【问题标题】:how to set mogodb in upstart service with authentication如何通过身份验证在新贵服务中设置mongodb
【发布时间】:2016-04-24 00:08:38
【问题描述】:

我在 mongodb v2.6.11 中使用 usernamepassword 创建了一个超级用户 tom,现在我想将其添加到 ubuntu 启动服务

在搜索时知道我必须编辑以下文件

这就是我的/etc/init/mongod.conf 的样子

pre-start script
    mkdir -p /var/lib/mongodb/
    mkdir -p /var/log/mongodb/
end script

start on runlevel [2345]
stop on runlevel [06]

script
  ENABLE_MONGOD="yes"
  CONF=/etc/mongod.conf
  DAEMON=/usr/bin/mongod
  DAEMONUSER=${DAEMONUSER:-mongodb}

  if [ -f /etc/default/mongod ]; then . /etc/default/mongod; fi

  # Handle NUMA access to CPUs (SERVER-3574)
  # This verifies the existence of numactl as well as testing that the command works
  NUMACTL_ARGS="--interleave=all"
  if which numactl >/dev/null 2>/dev/null && numactl $NUMACTL_ARGS ls / >/dev/null 2>/dev/null
  then/etc/init/mongod.conf
    NUMACTL="$(which numactl) -- $NUMACTL_ARGS"
    DAEMON_OPTS=${DAEMON_OPTS:-"--config $CONF"}
  else
    NUMACTL=""
    DAEMON_OPTS="-- "${DAEMON_OPTS:-"--config $CONF"}
  fi

  if [ "x$ENABLE_MONGOD" = "xyes" ]
  then
    exec start-stop-daemon --start --chuid $DAEMONUSER --exec $NUMACTL $DAEMON $DAEMON_OPTS
  fi
end script

尝试 1 :通过使用 mongo 命令行

sudo mongod --auth --port 27017 --dbpath /var/lib/mongodb

但不知道在/etc/init/mongod.conf 中要更改什么?


尝试 2:通过使用 /etc/mongod.conf

  1. /etc/mongod.conf 发生了变化

auth = true

port = 27017

  1. $sudo mongod --config /etc/mongod.conf

  2. /var/log/mongodb/mongod.log 发射命令后

    2016-01-20T23:58:41.675+0530 ***** SERVER RESTARTED ***** 2016-01-20T23:58:41.677+0530 [initandlisten] MongoDB starting : pid=3168 port=27017 dbpath=/var/lib/mongodb 64-bit host=vijay 2016-01-20T23:58:41.677+0530 [initandlisten] db version v2.6.11 2016-01-20T23:58:41.677+0530 [initandlisten] git version: d00c1735675c457f75a12d530bee85421f0c5548 2016-01-20T23:58:41.677+0530 [initandlisten] build info: Linux build4.ny.cbi.10gen.cc 2.6.32-431.3.1.el6.x86_64 #1 SMP Fri Jan 3 21:39:27 UTC 2014 x86_64 BOOST_LIB_VERSION=1_49 2016-01-20T23:58:41.677+0530 [initandlisten] allocator: tcmalloc 2016-01-20T23:58:41.677+0530 [initandlisten] options: { config: "/etc/mongod.conf", net: { bindIp: "127.0.0.1", port: 27017 }, security: { authorization: "enabled" }, storage: { dbPath: "/var/lib/mongodb" }, systemLog: { destination: "file", logAppend: true, path: "/var/log/mongodb/mongod.log" } } 2016-01-20T23:58:41.812+0530 [initandlisten] journal dir=/var/lib/mongodb/journal 2016-01-20T23:58:41.812+0530 [initandlisten] recover : no journal files present, no recovery needed 2016-01-20T23:58:41.934+0530 [initandlisten] waiting for connections on port 27017 2016-01-20T23:58:47.746+0530 [signalProcessingThread] got signal 2 (Interrupt), will terminate after current cmd ends 2016-01-20T23:58:47.746+0530 [signalProcessingThread] now exiting 2016-01-20T23:58:47.746+0530 [signalProcessingThread] dbexit: 2016-01-20T23:58:47.746+0530 [signalProcessingThread] shutdown: going to close listening sockets... 2016-01-20T23:58:47.746+0530 [signalProcessingThread] closing listening socket: 10 2016-01-20T23:58:47.746+0530 [signalProcessingThread] closing listening socket: 13 2016-01-20T23:58:47.746+0530 [signalProcessingThread] removing socket file: /tmp/mongodb-27017.sock 2016-01-20T23:58:47.746+0530 [signalProcessingThread] shutdown: going to flush diaglog... 2016-01-20T23:58:47.746+0530 [signalProcessingThread] shutdown: going to close sockets... 2016-01-20T23:58:47.746+0530 [signalProcessingThread] shutdown: waiting for fs preallocator... 2016-01-20T23:58:47.746+0530 [signalProcessingThread] shutdown: lock for final commit... 2016-01-20T23:58:47.746+0530 [signalProcessingThread] shutdown: final commit... 2016-01-20T23:58:47.838+0530 [signalProcessingThread] shutdown: closing all files... 2016-01-20T23:58:47.843+0530 [signalProcessingThread] closeAllFiles() finished 2016-01-20T23:58:47.843+0530 [signalProcessingThread] journalCleanup... 2016-01-20T23:58:47.843+0530 [signalProcessingThread] removeJournalFiles 2016-01-20T23:58:47.949+0530 [signalProcessingThread] shutdown: removing fs lock... 2016-01-20T23:58:47.949+0530 [signalProcessingThread] dbexit: really exiting now

  3. 但在关闭终端时 mongodb 也会关闭

尝试 3

  1. /etc/mongod.conf 发生了变化

auth = true

port = 27017

  1. 重启电脑

  2. /var/log/mongodb/mongod.log重新启动计算机

    之后

    2016-01-21T00:40:13.011+0530 ***** SERVER RESTARTED ***** 2016-01-21T00:40:13.014+0530 [initandlisten] MongoDB starting : pid=1012 port=27017 dbpath=/var/lib/mongodb 64-bit host=vijay 2016-01-21T00:40:13.014+0530 [initandlisten] db version v2.6.11 2016-01-21T00:40:13.014+0530 [initandlisten] git version: d00c1735675c457f75a12d530bee85421f0c5548 2016-01-21T00:40:13.014+0530 [initandlisten] build info: Linux build4.ny.cbi.10gen.cc 2.6.32-431.3.1.el6.x86_64 #1 SMP Fri Jan 3 21:39:27 UTC 2014 x86_64 BOOST_LIB_VERSION=1_49 2016-01-21T00:40:13.014+0530 [initandlisten] allocator: tcmalloc 2016-01-21T00:40:13.014+0530 [initandlisten] options: { config: "/etc/mongod.conf", net: { bindIp: "127.0.0.1", port: 27017 }, security: { authorization: "enabled" }, storage: { dbPath: "/var/lib/mongodb" }, systemLog: { destination: "file", logAppend: true, path: "/var/log/mongodb/mongod.log" } } 2016-01-21T00:40:13.439+0530 [initandlisten] exception in initAndListen: 10309 Unable to create/open lock file: /var/lib/mongodb/mongod.lock errno:13 Permission denied Is a mongod instance already running?, terminating 2016-01-21T00:40:13.439+0530 [initandlisten] dbexit: 2016-01-21T00:40:13.439+0530 [initandlisten] shutdown: going to close listening sockets... 2016-01-21T00:40:13.439+0530 [initandlisten] shutdown: going to flush diaglog... 2016-01-21T00:40:13.439+0530 [initandlisten] shutdown: going to close sockets... 2016-01-21T00:40:13.439+0530 [initandlisten] shutdown: waiting for fs preallocator... 2016-01-21T00:40:13.439+0530 [initandlisten] shutdown: lock for final commit... 2016-01-21T00:40:13.439+0530 [initandlisten] shutdown: final commit... 2016-01-21T00:40:13.439+0530 [initandlisten] shutdown: closing all files... 2016-01-21T00:40:13.439+0530 [initandlisten] closeAllFiles() finished 2016-01-21T00:40:13.439+0530 [initandlisten] shutdown: removing fs lock... 2016-01-21T00:40:13.439+0530 [initandlisten] couldn't remove fs lock errno:9 Bad file descriptor 2016-01-21T00:40:13.440+0530 [initandlisten] dbexit: really exiting now

  3. 观察Unable to create/open lock file: /var/lib/mongodb/mongod.lock errno:13 Permission denied Is a mongod instance already running?, terminating 我在日志中发现了这个错误。不知道它是否导致 mongodb 终止。如果它导致 mongo 在计算机启动时 STOP 那么如何设置权限?

【问题讨论】:

    标签: mongodb ubuntu startup upstart startupscript


    【解决方案1】:

    绝对没有必要摆弄启动文件(除非你完全知道你在做什么,否则你真的不应该这样做)或安装额外的软件来管理 MongoDB。

    我宁愿建议read MongoDB's extensive documentation of the config file options

    你唯一需要做的就是设置

    auth=true
    

    对于旧版配置文件或

    security:
      authorization: enabled
    

    /etc/mongod.conf 中的 YAML 配置文件

    【讨论】:

    • @plutopunch 好吧,那么我必须告诉我所有的客户……还有其他 DBA……还有 MongoDB Inc.……;) 参数完全正确为此,请添加editing your question的日志输出。
    • 不要手动添加星号,只需使用service MongoDB restart 来应用配置更改。
    【解决方案2】:

    也可以使用supervisor

    apt install supervisor
    

    mongodb进程设置:

    /etc/supervisor/conf.d 位置创建文件myupstartservice.conf 并放入以下代码

    [program:mongo]
    command=/usr/bin/mongod --auth --config /etc/mongod.conf
    autostart=true
    autorestart=true
    user=root
    priority=100
    

    然后检查服务

    service supervisor restart

    some reference

    【讨论】:

    • 为什么要在 init 之上的暴发户之上使用监督者?
    • 配置更简单,生活大大简化。
    • 并添加一个完全没有必要的移动部件,参见my answer
    • 哦,顺便说一句:你永远不应该以 root 身份运行 MongoDB。
    • 好吧,这只是一个例子;)
    【解决方案3】:

    感谢@Markus W mahalberg详细步骤扩展您的答案

    正确的 Mongodb 方法在启动时设置 mongo 并进行身份验证


    步骤

    1 : sudo apt-get install mongodb-org - 在新终端中

    2 : sudo mongod --port 27017 --dbpath /var/lib/mongodb

    3 : mongo --port 27017 - 在新终端中

    4:use admin

    5 : 让我们设置superuser

    db.createUser(
    {
        user: "tom",
        pwd: "jerry",
        roles: [
                  { role: "userAdminAnyDatabase", db: "admin" },
                  { role: "readWriteAnyDatabase", db: "admin" },
                  { role: "dbAdminAnyDatabase", db: "admin" },
                  { role: "clusterAdmin", db: "admin" }
               ]
    })
    

    6 : 让我们为 Startup service 配置 Do Changes In /etc/mongod.conf 并设置

    auth = true

    port = 27017

    7 : sudo /etc/init.d/mongod stopsudo service mongod stop - 在新终端中

    8 : sudo /etc/init.d/mongod startsudo service mongod start

    9 : restart your pc 重启电脑前请清空此文件/var/log/mongodb/mongod.log 并保存

    现在让我们检查两件事 身份验证 & mongodb 在启动时运行

    1 :检查身份验证设置

    mongo --port 27017 -u "tom" -p "jerry" --authenticationDatabase "admin" - 在新终端中

    注意这一步是最重要的一步。

    它会像这样在终端上输出输出

    MongoDB shell version: 2.6.11
    connecting to: 127.0.0.1:27017/test
    >
    

    2 :在启动时检查 mongodb 是否正在运行

    在不运行 mongod 的情况下运行以下命令,因为 mongod 应该在启动时启动

    mongo --port 27017 -u "tom" -p "jerry" --authenticationDatabase "admin" - 在新终端中

    如果它没有启动,则打开此文件 '/var/log/mongodb/mongod.log'。

    如果它包含错误日志:

    Unable to create/open lock file: /var/lib/mongodb/mongod.lock errno:13 Permission denied Is a mongod instance already running?, terminating

    然后应用这些权限并重新启动并再次检查

    sudo chown -R mongodb:mongodb /var/lib/mongodb/.
    sudo chown -R mongodb:mongodb /var/log/mongodb/mongod.log
    sudo /etc/init.d/mongod stop` OR `sudo service mongod stop    
    sudo /etc/init.d/mongod start` OR `sudo service mongod start 
    

    如果它不包含上述错误日志,那么你应该在启动时成功启动了 mongodb

    【讨论】:

      【解决方案4】:

      1 : 转到 -> $cd /etc/init/

      2 :通过 vi 或 nano 编辑器使用以下代码创建文件myservice.conf

      description "service to start mongodb at startup"
      author "plutopunch :)"
      
      start on started mountall
      stop on shutdown
      
      respawn
      respawn limit 99 5
      
      script
           export HOME="/home/admin"
      
           exec sudo mongod --port 27017 --auth --dbpath /var/lib/mongodb
      end script
      
      post-start script
      end script
      

      3:重启电脑

      http://upstart.ubuntu.com/cookbook/

      【讨论】:

        猜你喜欢
        • 2022-01-10
        • 1970-01-01
        • 2017-02-09
        • 2018-03-28
        • 2016-04-06
        • 1970-01-01
        • 2017-05-03
        • 1970-01-01
        相关资源
        最近更新 更多