#建立超級管理員(root)
RS1:PRIMARY> use admin
RS1:PRIMARY> db.createUser(
{ user: "root",
pwd: "root",
roles: [ { role: "root", db: "admin" } ]
}
);
root用戶所屬admin數據庫
RS1:PRIMARY> db.auth('root', 'root');
1 返回1 則執行成功
#建立普通用戶(gxpt)
#切換至gxpt數據庫
RS1:PRIMARY>use gxpt
RS1:PRIMARY>db.createUser(
{ user: "gxpt",
pwd: "gxpt",
roles: [ { role: "readWrite", db: "gxpt" } ]
}
);
gxpt用戶所屬gxpt數據庫
認證用戶(gxpt)
RS1:PRIMARY> db.auth("gxpt","gxpt");
1
1返回1 則執行成功
|
RS1:PRIMARY> use admin;
switched to db admin
RS1:PRIMARY> show users;
{
"_id" : "admin.root",
"user" : "root",
"db" : "admin",
"roles" : [
{
"role" : "root",
"db" : "admin"
}
],
"mechanisms" : [
"SCRAM-SHA-1",
"SCRAM-SHA-256"
]
}
RS1:PRIMARY> use gxpt;
switched to db gxpt
RS1:PRIMARY> show users;
{
"_id" : "gxpt.gxpt",
"user" : "gxpt",
"db" : "gxpt",
"roles" : [
{
"role" : "readWrite",
"db" : "gxpt"
}
],
"mechanisms" : [
"SCRAM-SHA-1",
"SCRAM-SHA-256"
]
}
}用戶權限以下
|
![]() ![]()
可見:角色<root>是涵蓋 readWriteAnyDatabase, dbAdminAnyDatabase, userAdminAnyDatabase, clusterAdmin, restore, and backup等角色的超級角色
|
[root@MongoDB236 ~]# openssl rand -base64 100 > /opt/var/data/mongodb/mongodb.key
[root@MongoDB236 ~]# chmod 600 /opt/var/data/mongodb/mongodb.key
請根據初始化參數文件指定該文件名稱及目錄
遠程拷貝至其餘節點
[root@MongoDB236 ~]# scp /opt/var/data/mongodb/mongodb.key 192.168.8.237:/opt/var/data/
[root@MongoDB236 ~]# scp /opt/var/data/mongodb/mongodb.key 192.168.8.238:/opt/var/data/
|
。。。
keyFile=/opt/var/data/mongodb/mongodb.key
auth=true
。。。
請放開以上參數
|
[root@MongoDB236 ~]# service mongodb stop
[root@MongoDB236 ~]# service mongodb start
|
[root@Mongodb237 mongodb]# mongo -usuper -psuper 127.0.0.1/admin
MongoDB shell version v4.0.0
connecting to: mongodb://127.0.0.1:27017/admin
MongoDB server version: 4.0.0
> db;db;
admin
> show dbs;show dbs;
admin 0.000GB
gxpt 0.000GB
local 0.000GB
ok
|