我已经成功部署了一个mongo复制集,在我的三个节点之间共享一个密钥文件。 它工作正常,问题是当我尝试启动操作管理器服务时:
[root@xxx:/etc]# service mongodb-mms start
Starting pre-flight checks
Failure to connect to configured mongo instance:
Config{loadBalance=false, encryptedCredentials=false, ssl='false',
dbNames='[mmsdb, mmsdbprovisionlog, mmsdbautomation, mmsdbserverlog,
mmsdbpings, mmsdbprofile, mmsdbrrd, mmsdbconfig, mmsdblogcollection,
mmsdbjobs, mmsdbagentlog, mmsdbbilling, backuplogs, automationcore,
monitoringstatus, mmsdbautomationlog, automationstatus, cloudconf, backupdb,
mmsdbprovisioning, mmsdbqueues]', uri=mongodb://xxx1:27017,xxx2:27017,xxx3:27017} Error: Command failed with
error 13: 'not authorized on admin to execute command { listDatabases: 1,
$db: "admin" }' on server xxx1:27017. The full response is { "operationTime"
: { "$timestamp" : { "t" : 1517416044, "i" : 1 } }, "ok" : 0.0, "errmsg" :
"not authorized on admin to execute command { listDatabases: 1, $db:
\"admin\" }", "code" : 13, "codeName" : "Unauthorized", "$clusterTime" : {
"clusterTime" : { "$timestamp" : { "t" : 1517416044, "i" : 1 } }, "signature" : { "hash" : { "$binary" : "fh+qyjJ0L8c8zCx0U672aJdZdUw=", "$type" : "00" }, "keyId" : { "$numberLong" : "6516848947321896961" } } } }
Pre-flight checks failed. Service can not start.
我没有获得数据库管理员的授权..
我已经尝试配置另一个repl集,我在其中评论了mongod.conf文件的这一部分
security:
keyFile: /opt/mongo/mongo-keyfile
我可以正确启动服务。怎么了?
答案 0 :(得分:1)
您的MongoDB服务器正在启用启用身份验证,但操作管理器服务正在尝试连接和管理服务器(从listDatabases命令开始),而不进行身份验证。
MongoDB文档包含有关Enforce Keyfile Access Control in a Replica Set的有用教程,其中包含以下相关评论:
使用--keyFile命令行选项或mongod配置文件设置运行security.keyFile会强制执行Internal Authentication和Role-Based Access Control。