我連接與clusterAdmin和備份角色的用戶來蒙戈,但我得到的錯誤:蒙戈連接器無法連接到mongos
2017-02-09 17:51:23,254 [ERROR] mongo_connector.util:96 - Fatal Exception
Traceback (most recent call last):
File "/usr/lib/python2.7/site-packages/mongo_connector/util.py", line 94, in wrapped
func(*args, **kwargs)
File "/usr/lib/python2.7/site-packages/mongo_connector/connector.py", line 370, in run
'listShards')['shards']:
File "/usr/lib/python2.7/site-packages/mongo_connector/util.py", line 78, in retry_until_ok
return func(*args, **kwargs)
File "/usr/lib64/python2.7/site-packages/pymongo/database.py", line 494, in command
codec_options, **kwargs)
File "/usr/lib64/python2.7/site-packages/pymongo/database.py", line 406, in _command
parse_write_concern_error=parse_write_concern_error)
File "/usr/lib64/python2.7/site-packages/pymongo/pool.py", line 419, in command
collation=collation)
File "/usr/lib64/python2.7/site-packages/pymongo/network.py", line 116, in command
parse_write_concern_error=parse_write_concern_error)
File "/usr/lib64/python2.7/site-packages/pymongo/helpers.py", line 210, in _check_command_response
raise OperationFailure(msg % errmsg, code, response)
OperationFailure: not authorized on admin to execute command { listShards: 1 }
下所需的權限這一頁說讓mongo-最簡單的方法連接器運行的方法是創建一個備份角色的用戶:
https://github.com/mongodb-labs/mongo-connector/wiki/Usage-with-Authentication
db.getSiblingDB("admin").createUser({ user:"backup",pwd:"password_here", roles: ["backup"] })
,但我不能,甚至連這樣的用戶(認證錯誤):
2017-02-10 16:52:01,448 [ERROR] mongo_connector.util:96 - Fatal Exception
Traceback (most recent call last):
File "/usr/lib/python2.7/site-packages/mongo_connector/util.py", line 94, in wrapped
func(*args, **kwargs)
File "/usr/lib/python2.7/site-packages/mongo_connector/connector.py", line 398, in run
hosts, replicaSet=repl_set)
File "/usr/lib/python2.7/site-packages/mongo_connector/connector.py", line 299, in create_authed_client
client['admin'].authenticate(self.auth_username, self.auth_key)
File "/usr/lib64/python2.7/site-packages/pymongo/database.py", line 1048, in authenticate
connect=True)
File "/usr/lib64/python2.7/site-packages/pymongo/mongo_client.py", line 505, in _cache_credentials
sock_info.authenticate(credentials)
File "/usr/lib64/python2.7/site-packages/pymongo/pool.py", line 523, in authenticate
auth.authenticate(credentials, self)
File "/usr/lib64/python2.7/site-packages/pymongo/auth.py", line 470, in authenticate
auth_func(credentials, sock_info)
File "/usr/lib64/python2.7/site-packages/pymongo/auth.py", line 450, in _authenticate_default
return _authenticate_scram_sha1(credentials, sock_info)
File "/usr/lib64/python2.7/site-packages/pymongo/auth.py", line 201, in _authenticate_scram_sha1
res = sock_info.command(source, cmd)
File "/usr/lib64/python2.7/site-packages/pymongo/pool.py", line 419, in command
collation=collation)
File "/usr/lib64/python2.7/site-packages/pymongo/network.py", line 116, in command
parse_write_concern_error=parse_write_concern_error)
File "/usr/lib64/python2.7/site-packages/pymongo/helpers.py", line 210, in _check_command_response
raise OperationFailure(msg % errmsg, code, response)
OperationFailure: Authentication failed.
當我登錄到與這兩個用戶mongos,並運行命令
db.getSiblingDB("admin").runCommand({ listShards: 1 })
我得到一個碎片上市沒有probs
{
"shards" : [
{
"_id" : "shard001",
"host" : "shard001/timgrhlmdb01:27020,timgrhlmdb02:27020",
"state" : 1
},
{
"_id" : "shard002",
"host" : "shard002/timgrhlmdb03:27020,timgrhlmdb04:27020",
"state" : 1
}
],
"ok" : 1
}
那麼這是什麼意思:
操作失敗:管理員未授權執行命令{listShards:1}
更新
我重建從頭集羣,仍然有同樣的問題:OperationFailure:未授權的管理員執行命令{listShards:1}
我也曾嘗試用戶「備份「只有角色'clusterManager'和'readAnyDatabase'。這允許用戶列出碎片,但現在蒙戈連接器失敗,「驗證失敗」:通過運行此命令
{ "_id" : "admin.backup", "user" : "backup", "db" : "admin", "credentials" : { "SCRAM-SHA-1" : { "iterationCount" : 10000, "salt" : "pWcEU7uFqfHPgGe8z+E9Wg==", "storedKey" : "k2tapXQPtM2dHlxYnJiWVxO/rtg=", "serverKey" : "EGG8M4i27OYBy+fLYaL13+Nn4mc=" } }, "roles" : [ { "role" : "readAnyDatabase", "db" : "admin" }, { "role" : "clusterManager", "db" : "admin" } ] }
在一個側面說明,mongo文檔包含錯誤https://docs.mongodb.com/manual/tutorial/deploy-sharded-cluster-with-keyfile-access-control/說創建碎片副本集上的配置服務器。還初始化一個副本集將不會工作,除非id是在引號中。 – stackoverflows
已提交的bug https://github.com/mongodb-labs/mongo-connector/issues/662 – stackoverflows