MongoDB安装及用户名密码管理

安装

一、tar包进行安装 

1.百度网盘 http://pan.baidu.com/s/1FOH2m

2.https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-3.0.6.tgz

二、yum源进行安装

Configure the package management system (yum).改变

创建一个 /etc/yum.repos.d/mongodb-org-3.0.repo 文件,如此你就可以直接用yum安装MongoDB.

改到 3.0版本: MongoDB Linux packages for 3.0 are in a new repository.

MongoDB的最近稳定版

用下面的repo文件

[mongodb-org-3.0]name=MongoDB Repositorybaseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/3.0/x86_64/gpgcheck=0enabled=1

安装MongoDB的最近稳定版To install the latest stable version of MongoDB, issue the following command:

sudo yum install -y mongodb-org

To install a specific(特殊) release of MongoDB, specify each component package individually and append the version number to the package name, as in the following example:

sudo yum install -y mongodb-org-3.0.6 mongodb-org-server-3.0.6 mongodb-org-shell-3.0.6 mongodb-org-mongos-3.0.6 mongodb-org-tools-3.0.6

即可安装最近的mongodb版本。

配置

二、tar包安装过程中的配置

1.

mkdir -p /mongodb/export/mongodb

cp mongodb-linux-x86_64-3.0.6.tgz   /mongodb/export/mongodb

tar zxvf mongodb-linux-x86_64-3.0.6.tgz

 vim /etc/profile    (配置mongodb的环境变量)

export PATH=/mongodb/export/mongodb/mongodb-linux-x86_64-3.0.6/bin:$PATH

cd /mongodb/export/mongodb

mkdir conf

mkdir log

mkdir keyfile

mkdir data

vim conf/master.conf

#dbpath=/mnt/export/mongodb/data/master01

#logpath=/mnt/export/mongodb/log/master01.log

#logappend=true

#replSet=mas

#port=10001

#fork=true

#journal=true

#auth=true

#keyFile=/mnt/export/mongodb/keyfile/keyfile01

storage:

   dbPath: /mongodb/export/mongodb/data/master

   directoryPerDB: true

   engine: wiredTiger

   journal:

      enabled: true

systemLog:

   path: /mongodb/export/mongodb/log/master.log

   logAppend: true

   logRotate: rename

   destination: file

replication:

   #oplogSizeMB: <int>

   replSetName: mongodb

processManagement:

   fork: true

net:

#bindIp: 127.0.0.1

   port: 27017

#security:

#   keyFile: /mongodb/export/mongodb/keyfile/keyfile00

#   authorization: enabled

# vim conf/slave.conf

#dbpath=/mnt/export/mongodb/data/master01

#logpath=/mnt/export/mongodb/log/master01.log

#logappend=true

#replSet=mas

#port=10001

#fork=true

#journal=true

#auth=true

#keyFile=/mnt/export/mongodb/keyfile/keyfile01

storage:

   dbPath: /mongodb/export/mongodb/data/slave

   directoryPerDB: true

   engine: wiredTiger

   journal:

      enabled: true

systemLog:

   path: /mongodb/export/mongodb/log/slave.log

   logAppend: true

   logRotate: rename

   destination: file

replication:

   #oplogSizeMB: <int>

   replSetName: mongodb

processManagement:

   fork: true

net:

#bindIp: 127.0.0.1

   port: 27018

#security:

#   keyFile: /mongodb/export/mongodb/keyfile/keyfile00

#   authorization: enabled

这次没有添加arbiter,没有设置仲裁

启动mongodb ,但是要注意需要在/mongodb/export/mongodb/data 需要创建数据库文件夹master slave

否则mongodb不可以正常启动

启动命令

cd /mongodb/export/mongodb/mongodb-linux-x86_64-3.0.6/bin

./mongod -f /mongodb/export/mongodb/conf/master.conf

./mongod -f /mongodb/export/mongodb/conf/slave.conf

(本次启动没有开启验证如果要开启验证)

启动mongo

./mongo --port 27017


>use admin

>cfg1={ _id:"mongodb", members:[ {_id:0,host:'192.168.1.87:27017',priority:2}, {_id:1,host:'192.168.1.87:27018',priority:1}] };

{

 "_id" : "mongodb",

 "members" : [

  {

   "_id" : 0,

   "host" : "192.168.1.87:27017",

   "priority" : 2

  },

  {

   "_id" : 1,

   "host" : "192.168.1.87:27018",

   "priority" : 1

  }

 ]

}

rs.initiate(cfg1)

{ "ok" : 1 }

mongodb:OTHER> rs.status()

{

 "set" : "mongodb",

 "date" : ISODate("2015-09-27T00:36:13.929Z"),

 "myState" : 1,

 "members" : [

  {

   "_id" : 0,

   "name" : "192.168.1.87:27017",

   "health" : 1,

   "state" : 1,

   "stateStr" : "PRIMARY",

   "uptime" : 1031,

   "optime" : Timestamp(1443314165, 1),

   "optimeDate" : ISODate("2015-09-27T00:36:05Z"),

   "electionTime" : Timestamp(1443314169, 1),

   "electionDate" : ISODate("2015-09-27T00:36:09Z"),

   "configVersion" : 1,

   "self" : true

  },

  {

   "_id" : 1,

   "name" : "192.168.1.87:27018",

   "health" : 1,

   "state" : 2,

   "stateStr" : "SECONDARY",

   "uptime" : 8,

   "optime" : Timestamp(1443314165, 1),

   "optimeDate" : ISODate("2015-09-27T00:36:05Z"),

   "lastHeartbeat" : ISODate("2015-09-27T00:36:13.634Z"),

   "lastHeartbeatRecv" : ISODate("2015-09-27T00:36:13.725Z"),

   "pingMs" : 0,

   "syncingTo" : "192.168.1.87:27017",

   "configVersion" : 1

  }

 ],

 "ok" : 1


添加mongodb的超级用户名密码

mongodb:PRIMARY> use admin

switched to db admin

mongodb:PRIMARY> db.addUser('root','123456');   (错误方式)

V3版本mongoDB已经不再使用addUser,而是采用了db.createUser

2015-09-27T09:10:34.491+0800 E QUERY    TypeError: Property 'addUser' of object admin is not a function

    at (shell):1:4

mongodb:PRIMARY> use admin

switched to db admin

mongodb:PRIMARY> db.createUser(  

...   {  

...     user: "admin",  

...     pwd: "admin",  

...     roles: [ { role: "userAdminAnyDatabase", db: "admin" } ]  

...   }  

... )  

Successfully added user: {

 "user" : "admin",

 "roles" : [

  {

   "role" : "userAdminAnyDatabase",

   "db" : "admin"

  }

 ]

}

添加认证,重启mongodb然后进行登录


关闭mongodb数据库

进入mongodb的master

./mongo --port 27017

>use admin

>db.shutdownServer()

进入mongodb的slave

./mongo --port 27017

>use admin

>db.shutdownServer()


Master-Slave安全
这个主从安全在 MongoDB官网说的很清楚。不能和普通的mongod权限验证那样。这里除了需要加入 ―auth 还需要加入 ―keyFile 的验证。

首先,我们生成我们的keyFile,根据官网提供的说明,这个keyfile是可以任意内容的,只要保证所有集群中的机器都拥有同样的文件即可。在linux环境下,我们通过

openssl rand -base64 741 > /mongodb/export/mongodb/keyfile/keyfile00

这条命令来生成我们的keyFile。 生成之后就可以在启动mongod的时候指定了。

配置之文件为


storage:

   dbPath: /mongodb/export/mongodb/data/master

   directoryPerDB: true

   engine: wiredTiger

   journal:

      enabled: true

systemLog:

   path: /mongodb/export/mongodb/log/master.log

   logAppend: true

   logRotate: rename

   destination: file

replication:

   #oplogSizeMB: <int>

   replSetName: mongodb

processManagement:

   fork: true

net:

#bindIp: 127.0.0.1

   port: 27017

security:

   keyFile: /mongodb/export/mongodb/keyfile/keyfile00

   authorization: enabled


添加认证后测试结果

[root@localhost bin]# ./mongo --port 27017
MongoDB shell version: 3.0.6
connecting to: 127.0.0.1:27017/test
mongodb:PRIMARY> show dbs
2015-10-08T19:37:29.881+0800 E QUERY    Error: listDatabases failed:{
"ok" : 0,
"errmsg" : "not authorized on admin to execute command { listDatabases: 1.0 }",
"code" : 13
}
    at Error (<anonymous>)
    at Mongo.getDBs (src/mongo/shell/mongo.js:47:15)
    at shellHelper.show (src/mongo/shell/utils.js:630:33)
    at shellHelper (src/mongo/shell/utils.js:524:36)
    at (shellhelp2):1:1 at src/mongo/shell/mongo.js:47
mongodb:PRIMARY> use admin
switched to db admin
mongodb:PRIMARY> db.auth("admin","admin")
1
mongodb:PRIMARY> show dbs
admin  0.000GB
local  0.000GB

你可能感兴趣的:(mongodb)