mongodb副本设置:未经本地授权执行命令
[英]mongodb replica setup: not authorized on local to execute command
问题描述
I've been following this guide: https://gist.github.com/calvinh8/c99e198ce5df3d8b1f1e42c1b984d7a4 
我一直在遵循本指南: https : //gist.github.com/calvinh8/c99e198ce5df3d8b1f1e42c1b984d7a4
I just finished setting up all my servers and created the user in the admin database giving this return: 我刚刚完成所有服务器的设置,并在admin数据库中创建了该用户,并获得了以下回报:
Successfully added user: {
"user" : "user",
"roles" : [
{
"role" : "root",
"db" : "admin"
}
]
}
Now I am trying to link up the databases with the command: 现在,我尝试使用以下命令链接数据库:
rs.add("ec2-XX-XXX-XX-XXX.compute-1.amazonaws.com")
But it gives me back the error: 但这给了我错误:
2018-04-11T00:20:56.389+0000 E QUERY [thread1] Error: count failed: {
"ok" : 0,
"errmsg" : "not authorized on local to execute command { count: \"system.replset\", query: {}, fields: {} }",
"code" : 13,
"codeName" : "Unauthorized"
} :
_getErrorWithCode@src/mongo/shell/utils.js:25:13
DBQuery.prototype.count@src/mongo/shell/query.js:383:11
DBCollection.prototype.count@src/mongo/shell/collection.js:1700:12
rs.add@src/mongo/shell/utils.js:1240:1
@(shell):1:1
Is there some login I need to do for authentication when pointing to the replica? 指向副本时是否需要登录以进行身份验证? Do I have the keyFile wrong between machines? 机器之间是否存在keyFile错误? Can anyone shed some light? 谁能阐明一些想法?
2 个解决方案
解决方案1
1 已采纳 2018-04-12 09:14:53
The guide you're following is not very helpful; 您遵循的指南不是很有帮助; it misses out the crucial step that you need to authenticate your connection , once you've created that first admin user. 一旦创建了第一个管理员用户,它就错过了验证连接所需的关键步骤。
I suggest that you read the official MongoDB docs about authentication and replication (both are comprehensive and well-written); 我建议您阅读有关身份验证和复制的 MongoDB官方文档(两者都很全面且写得很好)。 in particular, the guide to enabling authentication covers precisely the situation you found yourself in. 特别是, 启用身份验证指南准确地涵盖了您所处的情况。
解决方案2
0 2018-05-08 02:25:25
I find the "comprehensive and well-written" documentation referred in another answer here quite confusing and misleading when one just needs to set up a database. 我发现这里的另一个答案中提到的“综合且编写良好”的文档在只需要建立数据库时就非常令人困惑和误导。 However, this official tutorial is almost on the target: https://docs.mongodb.com/manual/tutorial/deploy-replica-set-with-keyfile-access-control/#deploy-repl-set-with-auth 但是,此官方教程几乎是针对性的: https : //docs.mongodb.com/manual/tutorial/deploy-replica-set-with-keyfile-access-control/#deploy-repl-set-with-auth
This got to be simple, and it is: install bare dbs, create the key and place it on each box, update the configs, start each db, get on the one designated as primary locally, start the replicaset from the mongoshell. 这很简单,它是:安装裸db,创建密钥并将其放在每个框上,更新配置,启动每个db,在本地指定一个作为主要数据库,从mongoshell启动副本集。 One issue I had is that all replicaset members have to be added in one shot (as suggested in the tutorial). 我遇到的一个问题是所有副本集成员必须一次性添加(如本教程中所建议)。 Otherwise, after adding the 1st member, the authentication requirement kicks in and prevents from adding more members till a cluster admin user is created. 否则,添加第一个成员后,身份验证要求会生效,并阻止添加更多成员,直到创建集群管理员用户为止。 So, after starting the replicaset and before leaving the shell, make sure to create 3 users: admin, cluster admin and backup admin, check the ability to login from another shell, and then continue working under the proper user 因此,在启动副本集之后并离开外壳之前,请确保创建3个用户:admin,集群admin和备份admin,检查是否可以从另一个外壳登录,然后以适当的用户身份继续工作
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.