通過密鑰文件進行身份驗證的mongodb分片副本集
[英]mongodb sharding replica sets with authentication via keyfile
問題描述
我們有兩個副本集和一個artiber節點。 在副本集中,一個被指定為主副本,另一個被指定為次副本。 當其中一個關閉時,另一個自動取代另一個。 但是在無法預料的情況下,當主服務器和輔助服務器都關閉時(也就是仲裁器),當我們重新啟動它們時,rs.status都顯示為SECONDARY。 他們都沒有被選為主要。 rs.status顯示如下錯誤(注意:我們嘗試手動更改pri / secondary節點的優先級。我們使用帶有--keyfile的mongodb 2.0版進行身份驗證。所有基本檢查均已完成初步調試,但到目前為止沒有任何線索)。 請建議。
SECONDARY> rs.status();
{
"set" : "testdata1",
"date" : ISODate("2011-11-08T15:30:14Z"),
"myState" : 2,
"members" : [
{
"_id" : 0,
"name" : "192.162.1.19:10001",
"health" : 1,
"state" : 2,
"stateStr" : "SECONDARY",
"optime" : {
"t" : 1320763306000,
"i" : 1
},
"optimeDate" : ISODate("2011-11-08T14:41:46Z"),
"self" : true
},
{
"_id" : 1,
"name" : "192.162.1.29:10002",
"health" : 0,
"state" : 8,
"stateStr" : "(not reachable/healthy)",
"uptime" : 0,
"optime" : {
"t" : 0,
"i" : 0
},
"optimeDate" : ISODate("1970-01-01T00:00:00Z"),
"lastHeartbeat" : ISODate("2011-11-08T15:30:13Z"),
"pingMs" : 0,
"errmsg" : "need to login"
},
{
"_id" : 2,
"name" : "192.162.1.29:10003",
"health" : 0,
"state" : 8,
"stateStr" : "(not reachable/healthy)",
"uptime" : 0,
"optime" : {
"t" : 0,
"i" : 0
},
"optimeDate" : ISODate("1970-01-01T00:00:00Z"),
"lastHeartbeat" : ISODate("2011-11-08T15:30:13Z"),
"pingMs" : 0,
"errmsg" : "need to login"
}
],
"ok" : 1
}
Below of the log details which we have configured and getting the log details.
===============================================================================
[192.162.1.19]
nohup mongod --rest --shardsvr --replSet testdata1 --port 10001 --oplogSize 50 --nojournal --keyFile /data/mongopwdkey/shardkey --dbpath /data/db/shardrepl_pri_1 > /tmp/shardrepl_pri_1.txt &
[192.162.1.29]
nohup mongod --rest --shardsvr --replSet testdata1 --port 10002 --oplogSize 50 --nojournal --keyFile /data/mongopwdkey/shardkey --dbpath /data/db/shardrepl_sec_1 > /tmp/shardrepl_sec_1.txt &
nohup mongod --rest --shardsvr --replSet testdata1 --port 10003 --oplogSize 10 --nojournal --keyFile /data/mongopwdkey/shardkey --dbpath /data/db/shardrepl_arb_1 > /tmp/shardrepl_arb_1.txt &
[192.162.1.19]
mongo --port 10001
conf = {_id : "testdata1",members : [{_id : 0, host : "192.162.1.19:10001", votes : 2},{_id : 1, host : "192.162.1.29:10002", votes : 1},{_id:2, host: "192.162.1.29:10003", votes : 3, arbiterOnly: true}]}
rs.initiate(conf)
rs.status()
use admin;
db.addUser("admin","admin");
exit;
# mongo -port 10001 admin -u admin -p
MongoDB shell version: 2.0.1
Enter password:
connecting to: 127.0.0.1:10001/admin
SECONDARY> rs.status();
{
"set" : "testdata1",
"date" : ISODate("2011-11-09T10:11:46Z"),
"myState" : 2,
"members" : [
{
"_id" : 0,
"name" : "192.162.1.19:10001",
"health" : 1,
"state" : 2,
"stateStr" : "SECONDARY",
"optime" : {
"t" : 1320763306000,
"i" : 1
},
"optimeDate" : ISODate("2011-11-08T14:41:46Z"),
"self" : true
},
{
"_id" : 1,
"name" : "192.162.1.29:10002",
"health" : 0,
"state" : 8,
"stateStr" : "(not reachable/healthy)",
"uptime" : 0,
"optime" : {
"t" : 0,
"i" : 0
},
"optimeDate" : ISODate("1970-01-01T00:00:00Z"),
"lastHeartbeat" : ISODate("2011-11-09T10:11:45Z"),
"pingMs" : 0,
"errmsg" : "need to login"
},
{
"_id" : 2,
"name" : "192.162.1.29:10003",
"health" : 0,
"state" : 8,
"stateStr" : "(not reachable/healthy)",
"uptime" : 0,
"optime" : {
"t" : 0,
"i" : 0
},
"optimeDate" : ISODate("1970-01-01T00:00:00Z"),
"lastHeartbeat" : ISODate("2011-11-09T10:11:45Z"),
"pingMs" : 0,
"errmsg" : "need to login"
}
],
"ok" : 1
}
[192.162.1.29]
[root@dev_bmapp ~]# mongo -port 10002 admin -u admin -p
MongoDB shell version: 2.0.1
Enter password:
connecting to: 127.0.0.1:10002/admin
SECONDARY> rs.status();
{
"set" : "testdata1",
"date" : ISODate("2011-11-09T10:13:41Z"),
"myState" : 2,
"members" : [
{
"_id" : 0,
"name" : "192.162.1.19:10001",
"health" : 1,
"state" : 2,
"stateStr" : "SECONDARY",
"uptime" : 67411,
"optime" : {
"t" : 1320763306000,
"i" : 1
},
"optimeDate" : ISODate("2011-11-08T14:41:46Z"),
"lastHeartbeat" : ISODate("2011-11-09T10:13:40Z"),
"pingMs" : 0
},
{
"_id" : 1,
"name" : "192.162.1.29:10002",
"health" : 1,
"state" : 2,
"stateStr" : "SECONDARY",
"optime" : {
"t" : 1320763306000,
"i" : 1
},
"optimeDate" : ISODate("2011-11-08T14:41:46Z"),
"self" : true
},
{
"_id" : 2,
"name" : "192.162.1.29:10003",
"health" : 1,
"state" : 5,
"stateStr" : "STARTUP2",
"uptime" : 67411,
"optime" : {
"t" : 0,
"i" : 0
},
"optimeDate" : ISODate("1970-01-01T00:00:00Z"),
"lastHeartbeat" : ISODate("2011-11-09T10:13:41Z"),
"pingMs" : 0
}
],
"ok" : 1
}
Primary Node Log [192.162.1.19]
==============================
Tue Nov 8 20:45:19 [initandlisten] MongoDB starting : pid=31771 port=10001 dbpath=/usr/db/shardrepl_pri_1 64-bit host=tedst.com
Tue Nov 8 20:45:19 [initandlisten] db version v2.0.1, pdfile version 4.5
Tue Nov 8 20:45:19 [initandlisten] git version: 3a5cf0e2134a830d38d2d1aae7e88cac31bdd684
Tue Nov 8 20:45:19 [initandlisten] build info: Linux bs-linux64.10gen.cc 2.6.21.7-2.ec2.v1.2.fc8xen #1 SMP Fri Nov 20 17:48:28 EST 2009 x86_64 BOOST_LIB_VERSION=1_41
Tue Nov 8 20:45:19 [initandlisten] options: { dbpath: "/usr/db/shardrepl_pri_1", keyFile: "/data/mongopwdkey/shardkey", nojournal: true, oplogSize: 50, port: 10001, replSet: "testdata1", rest: true, shardsvr:
true }
Tue Nov 8 20:45:19 [initandlisten] waiting for connections on port 10001
Tue Nov 8 20:45:19 [websvr] admin web console waiting for connections on port 11001
Tue Nov 8 20:45:19 [rsStart] warning: getaddrinfo("localhost") failed: Name or service not known
Tue Nov 8 20:45:19 [initandlisten] connection accepted from 127.0.0.1:44334 #1
Tue Nov 8 20:45:19 [conn1] authenticate: { authenticate: 1, nonce: "ef53058aadd66cdb", user: "__system", key: "cbb8f221a881a90f8335edfb872a2300" }
Tue Nov 8 20:45:19 [conn1] end connection 127.0.0.1:44334
Tue Nov 8 20:45:19 [initandlisten] connection accepted from 127.0.0.1:44335 #2
Tue Nov 8 20:45:19 [conn2] authenticate: { authenticate: 1, nonce: "86291a3e4c0c34e7", user: "__system", key: "2767d3377e700e50ab5a981a1c912516" }
Tue Nov 8 20:45:19 [rsStart] replSet STARTUP2
Tue Nov 8 20:45:19 [rsMgr] replSet total number of votes is even - add arbiter or give one member an extra vote
Tue Nov 8 20:45:19 [rsSync] replSet SECONDARY
Tue Nov 8 20:45:19 [rsHealthPoll] couldn't connect to 192.162.1.29:10002: couldn't connect to server 192.162.1.29:10002
Tue Nov 8 20:45:19 [rsHealthPoll] couldn't connect to 192.162.1.29:10003: couldn't connect to server 192.162.1.29:10003
Tue Nov 8 20:45:19 [rsHealthPoll] replSet info 192.162.1.29:10002 is down (or slow to respond): socket exception
Tue Nov 8 20:45:19 [rsHealthPoll] replSet member 192.162.1.29:10002 is now in state DOWN
Tue Nov 8 20:45:19 [rsMgr] replSet can't see a majority, will not try to elect self
Tue Nov 8 20:45:19 [rsHealthPoll] replSet info 192.162.1.29:10003 is down (or slow to respond): socket exception
Tue Nov 8 20:45:19 [rsHealthPoll] replSet member 192.162.1.29:10003 is now in state DOWN
Tue Nov 8 20:45:34 [rsSync] waiting for 6 pings from other members before syncing
Tue Nov 8 20:45:45 [initandlisten] connection accepted from 192.162.1.29:39967 #3
Tue Nov 8 20:45:45 [conn3] authenticate: { authenticate: 1, nonce: "fedd49f05b5d622a", user: "__system", key: "e935b883e38f43df80ec4d2f0dc44203" }
Tue Nov 8 20:45:49 [rsSync] waiting for 6 pings from other members before syncing
Tue Nov 8 20:46:04 [rsSync] waiting for 6 pings from other members before syncing
Tue Nov 8 20:46:19 [clientcursormon] mem (MB) res:32 virt:338 mapped:80
Tue Nov 8 20:46:19 [rsSync] waiting for 6 pings from other members before syncing
Tue Nov 8 20:46:32 [initandlisten] connection accepted from 127.0.0.1:59064 #4
Tue Nov 8 20:46:32 [conn4] authenticate: { authenticate: 1.0, user: "admin", nonce: "5a933fe3ff7d0f19", key: "f5a9f4d430188708bc1bfc599ce0cfd8" }
Tue Nov 8 20:46:34 [rsSync] waiting for 6 pings from other members before syncing
Tue Nov 8 20:46:49 [rsSync] waiting for 6 pings from other members before syncing
Tue Nov 8 20:47:04 [rsSync] waiting for 6 pings from other members before syncing
Tue Nov 8 20:47:19 [clientcursormon] mem (MB) res:48 virt:419 mapped:160
Tue Nov 8 20:47:19 [rsSync] waiting for 6 pings from other members before syncing
Tue Nov 8 20:47:34 [rsSync] waiting for 6 pings from other members before syncing
Second Node Log [192.162.1.29]
==============================
Tue Nov 8 21:00:10 [initandlisten] MongoDB starting : pid=26348 port=10002 dbpath=/usr/db/shardrepl_sec_1 64-bit host=dev_bmapp
Tue Nov 8 21:00:10 [initandlisten] db version v2.0.1, pdfile version 4.5
Tue Nov 8 21:00:10 [initandlisten] git version: 3a5cf0e2134a830d38d2d1aae7e88cac31bdd684
Tue Nov 8 21:00:10 [initandlisten] build info: Linux bs-linux64.10gen.cc 2.6.21.7-2.ec2.v1.2.fc8xen #1 SMP Fri Nov 20 17:48:28 EST 2009 x86_64 BOOST_LIB_VERSION=1_41
Tue Nov 8 21:00:10 [initandlisten] options: { dbpath: "/usr/db/shardrepl_sec_1", keyFile: "/data/mongopwdkey/shardkey", nojournal: true, oplogSize: 50, port: 10002, replSet: "testdata1", rest: true, shardsvr:
true }
Tue Nov 8 21:00:10 [initandlisten] waiting for connections on port 10002
Tue Nov 8 21:00:10 [websvr] admin web console waiting for connections on port 11002
Tue Nov 8 21:00:10 [rsStart] warning: getaddrinfo("localhost") failed: Name or service not known
Tue Nov 8 21:00:10 [initandlisten] connection accepted from 127.0.0.1:49277 #1
Tue Nov 8 21:00:10 [conn1] authenticate: { authenticate: 1, nonce: "d70feca6820c2618", user: "__system", key: "5a722a819e43d1d7d71732206c39bac8" }
Tue Nov 8 21:00:10 [conn1] end connection 127.0.0.1:49277
Tue Nov 8 21:00:10 [initandlisten] connection accepted from 127.0.0.1:49278 #2
Tue Nov 8 21:00:10 [conn2] authenticate: { authenticate: 1, nonce: "ec42a3430be2cea3", user: "__system", key: "b2d06709594afb1a747784a2a98aee68" }
Tue Nov 8 21:00:10 [rsStart] replSet STARTUP2
Tue Nov 8 21:00:10 [rsMgr] replSet total number of votes is even - add arbiter or give one member an extra vote
Tue Nov 8 21:00:10 [rsSync] replSet SECONDARY
Tue Nov 8 21:00:10 [rsHealthPoll] replSet info member 192.162.1.29:10003 is up
Tue Nov 8 21:00:10 [rsHealthPoll] replSet member 192.162.1.29:10003 is now in state STARTUP2
Tue Nov 8 21:00:10 [rsHealthPoll] replSet info member 192.162.1.19:10001 is up
Tue Nov 8 21:00:10 [rsHealthPoll] replSet member 192.162.1.19:10001 is now in state SECONDARY
Tue Nov 8 21:00:10 [rsMgr] not electing self, 192.162.1.29:10003 would veto
Tue Nov 8 21:00:10 [rsMgr] not electing self, 192.162.1.29:10003 would veto
Tue Nov 8 21:00:11 [initandlisten] connection accepted from 192.162.1.29:45450 #3
Tue Nov 8 21:00:11 [initandlisten] connection accepted from 192.168.1.19:56403 #4
Tue Nov 8 21:00:16 [rsMgr] not electing self, 192.162.1.29:10003 would veto
Tue Nov 8 21:00:22 [rsMgr] not electing self, 192.162.1.29:10003 would veto
Tue Nov 8 21:00:26 [rsMgr] not electing self, 192.162.1.29:10003 would veto
Tue Nov 8 21:00:28 [rsMgr] not electing self, 192.162.1.29:10003 would veto
Tue Nov 8 21:00:34 [rsMgr] not electing self, 192.162.1.29:10003 would veto
Tue Nov 8 21:00:40 [rsMgr] not electing self, 192.162.1.29:10003 would veto
Tue Nov 8 21:00:41 [rsMgr] not electing self, 192.162.1.29:10003 would veto
Tue Nov 8 21:00:46 [rsMgr] not electing self, 192.162.1.29:10003 would veto
Tue Nov 8 21:00:52 [rsMgr] not electing self, 192.162.1.29:10003 would veto
Tue Nov 8 21:00:56 [rsMgr] not electing self, 192.162.1.29:10003 would veto
Tue Nov 8 21:00:58 [rsMgr] not electing self, 192.162.1.29:10003 would veto
Tue Nov 8 21:01:04 [rsMgr] not electing self, 192.162.1.29:10003 would veto
Tue Nov 8 21:01:10 [clientcursormon] mem (MB) res:32 virt:329 mapped:80
Tue Nov 8 21:01:10 [rsMgr] not electing self, 192.162.1.29:10003 would veto
Arbitor Log [192.162.1.29]
========================
Tue Nov 8 20:45:43 [initandlisten] MongoDB starting : pid=25602 port=10003 dbpath=/usr/db/shardrepl_arb_1 64-bit host=dev_bmapp
Tue Nov 8 20:45:43 [initandlisten] db version v2.0.1, pdfile version 4.5
Tue Nov 8 20:45:43 [initandlisten] git version: 3a5cf0e2134a830d38d2d1aae7e88cac31bdd684
Tue Nov 8 20:45:43 [initandlisten] build info: Linux bs-linux64.10gen.cc 2.6.21.7-2.ec2.v1.2.fc8xen #1 SMP Fri Nov 20 17:48:28 EST 2009 x86_64 BOOST_LIB_VERSION=1_41
Tue Nov 8 20:45:43 [initandlisten] options: { dbpath: "/usr/db/shardrepl_arb_1", keyFile: "/data/mongopwdkey/shardkey", nojournal: true, oplogSize: 10, port: 10003, replSet: "testdata1", rest: true, shardsvr:
true }
Tue Nov 8 20:45:43 [initandlisten] waiting for connections on port 10003
Tue Nov 8 20:45:43 [websvr] admin web console waiting for connections on port 11003
Tue Nov 8 20:45:43 [rsStart] warning: getaddrinfo("localhost") failed: Name or service not known
Tue Nov 8 20:45:43 [initandlisten] connection accepted from 127.0.0.1:35243 #1
Tue Nov 8 20:45:43 [conn1] authenticate: { authenticate: 1, nonce: "58de2a6831f1e8d9", user: "__system", key: "6a91a713f03914981bf02291ed2be857" }
Tue Nov 8 20:45:43 [conn1] end connection 127.0.0.1:35243
Tue Nov 8 20:45:43 [initandlisten] connection accepted from 127.0.0.1:35244 #2
Tue Nov 8 20:45:43 [conn2] authenticate: { authenticate: 1, nonce: "5b004a2a3b5dc6aa", user: "__system", key: "6b558e1b9f108f1b0ddfa2186d037fd7" }
Tue Nov 8 20:45:43 [rsStart] replSet STARTUP2
Tue Nov 8 20:45:43 [rsMgr] replSet total number of votes is even - add arbiter or give one member an extra vote
Tue Nov 8 20:45:43 [rsHealthPoll] couldn't connect to 192.162.1.29:10002: couldn't connect to server 192.162.1.29:10002
Tue Nov 8 20:45:43 [rsHealthPoll] replSet info 192.162.1.29:10002 is down (or slow to respond): socket exception
Tue Nov 8 20:45:43 [rsHealthPoll] replSet member 192.162.1.29:10002 is now in state DOWN
Tue Nov 8 20:45:43 [initandlisten] connection accepted from 192.168.1.19:58278 #3
Tue Nov 8 20:45:45 [rsHealthPoll] replSet info member 192.162.1.19:10001 is up
Tue Nov 8 20:45:45 [rsHealthPoll] replSet member 192.162.1.19:10001 is now in state SECONDARY
Tue Nov 8 20:46:43 [clientcursormon] mem (MB) res:32 virt:254 mapped:80
Tue Nov 8 20:51:43 [clientcursormon] mem (MB) res:32 virt:254 mapped:80
Tue Nov 8 20:56:43 [clientcursormon] mem (MB) res:32 virt:254 mapped:80
Tue Nov 8 21:00:10 [initandlisten] connection accepted from 192.162.1.29:51209 #4
Tue Nov 8 21:00:10 [conn4] authenticate: { authenticate: 1, nonce: "645eb986e2df4ea6", user: "__system", key: "11937268ef824799913b556c48cbd146" }
Tue Nov 8 21:01:43 [clientcursormon] mem (MB) res:32 virt:255 mapped:80
Tue Nov 8 21:02:43 [clientcursormon] mem (MB) res:32 virt:319 mapped:80
Tue Nov 8 21:07:43 [clientcursormon] mem (MB) res:32 virt:319 mapped:80
Tue Nov 8 21:12:43 [clientcursormon] mem (MB) res:32 virt:319 mapped:80
Tue Nov 8 21:17:43 [clientcursormon] mem (MB) res:32 virt:319 mapped:80
Tue Nov 8 21:22:43 [clientcursormon] mem (MB) res:32 virt:319 mapped:80
Tue Nov 8 21:27:43 [clientcursormon] mem (MB) res:32 virt:319 mapped:80
Tue Nov 8 21:32:43 [clientcursormon] mem (MB) res:32 virt:319 mapped:80
Tue Nov 8 21:37:43 [clientcursormon] mem (MB) res:32 virt:319 mapped:80
Tue Nov 8 21:42:43 [clientcursormon] mem (MB) res:32 virt:319 mapped:80
Tue Nov 8 21:47:44 [clientcursormon] mem (MB) res:32 virt:319 mapped:80
Tue Nov 8 21:52:44 [clientcursormon] mem (MB) res:32 virt:319 mapped:80
"/tmp/shardrepl_arb_1.txt" 249L, 18928C
2 個解決方案
解決方案1
0 已采納 2011-11-08 18:56:28
- 檢查密鑰文件的權限,以確保可以讀取它。
- 檢查mongod日志以查看是否報告了您可以修復的任何錯誤
否則,這可能是https://jira.mongodb.org/browse/SERVER-3929的錯誤,由2.0.2中的https://jira.mongodb.org/browse/SERVER-3715修復(尚未在撰寫本文時發布)。
SERVER-3929案例中的一些用戶報告說,重新啟動節點很有幫助。
解決方案2
0 2011-11-10 17:23:51
我發現解決此問題的一種方法是在激活身份驗證之前創建管理員用戶(連接到admin數據庫時在外殼中使用db.addUser)。
這是前一陣子; 我不記得我的確切步驟,但是我相信我在每個副本和仲裁器(然后在每個分片上)上創建了該用戶,這就是為什么我的記憶模糊的原因。
MongoDB。 BadValue:使用副本集啟用授權時需要 security.keyFile
[英]MongoDB. BadValue: security.keyFile is required when authorization is enabled with replica sets
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.