MongoDB replset copy set + Auth

# # # Open AUTH Certified a copy set of MongoDB

# # # Note the point

- Before server node time to synchronize

- The firewall must be enabled through

- turn on also set

- It's best to build double-click Trust mode

# # # Things to do ahead of time

• Production of high-end atmospheric grade keyfile files

[[email protected] journal]# openssl rand -base64 7533lc/ ezgpolxdvbqinqekvglqnnwo2et93ib51bqjzraub2gruovi4b6zkaenaqxcvu3ueolwa9iywvhy6g3raq8lawqvx+ Dij52lf5ekiup9utwqlzgd6fkgthen6hnlhv1yhwdzhln7itmugctse5qcsnjjijqh+otkipkph3lae+ uxvc4rafpqntzcbbju7p2goaq7zyhqt68ibysnzcdribb9qvq35q+kfg3sb4ne26pgk2qjnuyak2r42blmec6vfkw0lnemjsscb1d2m+ 5flmvbe8w59lol7/ n8iheet4jitmfhrwcgytatk7d316zbf8djokhobfnw7v0eujinas7brvljitsr51qq4nqqaqpwd5dyncsycdcnizqju9pgo2ozbiroolo/tz/ tljs8jphaa7gamoi+l+of1sn9ytpsq0t0bswitbanifjrg97nj6iwl86zbldy1u2380qbqkzdbp/ yzdyi9mj05328pdjpvf32vpt3wahmkxtwzhxmelo6ao4q4lxtpubigulzbegolf/zzia5ndxwzjxvalnuxxdzrctcocxvfwxwnxin6gg2ep/ iwkvztniltmbuzg51q45bb7afvs7p27p89wtk0tz4rwndnpnnj1rynwz8jmufe9dday50kyuqyiiedflticyycnxwtmkytpaun/ 6gxlkkp6pwhtfdid1tv6dkv1fhb0fu0breobttsfafkwbdkcxhclv2p6xifdrklmgdrgcqnxljn0sauugpu55drscswt3a6pzx2ga6yl/ xngajpxbhb+g2gwfhsl64oo58kb4e1tqt5z/pki0yow+glv8m82k2epu7hptb6ks0pzcalglgpy4obxu7tnqqjiy/ Pla60gtqbs5kbcixp7mv9jxcnoml68ju3zkqlZuikzenslpfxbnhnsurtxwruardb3wm6bxsns6uofja/iya0dsutz5w8z6cqoej0bpo5gjpa95wsjxnwicy8hvf[[email protected]  journal]#

• -Copy the key from production to/usr/local/mongodb/key

• -Set the key file permission to 600

• -The owner group of the key file is modified

[[email protected] mongodb]# lltotal 72drwxr-xr-x 2 mongodb mongodb   4096 jul 19 12:58 bin-rw-r--r-- 1 mongodb mongodb 34520 jun  19 22:41 GNU-AGPL-3.0-rw-r--r-- 1 root    root      1020 Jul 21 08:26 key-rw-r--r-- 1 mongodb mongodb      5 jul 21 07:54 mongo.pid-rw-r--r-- 1 mongodb mongodb   1359 jun 19 22:41 readme-rw-r--r-- 1 mongodb mongodb 17793  Jun 19 22:41 THIRD-PARTY-NOTICES[[email protected] mongodb]# chmod  600 key [[email protected] mongodb]# lltotal 72drwxr-xr-x 2 mongodb  mongodb  4096 jul 19 12:58 bin-rw-r--r-- 1 mongodb mongodb  34520 jun  19 22:41 GNU-AGPL-3.0-RW------- 1 mongodb mongodb  1020 jul 21  08:26 key-rw-r--r-- 1 mongodb mongodb     5 Jul  21 07:54 mongo.pid-rw-r--r-- 1 mongodb mongodb  1359 jun 19  22:41 readme-rw-r--r-- 1 mongodb mongodb 17793 jun 19 22:41  third-party-notices[[email protected] mongodb]#

# # # Copy the key file to a different node

• -Note that the owner of the group belongs

• -Create a global account

> > Show dbsadmin (empty) local 1.078GBtest (empty) > Use adminswitched to DB admin> db.adduser ("Zhuima", "zh Uima ") warning:the ' addUser ' shell Helper is DEPRECATED. Please use ' createUser ' insteadsuccessfully added User: {"user": "Zhuima", "Roles": ["root"]}>

# # # Master server configuration file

[Email protected] mongodb]# sed-e '/^$/d;/^#/d '/etc/mongod.confport=27017dbpath=/mongo/data/mongodb_data/logpath= /mongo/data/mongodb_log/mongodb.logpidfilepath=/usr/local/mongodb/mongo.pidfork=truelogappend=trueshardsvr= truedirectoryperdb=truereplset=zhuimakeyfile=/usr/local/mongodb/keybind_ip=192.168.58.30

# # # configuration files from the server

[Email protected] data]# vim/etc/mongod.conf [[email protected] data]# sed-e '/^$/d;/^#/d '/etc/mongod.conflogpath=/va R/log/mongodb/mongod.loglogappend=truefork=truedbpath=/mongo/datapidfilepath=/var/run/mongodb/mongod.pidbind_ Ip=192.168.58.10replset = Zhuimakeyfile =/mongo/data/key

# # # Restart MongoDB Service observation results

• -Initialize replica set

> Rs.initiate ()

• -As can be seen from the following, the KeyFile default includes the ability to turn on auth

Zhuima:secondary> Show dbs2014-07-21t08:52:44.617+0200 listdatabases failed:{"OK": 0, "errmsg": "Not authorized on AD Min to execute command {listdatabases:1.0} "," code ": @ src/mongo/shell/mongo.js:47zhuima:secondary>

# # # Verification Information

• -On the master node

Zhuima:primary> Show Dbsadmin 0.078GBlocal 1.078gbzhuima:primary> use zhuimaswitched to DB ZHUIMAZHUIMA:PRIMARY&G T info = {Name: "Zhuima", Age:26,gender: "F", Address: "Beijing China"} {"Name": "Zhuima", "age": +, "Gender": "F", "address": "BEIJING China"}zhuima:primary> Db.person.insert (Info) writeresult ({"ninserted": 1}) zhuima:primary>  Db.person.find () {"_id": ObjectId ("53CCB955F09DBB6F5A213FAF"), "Name": "Zhuima", "age": +, "Gender": "F", "Address": "Beijing China"}zhuima:primary>

• -From the node

Zhuima:secondary> show Dbsadmin 0.078GBlocal 1.078GBzhuima 0.078gbzhuima:secondary> use zhuimaswitched to DB en Uimazhuima:secondary> Show collections2014-07-21t08:55:40.267+0200 error: {"$err": "Not Master and Slaveok=false", " Code ": 13435} at Src/mongo/shell/query.js:131zhuima:secondary> rs.slaveok () zhuima:secondary> rs.slaveOk () Zhuima:secondary> show Collectionspersonsystem.indexeszhuima:secondary> Db.person.find () {"_id": ObjectId (" 53CCB955F09DBB6F5A213FAF ")," Name ":" Zhuima "," age ": +," Gender ":" F "," Address ":" Beijing China "}ZHUIMA:SECONDARY&G T

# # # about MongoDB replica set + auth configuration thanks to Brother's advice.

Brother Chan Blog: http://www.shencan.net/

# # # PostScript:

• Production environment Although MONGDB not external service, but with Auth certification is always good

• Do you remember the pain that had been blown by the clouds?

• Subsequent blogs will tell the index memory shard operation

  
  

This article is from the "Chasing Horses" blog, please make sure to keep this source http://lovelace.blog.51cto.com/1028430/1441047

MongoDB replset copy set + Auth