1 先用无认证的方式启动mongos
/usr/software/mongodb-linux-x86_64-rhel62-3.4.3/bin/mongos -f /usr/b2c-conf/mongos_router.yaml
/usr/software/mongodb-linux-x86_64-rhel62-3.4.3/bin/mongodb -f /usr/b2c-conf/mmongod_config.yaml
/usr/software/mongodb-linux-x86_64-rhel62-3.4.3/bin/mongodb -f /usr/b2c-conf/shard-a.yaml
2 连接到mongos的进程
/usr/software/mongodb-linux-x86_64-rhel62-3.4.3/bin/mongo --port=27017
3 创建用户管理员
use admin
use admindb.createUser(
{
user: "myUserAdmin",
pwd: "abc123",
roles: [ { role: "userAdminAnyDatabase", db: "admin" } ]
})
4 创建test库的用户
use test
db.createUser(
{
user: "myTester",
pwd: "xyz123",
roles: [ { role: "readWrite", db: "test" },
{ role: "read", db: "reporting" } ]
})
5 在配置文件中添加认证启动方式
# On UNIX systems, the keyfile must not have group or world permissions.
# The content of the keyfile must be the same on all mongod and mongos instances
echo -e "csair mongo secret key" > /opt/mongo/keyfile
mongos配置文件增加下面配置属性:
security:
keyFile: /opt/mongo/keyfile
clusterAuthMode: "keyFile"
mongod配置文件增加下面配置属性:
security:
keyFile: /opt/mongo/keyfile
authorization: enabled
6 用认证的方式启动mongos
/usr/software/mongodb-linux-x86_64-rhel62-3.4.3/bin/mongos -f /usr/b2c-conf/mongos_router.yaml
/usr/software/mongodb-linux-x86_64-rhel62-3.4.3/bin/mongodb -f /usr/b2c-conf/mmongod_config.yaml
/usr/software/mongodb-linux-x86_64-rhel62-3.4.3/bin/mongodb -f /usr/b2c-conf/shard-a.yaml
/usr/software/mongodb-linux-x86_64-rhel62-3.4.3/bin/mongos -f /usr/b2c-conf/mongos_router.yaml
/usr/software/mongodb-linux-x86_64-rhel62-3.4.3/bin/mongodb -f /usr/b2c-conf/mmongod_config.yaml
/usr/software/mongodb-linux-x86_64-rhel62-3.4.3/bin/mongodb -f /usr/b2c-conf/shard-a.yaml
2 连接到mongos的进程
/usr/software/mongodb-linux-x86_64-rhel62-3.4.3/bin/mongo --port=27017
3 创建用户管理员
use admin
use admindb.createUser(
{
user: "myUserAdmin",
pwd: "abc123",
roles: [ { role: "userAdminAnyDatabase", db: "admin" } ]
})
4 创建test库的用户
use test
db.createUser(
{
user: "myTester",
pwd: "xyz123",
roles: [ { role: "readWrite", db: "test" },
{ role: "read", db: "reporting" } ]
})
5 在配置文件中添加认证启动方式
# On UNIX systems, the keyfile must not have group or world permissions.
# The content of the keyfile must be the same on all mongod and mongos instances
echo -e "csair mongo secret key" > /opt/mongo/keyfile
mongos配置文件增加下面配置属性:
security:
keyFile: /opt/mongo/keyfile
clusterAuthMode: "keyFile"
mongod配置文件增加下面配置属性:
security:
keyFile: /opt/mongo/keyfile
authorization: enabled
6 用认证的方式启动mongos
/usr/software/mongodb-linux-x86_64-rhel62-3.4.3/bin/mongos -f /usr/b2c-conf/mongos_router.yaml
/usr/software/mongodb-linux-x86_64-rhel62-3.4.3/bin/mongodb -f /usr/b2c-conf/mmongod_config.yaml
/usr/software/mongodb-linux-x86_64-rhel62-3.4.3/bin/mongodb -f /usr/b2c-conf/shard-a.yaml