内建角色
https://docs.mongodb.com/v2.6/reference/built-in-roles/
命令参考
https://docs.mongodb.com/v2.6/reference/method/
MongoDB 2.6.11 CentOS7.2.1511 EPEL
安全设置
以安全认证模式启动
启动时使用参数–auth或修改配置文件启用认证后重启服务
[root@localhost ~]# vi /etc/mongod.conf # Run with/without security (without by default) #auth = true #noauth = true auth = true
创建用户帐户及角色
> use admin > db.createUser({"user":"admin","pwd":"adminpwd","roles":["root"]}) >
重新启动Mongodb服务
创建一个新数据库并设置用户帐户及角色
> use admin > db.auth("admin","passwd") 1 > use abc123 switched to db abc123 > db.createUser({"user":"abc","pwd":"123","roles":["readWrite"]}) Successfully added user: { "user" : "abc", "roles" : [ "readWrite" ] } >
查看系统内用户信息
> use admin switched to db admin > db.system.users.find() { "_id" : "admin.admin", "user" : "admin", "db" : "admin", "credentials" : { "MONGODB-CR" : "3187df44c217d30c29494785321f996f" }, "roles" : [ { "role" : "root", "db" : "admin" } ] } { "_id" : "abc123.abc", "user" : "abc", "db" : "abc123", "credentials" : { "MONGODB-CR" : "ecd40369f09cd19405cba88d9cab93df" }, "roles" : [ { "role" : "readWrite", "db" : "abc123" } ] } >
再次增加用户
> use abc123 switched to db abc123 > db.createUser({"user":"abcd","pwd":"321","roles":["readWrite"]}) Successfully added user: { "user" : "abcd", "roles" : [ "readWrite" ] } >
再次查看系统内用户信息
> use admin switched to db admin > db.system.users.find() { "_id" : "admin.admin", "user" : "admin", "db" : "admin", "credentials" : { "MONGODB-CR" : "3187df44c217d30c29494785321f996f" }, "roles" : [ { "role" : "root", "db" : "admin" } ] } { "_id" : "abc123.abc", "user" : "abc", "db" : "abc123", "credentials" : { "MONGODB-CR" : "ecd40369f09cd19405cba88d9cab93df" }, "roles" : [ { "role" : "readWrite", "db" : "abc123" } ] } { "_id" : "abc123.abcd", "user" : "abcd", "db" : "abc123", "credentials" : { "MONGODB-CR" : "10eb9fb6afcfb3e2b483e0d0c12f5b0a" }, "roles" : [ { "role" : "readWrite", "db" : "abc123" } ] } >
删除用户
> use abc123 switched to db abc123 > db.dropUser("abcd") true > use admin switched to db admin > db.system.users.find() { "_id" : "admin.admin", "user" : "admin", "db" : "admin", "credentials" : { "MONGODB-CR" : "3187df44c217d30c29494785321f996f" }, "roles" : [ { "role" : "root", "db" : "admin" } ] } { "_id" : "abc123.abc", "user" : "abc", "db" : "abc123", "credentials" : { "MONGODB-CR" : "ecd40369f09cd19405cba88d9cab93df" }, "roles" : [ { "role" : "readWrite", "db" : "abc123" } ] } >
查看当前使用数据库
> db abc123 >
查看当前数据库中所有用户信息
> show users { "_id" : "abc123.abc", "user" : "abc", "db" : "abc123", "roles" : [ { "role" : "readWrite", "db" : "abc123" } ] } >
查看当前数据库状态统计信息
> db.stats() { "db" : "abc123", "collections" : 0, "objects" : 0, "avgObjSize" : 0, "dataSize" : 0, "storageSize" : 0, "numExtents" : 0, "indexes" : 0, "indexSize" : 0, "fileSize" : 0, "dataFileVersion" : { }, "ok" : 1 } >
删除当前数据库(删除数据库前,应先删除数据库中的所有用户)
> use abc123 switched to db abc123 > db.dropUser("abc") true > db.dropDatabase() { "dropped" : "abc123", "ok" : 1 } > > use admin switched to db admin > show dbs admin 0.078GB local 0.078GB test (empty) >
查看mongodb版本信息
> db.version() 2.6.11 >
查看当前服务器连接对象
> db.getMongo() connection to 127.0.0.1 >
修复当前数据库
> db.repairDatabase() { "ok" : 1 } >
数据库加锁,解锁,查看锁状态(适用于执行备份)
加锁
> use admin switched to db admin > db.runCommand({fsync:1,lock:1}) { "info" : "now locked against writes, use db.fsyncUnlock() to unlock", "seeAlso" : "http://dochub.mongodb.org/core/fsynccommand", "ok" : 1 } > db.currentOp() { "inprog" : [ ], "fsyncLock" : true, "info" : "use db.fsyncUnlock() to terminate the fsync write/snapshot lock" } >
解锁
> db.$cmd.sys.unlock.findOne() { "ok" : 1, "info" : "unlock completed" } > db.currentOp() { "inprog" : [ ] } >
备份恢复
备份全库
[root@localhost ~]# mkdir backup [root@localhost ~]# cd backup/ [root@localhost backup]# mongodump -u admin -p passwd connected to: 127.0.0.1 2016-06-17T23:15:08.195+0800 all dbs 2016-06-17T23:15:08.195+0800 DATABASE: admin to dump/admin 2016-06-17T23:15:08.195+0800 admin.system.indexes to dump/admin/system.indexes.bson 2016-06-17T23:15:08.204+0800 3 documents 2016-06-17T23:15:08.204+0800 admin.system.users to dump/admin/system.users.bson 2016-06-17T23:15:08.204+0800 3 documents 2016-06-17T23:15:08.204+0800 Metadata for admin.system.users to dump/admin/system.users.metadata.json 2016-06-17T23:15:08.204+0800 admin.system.version to dump/admin/system.version.bson 2016-06-17T23:15:08.205+0800 1 documents 2016-06-17T23:15:08.205+0800 Metadata for admin.system.version to dump/admin/system.version.metadata.json 2016-06-17T23:15:08.205+0800 DATABASE: abc123 to dump/abc123 2016-06-17T23:15:08.218+0800 DATABASE: ssr to dump/ssr [root@localhost backup]#
备份指定库
[root@localhost backup]# mongodump -u admin -p passwd -d abc123
恢复全库(进如备份目录)
[root@localhost backup]# mongorestore -u admin -p passwd --drop
恢复指定库(进入备份目录)
[root@localhost backup]# mongorestore -u admin -p passwd -d abc123 --drop
连接远程数据库命令参数和用法
mongo --username <username> --password <password> --host <host> --port 27017 mongo -u <username> -p <password> --host <host> --port 27017 mongo -u <username> -p <password> 192.168.2.222:27017/abc