB/MONGOD.CNF

Logpath=/data/mongodb-master/logs/mongodb.log

Logappend = True

#fork and run in background

Fork = True

Port = 27017

Dbpath=/data/mongodb-master/data

#location of Pidfile

Pidfilepath=/data/mongodb-master/mongod.pid

Auth = True

KeyFile =/tmp/mongo-keyfile

Master = True

MongoDB from library configuration file:

[Email protected] ~]# CAT/USR/LOCAL/MONGODB/MONGOD1.CNF

Logpath=/data/mongodb-slave/logs/mongodb.log

Logappend = True

#fork and run in background

Fork = True

Port = 27018

Dbpath=/data/mongodb-slave/data

#location of Pidfile

Pidfilepath=/data/mongodb-svale/mongod.pid

Slave = True

Source = 127.0.0.1:27017

Auth = True

KeyFile =/tmp/mongo-keyfile

#only = test001

#only = test002

turn on master-slave replication verification :

randomly generated keyfile or manually written , the length of the key must be 6-1024 base64 characters,Unix must have the same group permissions, not required under windows

OpenSSL rand-base64 1024>/tmp/mongo-keyfile

Start mongodb-master:

[Email protected] ~]#/etc/init.d/mongodstart

Starting MongoDB Server ...

[[email protected] ~]# about to fork childprocess, waiting until server are ready for connections.

Forked process:1287

Child process started successfully, parentexiting

[Email protected] data]# ls/data/mongodb-master/data/

Journal LOCAL.1 local.11 local.13 local.15 local.17 local.3 local.5 local.7 local.9 mongod.lock _tmp

local.0 local.10 local.12 local.14 local.16 local.2 local.4 local.6 local.8 local.ns Storage.bson

MongoDB initializes the database with a large data file that is particularly large because:

Oplog the default size is the size of the 5% Point database partition mount point /data , which causes the local database to be too large

[Email protected] data]# du-sh/data/mongodb-master/data/

35g/data/mongodb-master/data/

This article is from the "10931853" blog, please be sure to keep this source http://wujianwei.blog.51cto.com/10931853/1964080

MongoDB Master-slave replication enables secure authentication