Linux 下Mongdb数据库

一、安装mongdb

1、创建安装目录

# mkdir /data/local

# mkdir /data/local/mongodbdata

2、解压安装包

# tar -xvf /software/mongodb-linux-x86_64-2.4.10.tar -C /usr/local
# cd /usr/local
# mv mongodb-linux-x86_64-2.4.10  mongdb

二、配置mongdb

1、创建配置文件

# cd /usr/local/mongodb/
# vi mongodb.conf

配置如下:

port=27017
dbpath=/data/local/mongodbdata
logpath=/data/local/mongodbdata/mongodb.log
logappend=true
fork=true

2、设置开机启动

# vim /etc/rc.local

新增内容如下:

# add for mongodb
/usr/local/mongodb/bin/mongod --config /usr/local/mongodb/mongodb.conf

三、启动mongdb

1、运行mongdb

# cd /usr/local/mongodb/
# ./bin/mongod --config ./mongodb.conf

2、查看服务端口,确认服务启动正常

# netstat -anltp | grep mongod
tcp   0   0 0.0.0.0:28017   0.0.0.0:*       LISTEN      2011/./bin/mongod   
tcp   0   0 0.0.0.0:27017   0.0.0.0:*       LISTEN      2011/./bin/mongod 

四、新增用户

1、启动客户端

#cd /usr/local/mongdb/bin
# ./mongo
MongoDB shell version: 3.0.6
connecting to: test
Server has startup warnings: 
2019-11-27T20:47:21.338+0800 I STORAGE  [initandlisten] 
2019-11-27T20:47:21.338+0800 I STORAGE  [initandlisten] ** WARNING: Readahead for /data/local/mongodbdata is set to 4096KB
2019-11-27T20:47:21.338+0800 I STORAGE  [initandlisten] **          We suggest setting it to 256KB (512 sectors) or less
2019-11-27T20:47:21.338+0800 I STORAGE  [initandlisten] **          http://dochub.mongodb.org/core/readahead
2019-11-27T20:47:21.507+0800 I CONTROL  [initandlisten] ** WARNING: You are running this process as the root user, which is not recommended.
2019-11-27T20:47:21.507+0800 I CONTROL  [initandlisten] 
2019-11-27T20:47:21.507+0800 I CONTROL  [initandlisten] 
2019-11-27T20:47:21.507+0800 I CONTROL  [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/enabled is 'always'.
2019-11-27T20:47:21.507+0800 I CONTROL  [initandlisten] **        We suggest setting it to 'never'
2019-11-27T20:47:21.508+0800 I CONTROL  [initandlisten] 
2019-11-27T20:47:21.508+0800 I CONTROL  [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/defrag is 'always'.
2019-11-27T20:47:21.508+0800 I CONTROL  [initandlisten] **        We suggest setting it to 'never'
2019-11-27T20:47:21.508+0800 I CONTROL  [initandlisten] 
> 

2、新增用户

#新增admin读写权限
> use admin;
switched to db admin
> db.createUser({user:"admin",pwd:"test.1234",roles:[{role: "readWrite", db: "admin"}]})
Successfully added user: {

         "user" : "admin",

         "roles" : [

                  {

                          "role" : "readWrite",

                          "db" : "admin"

                  }

         ]

}
#新增超级管理员用户
>use admin;
>db.createUser({user:"admin",pwd:"test.1234",roles:[{role: "root", db: "admin"}]})
Successfully added user: {

         "user" : "admin",

         "roles" : [

                  {

                          "role" : "root",

                          "db" : "admin"

                  }

         ]

}

 3、删除用户

>db.system.users.remove({user:"admin"})

五、mongdb数据库角色

1、内建的角色

数据库用户角色:read、readWrite;

数据库管理角色:dbAdmin、dbOwner、userAdmin;

集群管理角色:clusterAdmin、clusterManager、clusterMonitor、hostManager;

备份恢复角色:backup、restore;

所有数据库角色:readAnyDatabase、readWriteAnyDatabase、userAdminAnyDatabase、dbAdminAnyDatabase

超级用户角色:root // 这里还有几个角色间接或直接提供了系统超级用户的访问(dbOwner 、userAdmin、userAdminAnyDatabase)

内部角色:system

角色说明:

Read:允许用户读取指定数据库

readWrite:允许用户读写指定数据库

dbAdmin:允许用户在指定数据库中执行管理函数,如索引创建、删除,查看统计或访问system.profile

userAdmin:允许用户向system.users集合写入,可以找指定数据库里创建、删除和管理用户

clusterAdmin:只在admin数据库中可用,赋予用户所有分片和复制集相关函数的管理权限。

readAnyDatabase:只在admin数据库中可用,赋予用户所有数据库的读权限

readWriteAnyDatabase:只在admin数据库中可用,赋予用户所有数据库的读写权限

userAdminAnyDatabase:只在admin数据库中可用,赋予用户所有数据库的userAdmin权限

dbAdminAnyDatabase:只在admin数据库中可用,赋予用户所有数据库的dbAdmin权限。

root:只在admin数据库中可用。超级账号,超级权限

2、用户操作

1、新建管理员用户

>use admin
 > db.createUser(
    {
	user: "adminUser",
	pwd: “admin123”,
	roles: [{role: ”userAdminAnyDatabase”,db:”admin”}]
    }
  )
 
 
#结果
> Successfully added user: {
    "user" : "admin",
    "roles" : [
        {
            "role" : "userAdminAnyDatabase",
            "db" : "admin"
        }
    ]
  }

2、创建普通用户

  >use foo
  >show roles #可以查看角色
  > db.createUser(
    {
	user: "simpleUser",
	pwd: “123456”,
	roles: [“readWrite”,”dbAdmin”,”userAdmin”]
    }
  )

3、查看已存在的用户

>db.system.users.find()

4、删除用户

>db.system.users.remove({user:”simpleUser”})

 注:在操作用户时,启动mongod服务时尽量不开启授权

3、开启验证

在启动时指定--auth即需要授权才能操作

 #开启服务
 > mongod  --auth --dbpath /home/user1/mongodb/data  --logpath  /home/user1/mongodb/log/logs  --fork
 #客户端连接并认证
 >mongo
 >use foo
 >db.auth(“simpleUser”,”123456”)

 每次只有认证后才能操作数据

 

posted @ 2019-11-28 11:41  帅丶高高  阅读(310)  评论(0编辑  收藏  举报