#创建超级管理员 super
db.createUser(
{ user: "super",
pwd: "super",
roles: [ { role: "dbAdminAnyDatabase", db: "wb" } ]
}
);
#创建读写管理员 super_write
db.createUser(
{ user: "super",
pwd: "super",
roles: [ { role: "dbAdminAnyDatabase", db: "admin" } ]
}
);
#创建用户管理员 userAdmin
db.createUser(
{ user: "userAdmin",
pwd: "userAdmin",
roles: [ { role: "readWriteAnyDatabase", db: "admin" } ]
}
);
#创建普通用户 readWrite
db.createUser(
{ user: "readWrite",
pwd: "readWrite",
roles: [ { role: "readWrite", db: "gxpt" } ]
}
);
---------------------------------------------------------------------
---------------------------------------------------------------------
---------------------------------------------------------------------
生成key file ok
openssl rand -base64 100 > /opt/var/data/mongodb/mongodb.key
---------------------------------------------------------------------
创建用户 ok
db.createUser(
{
user:"gxpt",
pwd:"gxpt",
roles:[{role:"readWrite",db:"gxpt"}]
}
)
db.createUser(
{
user: "super1",
pwd: "super1",
roles: [ { role: "dbAdminAnyDatabase", db: "admin" }, "readWriteAnyDatabase" ]
}
)
db.createUser(
{
user: "super123",
pwd: "super123",
roles: [ { role: "root", db: "admin" }, "root" ]
}
)
#创建超级管理员 super
db.createUser(
{ user: "root",
pwd: "root",
roles: [ { role: "root", db: "admin" } ]
}
);
#创建超级管理员 super
db.createUser(
{ user: "super",
pwd: "super",
roles: [ { role: "dbAdminAnyDatabase", db: "admin" } ]
}
);
#创建应用管理员 gxpt
db.createUser(
{ user: "gxpt",
pwd: "gxpt",
roles: [ { role: "readWrite", db: "gxpt" } ]
}
);
#创建用户管理员 userAdmin
db.createUser(
{ user: "userAdmin",
pwd: "userAdmin",
roles: [ { role: "readWriteAnyDatabase", db: "admin" } ]
}
);
#创建普通用户 readWrite
db.createUser(
{ user: "readWrite123",
pwd: "readWrite123",
roles: [ { role: "readWrite", db: "gxpt" } ]
}
);
认证用户
RS1:PRIMARY> db.auth("root","root");
1
RS1:PRIMARY> db.auth("gxpt","gxpt");
1
删除用户(必须到用户所属的db中执行删除操作)
RS1:PRIMARY> db.system.users.remove({user:"gxpt"})db.system.users.remove({user:"userAdmin"})
WriteResult({ "nRemoved" : 1 })
RS1:PRIMARY> db.system.users.remove({user:"read_write"})db.system.users.remove({user:"read_write"})
WriteResult({ "nRemoved" : 1 })
RS1:PRIMARY> db.system.users.remove({user:"gxpt"})db.system.users.remove({user:"super1"})
WriteResult({ "nRemoved" : 1 })
切换到gxpt数据库删除 用户gxpt
use gxpt
RS1:PRIMARY> db.dropUser("gxpt", {w: "majority", wtimeout: 5000})db.dropUser("gxpt", {w: "majority", wtimeout: 5000})
true
---------------------------------------------------------------
认证用户 ok
db.auth("root", "root");
db.auth("test", "123456");
---------------------------------------------------------------
db.grantRolesToUser("super", [ { role: "read", db: "admin" } ]);
db.grantRolesToUser( "test" , [ { role: "dbOwner", db: "wb" } ])
---------------------------------------------------------------
远程登录示例 ok
mongo -usuper -psuper 192.168.8.236/admin
mongo -ugxpt -pgxpt 192.168.8.236/gxpt
mongo -usuper -psuper 192.168.8.237/admin
mongo -ugxpt -pgxpt 192.168.8.237/gxpt
---------------------------------------------------------------
在SECONDARY查询出发现如下错误:
SECONDARY> show collections;
Sat Aug 4 15:29:00 uncaught exception: error: { "$err" : "not master and slaveok=false", "code" : 13435 }
这是正常的,因为SECONDARY是不允许读写的,如果非要解决,方法如下:
SECONDARY> rs.slaveOk();
---------------------------------------------------------------
-安全关闭数据库 ok
> use admin; -
RS1:PRIMARY> use admin;
switched to db admin
RS1:PRIMARY> db.auth("root", "root");
1
RS1:PRIMARY> db.shutdownServer();
server should be down...
2018-11-02T10:26:16.132+0800 I NETWORK [js] trying reconnect to 192.168.8.236:27017 failed
2018-11-02T10:26:17.160+0800 I NETWORK [js] reconnect 192.168.8.236:27017 failed failed
2018-11-02T10:26:17.162+0800 I NETWORK [js] trying reconnect to 192.168.8.236:27017 failed
2018-11-02T10:26:17.163+0800 I NETWORK [js] reconnect 192.168.8.236:27017 failed failed
> db.shutdownServer();db.shutdownServer();
2018-11-02T10:26:30.466+0800 I NETWORK [js] trying reconnect to 192.168.8.236:27017 failed
2018-11-02T10:26:30.466+0800 I NETWORK [js] reconnect 192.168.8.236:27017 failed failed
server should be down...
> exit
---------------------------------------------------------------
#rs.slaveOk()
db.createUser(
{
user:"test",
pwd:"123456",
roles:[{role:"readWrite",db:"wb"}]
}
)
db.createCollection("coll-gxp123t", { size: 214 } ) ;
cfg={ _id:"RS1", members:[ {_id:0,host:'192.168.8.236:27017',priority:2}, {_id:1,host:'192.168.8.237:27017',priority:1}, {_id:2,host:'192.168.8.238.:27017',arbiterOnly:true}] };