如何通过身份验证在新贵服务中设置mongodb
how to set mogodb in upstart service with authentication
我在 mongodb v2.6.11 中创建了一个超级用户 tom,使用 username & password 现在我想在 ubuntu 启动服务
添加这个
搜索得知我必须编辑下面的文件
this is how my /etc/init/mongod.conf looks
pre-start script
mkdir -p /var/lib/mongodb/
mkdir -p /var/log/mongodb/
end script
start on runlevel [2345]
stop on runlevel [06]
script
ENABLE_MONGOD="yes"
CONF=/etc/mongod.conf
DAEMON=/usr/bin/mongod
DAEMONUSER=${DAEMONUSER:-mongodb}
if [ -f /etc/default/mongod ]; then . /etc/default/mongod; fi
# Handle NUMA access to CPUs (SERVER-3574)
# This verifies the existence of numactl as well as testing that the command works
NUMACTL_ARGS="--interleave=all"
if which numactl >/dev/null 2>/dev/null && numactl $NUMACTL_ARGS ls / >/dev/null 2>/dev/null
then/etc/init/mongod.conf
NUMACTL="$(which numactl) -- $NUMACTL_ARGS"
DAEMON_OPTS=${DAEMON_OPTS:-"--config $CONF"}
else
NUMACTL=""
DAEMON_OPTS="-- "${DAEMON_OPTS:-"--config $CONF"}
fi
if [ "x$ENABLE_MONGOD" = "xyes" ]
then
exec start-stop-daemon --start --chuid $DAEMONUSER --exec $NUMACTL $DAEMON $DAEMON_OPTS
fi
end script
ATTEMPT 1 :by using mongo command line
sudo mongod --auth --port 27017 --dbpath /var/lib/mongodb
但不知道要在 /etc/init/mongod.conf 中更改什么?
ATTEMPT 2 :by using /etc/mongod.conf
- 在
/etc/mongod.conf 中做了更改
auth = true
port = 27017
$sudo mongod --config /etc/mongod.conf
/var/log/mongodb/mongod.log 触发命令后
2016-01-20T23:58:41.675+0530 ***** SERVER RESTARTED *****
2016-01-20T23:58:41.677+0530 [initandlisten] MongoDB starting : pid=3168 port=27017 dbpath=/var/lib/mongodb 64-bit host=vijay
2016-01-20T23:58:41.677+0530 [initandlisten] db version v2.6.11
2016-01-20T23:58:41.677+0530 [initandlisten] git version: d00c1735675c457f75a12d530bee85421f0c5548
2016-01-20T23:58:41.677+0530 [initandlisten] build info: Linux build4.ny.cbi.10gen.cc 2.6.32-431.3.1.el6.x86_64 #1 SMP Fri Jan 3 21:39:27 UTC 2014 x86_64 BOOST_LIB_VERSION=1_49
2016-01-20T23:58:41.677+0530 [initandlisten] allocator: tcmalloc
2016-01-20T23:58:41.677+0530 [initandlisten] options: { config: "/etc/mongod.conf", net: { bindIp: "127.0.0.1", port: 27017 }, security: { authorization: "enabled" }, storage: { dbPath: "/var/lib/mongodb" }, systemLog: { destination: "file", logAppend: true, path: "/var/log/mongodb/mongod.log" } }
2016-01-20T23:58:41.812+0530 [initandlisten] journal dir=/var/lib/mongodb/journal
2016-01-20T23:58:41.812+0530 [initandlisten] recover : no journal files present, no recovery needed
2016-01-20T23:58:41.934+0530 [initandlisten] waiting for connections on port 27017
2016-01-20T23:58:47.746+0530 [signalProcessingThread] got signal 2 (Interrupt), will terminate after current cmd ends
2016-01-20T23:58:47.746+0530 [signalProcessingThread] now exiting
2016-01-20T23:58:47.746+0530 [signalProcessingThread] dbexit:
2016-01-20T23:58:47.746+0530 [signalProcessingThread] shutdown: going to close listening sockets...
2016-01-20T23:58:47.746+0530 [signalProcessingThread] closing listening socket: 10
2016-01-20T23:58:47.746+0530 [signalProcessingThread] closing listening socket: 13
2016-01-20T23:58:47.746+0530 [signalProcessingThread] removing socket file: /tmp/mongodb-27017.sock
2016-01-20T23:58:47.746+0530 [signalProcessingThread] shutdown: going to flush diaglog...
2016-01-20T23:58:47.746+0530 [signalProcessingThread] shutdown: going to close sockets...
2016-01-20T23:58:47.746+0530 [signalProcessingThread] shutdown: waiting for fs preallocator...
2016-01-20T23:58:47.746+0530 [signalProcessingThread] shutdown: lock for final commit...
2016-01-20T23:58:47.746+0530 [signalProcessingThread] shutdown: final commit...
2016-01-20T23:58:47.838+0530 [signalProcessingThread] shutdown: closing all files...
2016-01-20T23:58:47.843+0530 [signalProcessingThread] closeAllFiles() finished
2016-01-20T23:58:47.843+0530 [signalProcessingThread] journalCleanup...
2016-01-20T23:58:47.843+0530 [signalProcessingThread] removeJournalFiles
2016-01-20T23:58:47.949+0530 [signalProcessingThread] shutdown: removing fs lock...
2016-01-20T23:58:47.949+0530 [signalProcessingThread] dbexit: really exiting now
但是在关闭终端时 mongodb 也会关闭
ATTEMPT 3
- 在
/etc/mongod.conf 中做了更改
auth = true
port = 27017
重启计算机
/var/log/mongodb/mongod.log 正在重新启动计算机
2016-01-21T00:40:13.011+0530 ***** SERVER RESTARTED *****
2016-01-21T00:40:13.014+0530 [initandlisten] MongoDB starting : pid=1012 port=27017 dbpath=/var/lib/mongodb 64-bit host=vijay
2016-01-21T00:40:13.014+0530 [initandlisten] db version v2.6.11
2016-01-21T00:40:13.014+0530 [initandlisten] git version: d00c1735675c457f75a12d530bee85421f0c5548
2016-01-21T00:40:13.014+0530 [initandlisten] build info: Linux build4.ny.cbi.10gen.cc 2.6.32-431.3.1.el6.x86_64 #1 SMP Fri Jan 3 21:39:27 UTC 2014 x86_64 BOOST_LIB_VERSION=1_49
2016-01-21T00:40:13.014+0530 [initandlisten] allocator: tcmalloc
2016-01-21T00:40:13.014+0530 [initandlisten] options: { config: "/etc/mongod.conf", net: { bindIp: "127.0.0.1", port: 27017 }, security: { authorization: "enabled" }, storage: { dbPath: "/var/lib/mongodb" }, systemLog: { destination: "file", logAppend: true, path: "/var/log/mongodb/mongod.log" } }
2016-01-21T00:40:13.439+0530 [initandlisten] exception in initAndListen: 10309 Unable to create/open lock file: /var/lib/mongodb/mongod.lock errno:13 Permission denied Is a mongod instance already running?, terminating
2016-01-21T00:40:13.439+0530 [initandlisten] dbexit:
2016-01-21T00:40:13.439+0530 [initandlisten] shutdown: going to close listening sockets...
2016-01-21T00:40:13.439+0530 [initandlisten] shutdown: going to flush diaglog...
2016-01-21T00:40:13.439+0530 [initandlisten] shutdown: going to close sockets...
2016-01-21T00:40:13.439+0530 [initandlisten] shutdown: waiting for fs preallocator...
2016-01-21T00:40:13.439+0530 [initandlisten] shutdown: lock for final commit...
2016-01-21T00:40:13.439+0530 [initandlisten] shutdown: final commit...
2016-01-21T00:40:13.439+0530 [initandlisten] shutdown: closing all files...
2016-01-21T00:40:13.439+0530 [initandlisten] closeAllFiles() finished
2016-01-21T00:40:13.439+0530 [initandlisten] shutdown: removing fs lock...
2016-01-21T00:40:13.439+0530 [initandlisten] couldn't remove fs lock errno:9 Bad file descriptor
2016-01-21T00:40:13.440+0530 [initandlisten] dbexit: really exiting now
观察:Unable to create/open lock file: /var/lib/mongodb/mongod.lock errno:13 Permission denied Is a mongod instance already running?, terminating
我在日志中发现了这个错误。不知道它是否导致 mongodb 到 terminate.if 它导致 mongo 到 STOP 然后在计算机启动时如何设置权限?
也可以使用 supervisor:
apt install supervisor
进程设置 mongodb:
在位置 /etc/supervisor/conf.d 创建文件 myupstartservice.conf 并在下面放置代码
[program:mongo]
command=/usr/bin/mongod --auth --config /etc/mongod.conf
autostart=true
autorestart=true
user=root
priority=100
然后检查服务
service supervisor restart
1:到达 -> $cd /etc/init/
2 :通过 vi 或 nano 编辑器使用以下代码创建文件 myservice.conf
description "service to start mongodb at startup"
author "plutopunch :)"
start on started mountall
stop on shutdown
respawn
respawn limit 99 5
script
export HOME="/home/admin"
exec sudo mongod --port 27017 --auth --dbpath /var/lib/mongodb
end script
post-start script
end script
3 : 重启电脑
绝对没有必要 fiddle 使用启动文件(你真的不应该这样做,除非你 完全 知道你在做什么)或安装额外的软件用于管理 MongoDB.
我宁愿建议read MongoDB's extensive documentation of the config file options。
您唯一需要做的就是设置
auth=true
旧配置文件或
security:
authorization: enabled
对于 /etc/mongod.conf
中的 YAML 配置文件
感谢@Markus W mahalberg 详细扩展您的答案
Correct Mongodb Way to set mongo in startup with authentication
步骤:
1 : sudo apt-get install mongodb-org - 在新终端
2 : sudo mongod --port 27017 --dbpath /var/lib/mongodb
3 : mongo --port 27017 - 在新终端
4 : use admin
5 : 让我们设置 superuser
db.createUser(
{
user: "tom",
pwd: "jerry",
roles: [
{ role: "userAdminAnyDatabase", db: "admin" },
{ role: "readWriteAnyDatabase", db: "admin" },
{ role: "dbAdminAnyDatabase", db: "admin" },
{ role: "clusterAdmin", db: "admin" }
]
})
6 : 让我们配置 启动服务 在 /etc/mongod.conf 中进行更改并设置
auth = true
port = 27017
7 : sudo /etc/init.d/mongod stop 或 sudo service mongod stop - 在新终端
8 : sudo /etc/init.d/mongod start 或 sudo service mongod start
9 : restart your pc 在重新启动电脑之前请清空此文件 /var/log/mongodb/mongod.log 并保存
Now lets check TWO things Authentication & mongodb running at startup
1 :检查身份验证设置
mongo --port 27017 -u "tom" -p "jerry" --authenticationDatabase "admin" - 在新终端
注意 : 这一步是最重要的一步。
它会在终端上输出类似
MongoDB shell version: 2.6.11
connecting to: 127.0.0.1:27017/test
>
2 :检查启动时 mongodb 是否为 运行
运行 下面的命令没有 运行 mongod 因为 mongod 应该在启动时启动
mongo --port 27017 -u "tom" -p "jerry" --authenticationDatabase "admin" - 在新终端
如果它没有启动然后打开这个文件 '/var/log/mongodb/mongod.log' .
如果它包含错误日志:
Unable to create/open lock file: /var/lib/mongodb/mongod.lock errno:13 Permission denied Is a mongod instance already running?, terminating
然后应用这些权限并重新启动并再次检查
sudo chown -R mongodb:mongodb /var/lib/mongodb/.
sudo chown -R mongodb:mongodb /var/log/mongodb/mongod.log
sudo /etc/init.d/mongod stop` OR `sudo service mongod stop
sudo /etc/init.d/mongod start` OR `sudo service mongod start
如果它不包含上述错误日志那么你应该在启动时成功启动mongodb
我在 mongodb v2.6.11 中创建了一个超级用户 tom,使用 username & password 现在我想在 ubuntu 启动服务
添加这个搜索得知我必须编辑下面的文件
this is how my
/etc/init/mongod.conflooks
pre-start script
mkdir -p /var/lib/mongodb/
mkdir -p /var/log/mongodb/
end script
start on runlevel [2345]
stop on runlevel [06]
script
ENABLE_MONGOD="yes"
CONF=/etc/mongod.conf
DAEMON=/usr/bin/mongod
DAEMONUSER=${DAEMONUSER:-mongodb}
if [ -f /etc/default/mongod ]; then . /etc/default/mongod; fi
# Handle NUMA access to CPUs (SERVER-3574)
# This verifies the existence of numactl as well as testing that the command works
NUMACTL_ARGS="--interleave=all"
if which numactl >/dev/null 2>/dev/null && numactl $NUMACTL_ARGS ls / >/dev/null 2>/dev/null
then/etc/init/mongod.conf
NUMACTL="$(which numactl) -- $NUMACTL_ARGS"
DAEMON_OPTS=${DAEMON_OPTS:-"--config $CONF"}
else
NUMACTL=""
DAEMON_OPTS="-- "${DAEMON_OPTS:-"--config $CONF"}
fi
if [ "x$ENABLE_MONGOD" = "xyes" ]
then
exec start-stop-daemon --start --chuid $DAEMONUSER --exec $NUMACTL $DAEMON $DAEMON_OPTS
fi
end script
ATTEMPT 1 :by using mongo command line
sudo mongod --auth --port 27017 --dbpath /var/lib/mongodb
但不知道要在 /etc/init/mongod.conf 中更改什么?
ATTEMPT 2 :by using /etc/mongod.conf
- 在
/etc/mongod.conf 中做了更改
auth = true
port = 27017
$sudo mongod --config /etc/mongod.conf/var/log/mongodb/mongod.log触发命令后2016-01-20T23:58:41.675+0530 ***** SERVER RESTARTED ***** 2016-01-20T23:58:41.677+0530 [initandlisten] MongoDB starting : pid=3168 port=27017 dbpath=/var/lib/mongodb 64-bit host=vijay 2016-01-20T23:58:41.677+0530 [initandlisten] db version v2.6.11 2016-01-20T23:58:41.677+0530 [initandlisten] git version: d00c1735675c457f75a12d530bee85421f0c5548 2016-01-20T23:58:41.677+0530 [initandlisten] build info: Linux build4.ny.cbi.10gen.cc 2.6.32-431.3.1.el6.x86_64 #1 SMP Fri Jan 3 21:39:27 UTC 2014 x86_64 BOOST_LIB_VERSION=1_49 2016-01-20T23:58:41.677+0530 [initandlisten] allocator: tcmalloc 2016-01-20T23:58:41.677+0530 [initandlisten] options: { config: "/etc/mongod.conf", net: { bindIp: "127.0.0.1", port: 27017 }, security: { authorization: "enabled" }, storage: { dbPath: "/var/lib/mongodb" }, systemLog: { destination: "file", logAppend: true, path: "/var/log/mongodb/mongod.log" } } 2016-01-20T23:58:41.812+0530 [initandlisten] journal dir=/var/lib/mongodb/journal 2016-01-20T23:58:41.812+0530 [initandlisten] recover : no journal files present, no recovery needed 2016-01-20T23:58:41.934+0530 [initandlisten] waiting for connections on port 27017 2016-01-20T23:58:47.746+0530 [signalProcessingThread] got signal 2 (Interrupt), will terminate after current cmd ends 2016-01-20T23:58:47.746+0530 [signalProcessingThread] now exiting 2016-01-20T23:58:47.746+0530 [signalProcessingThread] dbexit: 2016-01-20T23:58:47.746+0530 [signalProcessingThread] shutdown: going to close listening sockets... 2016-01-20T23:58:47.746+0530 [signalProcessingThread] closing listening socket: 10 2016-01-20T23:58:47.746+0530 [signalProcessingThread] closing listening socket: 13 2016-01-20T23:58:47.746+0530 [signalProcessingThread] removing socket file: /tmp/mongodb-27017.sock 2016-01-20T23:58:47.746+0530 [signalProcessingThread] shutdown: going to flush diaglog... 2016-01-20T23:58:47.746+0530 [signalProcessingThread] shutdown: going to close sockets... 2016-01-20T23:58:47.746+0530 [signalProcessingThread] shutdown: waiting for fs preallocator... 2016-01-20T23:58:47.746+0530 [signalProcessingThread] shutdown: lock for final commit... 2016-01-20T23:58:47.746+0530 [signalProcessingThread] shutdown: final commit... 2016-01-20T23:58:47.838+0530 [signalProcessingThread] shutdown: closing all files... 2016-01-20T23:58:47.843+0530 [signalProcessingThread] closeAllFiles() finished 2016-01-20T23:58:47.843+0530 [signalProcessingThread] journalCleanup... 2016-01-20T23:58:47.843+0530 [signalProcessingThread] removeJournalFiles 2016-01-20T23:58:47.949+0530 [signalProcessingThread] shutdown: removing fs lock... 2016-01-20T23:58:47.949+0530 [signalProcessingThread] dbexit: really exiting now但是在关闭终端时 mongodb 也会关闭
ATTEMPT 3
- 在
/etc/mongod.conf 中做了更改
auth = true
port = 27017
重启计算机
/var/log/mongodb/mongod.log正在重新启动计算机2016-01-21T00:40:13.011+0530 ***** SERVER RESTARTED ***** 2016-01-21T00:40:13.014+0530 [initandlisten] MongoDB starting : pid=1012 port=27017 dbpath=/var/lib/mongodb 64-bit host=vijay 2016-01-21T00:40:13.014+0530 [initandlisten] db version v2.6.11 2016-01-21T00:40:13.014+0530 [initandlisten] git version: d00c1735675c457f75a12d530bee85421f0c5548 2016-01-21T00:40:13.014+0530 [initandlisten] build info: Linux build4.ny.cbi.10gen.cc 2.6.32-431.3.1.el6.x86_64 #1 SMP Fri Jan 3 21:39:27 UTC 2014 x86_64 BOOST_LIB_VERSION=1_49 2016-01-21T00:40:13.014+0530 [initandlisten] allocator: tcmalloc 2016-01-21T00:40:13.014+0530 [initandlisten] options: { config: "/etc/mongod.conf", net: { bindIp: "127.0.0.1", port: 27017 }, security: { authorization: "enabled" }, storage: { dbPath: "/var/lib/mongodb" }, systemLog: { destination: "file", logAppend: true, path: "/var/log/mongodb/mongod.log" } } 2016-01-21T00:40:13.439+0530 [initandlisten] exception in initAndListen: 10309 Unable to create/open lock file: /var/lib/mongodb/mongod.lock errno:13 Permission denied Is a mongod instance already running?, terminating 2016-01-21T00:40:13.439+0530 [initandlisten] dbexit: 2016-01-21T00:40:13.439+0530 [initandlisten] shutdown: going to close listening sockets... 2016-01-21T00:40:13.439+0530 [initandlisten] shutdown: going to flush diaglog... 2016-01-21T00:40:13.439+0530 [initandlisten] shutdown: going to close sockets... 2016-01-21T00:40:13.439+0530 [initandlisten] shutdown: waiting for fs preallocator... 2016-01-21T00:40:13.439+0530 [initandlisten] shutdown: lock for final commit... 2016-01-21T00:40:13.439+0530 [initandlisten] shutdown: final commit... 2016-01-21T00:40:13.439+0530 [initandlisten] shutdown: closing all files... 2016-01-21T00:40:13.439+0530 [initandlisten] closeAllFiles() finished 2016-01-21T00:40:13.439+0530 [initandlisten] shutdown: removing fs lock... 2016-01-21T00:40:13.439+0530 [initandlisten] couldn't remove fs lock errno:9 Bad file descriptor 2016-01-21T00:40:13.440+0530 [initandlisten] dbexit: really exiting now观察:
Unable to create/open lock file: /var/lib/mongodb/mongod.lock errno:13 Permission denied Is a mongod instance already running?, terminating我在日志中发现了这个错误。不知道它是否导致 mongodb 到 terminate.if 它导致 mongo 到 STOP 然后在计算机启动时如何设置权限?
也可以使用 supervisor:
apt install supervisor
进程设置 mongodb:
在位置 /etc/supervisor/conf.d 创建文件 myupstartservice.conf 并在下面放置代码
[program:mongo]
command=/usr/bin/mongod --auth --config /etc/mongod.conf
autostart=true
autorestart=true
user=root
priority=100
然后检查服务
service supervisor restart
1:到达 -> $cd /etc/init/
2 :通过 vi 或 nano 编辑器使用以下代码创建文件 myservice.conf
description "service to start mongodb at startup"
author "plutopunch :)"
start on started mountall
stop on shutdown
respawn
respawn limit 99 5
script
export HOME="/home/admin"
exec sudo mongod --port 27017 --auth --dbpath /var/lib/mongodb
end script
post-start script
end script
3 : 重启电脑
绝对没有必要 fiddle 使用启动文件(你真的不应该这样做,除非你 完全 知道你在做什么)或安装额外的软件用于管理 MongoDB.
我宁愿建议read MongoDB's extensive documentation of the config file options。
您唯一需要做的就是设置
auth=true
旧配置文件或
security:
authorization: enabled
对于 /etc/mongod.conf
感谢@Markus W mahalberg 详细扩展您的答案
Correct Mongodb Way to set mongo in startup with authentication
步骤:
1 : sudo apt-get install mongodb-org - 在新终端
2 : sudo mongod --port 27017 --dbpath /var/lib/mongodb
3 : mongo --port 27017 - 在新终端
4 : use admin
5 : 让我们设置 superuser
db.createUser(
{
user: "tom",
pwd: "jerry",
roles: [
{ role: "userAdminAnyDatabase", db: "admin" },
{ role: "readWriteAnyDatabase", db: "admin" },
{ role: "dbAdminAnyDatabase", db: "admin" },
{ role: "clusterAdmin", db: "admin" }
]
})
6 : 让我们配置 启动服务 在 /etc/mongod.conf 中进行更改并设置
auth = true
port = 27017
7 : sudo /etc/init.d/mongod stop 或 sudo service mongod stop - 在新终端
8 : sudo /etc/init.d/mongod start 或 sudo service mongod start
9 : restart your pc 在重新启动电脑之前请清空此文件 /var/log/mongodb/mongod.log 并保存
Now lets check TWO things Authentication & mongodb running at startup
1 :检查身份验证设置
mongo --port 27017 -u "tom" -p "jerry" --authenticationDatabase "admin" - 在新终端
注意 : 这一步是最重要的一步。
它会在终端上输出类似
MongoDB shell version: 2.6.11
connecting to: 127.0.0.1:27017/test
>
2 :检查启动时 mongodb 是否为 运行
运行 下面的命令没有 运行 mongod 因为 mongod 应该在启动时启动
mongo --port 27017 -u "tom" -p "jerry" --authenticationDatabase "admin" - 在新终端
如果它没有启动然后打开这个文件 '/var/log/mongodb/mongod.log' .
如果它包含错误日志:
Unable to create/open lock file: /var/lib/mongodb/mongod.lock errno:13 Permission denied Is a mongod instance already running?, terminating
然后应用这些权限并重新启动并再次检查
sudo chown -R mongodb:mongodb /var/lib/mongodb/.
sudo chown -R mongodb:mongodb /var/log/mongodb/mongod.log
sudo /etc/init.d/mongod stop` OR `sudo service mongod stop
sudo /etc/init.d/mongod start` OR `sudo service mongod start
如果它不包含上述错误日志那么你应该在启动时成功启动mongodb