CentOS 部署MongoDB 4.0

如果配置文件 /data/mongodb/conf/mongodb.conf 包含如下内容

security:
  authorization: enabled

1. kill mongo 进程(不要加-9)
2. 修改配置文件 开启匿名登陆

security:
  authorization: disabled

3. 重新启动mongod /data/mongodb/bin/mongod --config /data/mongodb/conf/mongodb.conf
4. 匿名方式登陆 mongo

use admin
db.system.users.find()

已经存在admin账户,不需要创建admin，但是不知道密码

db.createUser({ user: "root", pwd: "xxx", roles: [{ role: "root", db: "admin" }] })

修改密码

db.changeUserPassword('root','xxx')

退出重新登陆(一个mongo客户端链接不能切换数据库)

use gre
db.createUser({ user: "aa", pwd: "xxx", roles: [{ role: "dbOwner", db: "aa" }] })

5. 修改配置文件 kill 进程重启 开启认证登陆

security:
  authorization: enabled

6. 链接认证

use aa
db.auth('aa','xxx')
db.aa.insert({})
show tables

最终的配置文件如下:

# for documentation of all options, see:
#   http://docs.mongodb.org/manual/reference/configuration-options/

# where to write logging data.
systemLog:
  destination: file
  logAppend: true
  path: /var/log/mongodb/mongod.log

# Where and how to store data.
storage:
  dbPath: /data/mongodb/
  wiredTiger:
    engineConfig:
      cacheSizeGB: 20
  journal:
    enabled: true
#  engine:
#  wiredTiger:

# how the process runs
processManagement:
  fork: true  # fork and run in background
  pidFilePath: /var/run/mongodb/mongod.pid  # location of pidfile
  timeZoneInfo: /usr/share/zoneinfo

# network interfaces
net:
  port: 27017
  bindIp: 172.22.0.12  # Enter 0.0.0.0,:: to bind to all IPv4 and IPv6 addresses or, alternatively, use the net.bindIpAll setting.

security:
 authorization: enabled

#operationProfiling:

#replication:

#sharding:

## Enterprise-Only Options

#auditLog:

#snmp: