MongoDB repl set permission authentication configuration steps 04/13 Update SLTechnology News&Howtos

MongoDB repl set permission authentication configuration steps

2025-04-13 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Database >

Shulou(Shulou.com)06/01 Report--

Replica set authority authentication

To generate a keyfile file for permission authentication between nodes

Mkdir-p / mnt/mongodb/rs/config

Cd / mnt/mongodb/rs/config

Openssl rand-base64 741 > mongodb-keyfile

Chmod 300 mongodb-keyfile

The number on the official website is 600. it must be changed to 300. if not, it will fail to start mongodb because the write permission in mongodb.log is too open at startup. (make sure you have installed openssl here, and if not, yum install openssl)

Copy the mongodb-keyfile to the corresponding directory of each node. If the mongodb has been started before, after entering the terminal with mongo, check which node is the master node, rs.status (), and execute it under the master node:

Use admin # Select the data to be authenticated

Db.addUser ('name','password')

Of course, permission authentication can also be carried out by a self-built library.

Use test1

Db.addUser ('test','123456')

When prompted to add successfully, stop all and execute db.shutdownServer () on each node; then add the following two lines to the mongod.conf file:

Auth=true

KeyFile=/mnt/mongodb/rs/confile/mongodb-keyfile

Finally, all can be restarted!

Enter the terminal of the primary node and enter

Db.runCommand ({getLastError:1, w: n})

If there is no N, or less than 2, the command will return immediately. If N is equal to 2, the master node will respond to the command until at least one slave node replicates the last operation (the master node itself is included in N). The master node uses the "syncedTo" information stored in local.slaves to track the updates of the slave node.

When the "w" option is specified, you can also use the "wtimeout" option to indicate a timeout in milliseconds. GetLastError will be able to return an error when the previous operation is copied to N nodes timeout (the command does not time out by default).

Blocking replication can cause writes to be significantly slower, especially if the value of "w" is large. In fact, setting the value to 2 or 3 for important operations can be both efficient and safe.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.