案例说明:

在KingbaseES R3集群的最新版本中增加了kingbase_monitor.sh一键修改集群用户密码的功能,本案例是对此功能的测试。

kingbaseES R3集群一键修改密码说明:

1、 命令行命令

kingbase_monitor.sh change_password user old_password new_password

kingbase_monitor.sh change_password user old_password new_password —修改集群使用的用户的密码。

2、描述

kingbase_monitor.sh change_password user old_password new_password判断用户是否为集群使用的用户,如果是则修改用户密码,如果不是则提示用户集群未使用该用户,请使用sql方式修改用户密码。

3、选项

以下是脚本执行参数:

change_password

脚本调用修改用户密码函数

user

要进行修改密码的用户,只能是集群初始化时指定的用户

old_password

用户的旧密码

new_password

用户的新密码

例:

4、注意事项

1.必须在集群所有节点状态正常的情况下才能执行修改密码操作

2.kingbase_monitor.sh change_password 用户名 '旧密码' '新密码' 使用一键修改密码功能时 旧密码,新密码参数必须使用''括起来

3.用户必须是集群流复制使用的用户才能进行修改密码,否则会提示集群未使用该用户,请使用sql alter user命令进行修改密码

kingbaseES R3集群一键修改密码测试案例:

数据库版本:

集群架构:

一、查看集群状态

[kingbase@node1 bin]$  ./ksql -U SYSTEM -W 123456 TEST -p 9999

ksql (V008R003C002B0270)

Type "help" for help.

TEST=# show pool_nodes;

 node_id |   hostname    | port  | status | lb_weight |  role   | select_cnt | load_balance_node | replication_delay

---------+---------------+-------+--------+-----------+---------+------------+-------------------+-------------------

 0       | 192.168.7.243 | 54321 | up     | 0.500000  | standby | 0          | false             | 0

 1       | 192.168.7.248 | 54321 | up     | 0.500000  | primary | 0          | true              | 0

(2 rows)

TEST=# select * from sys_stat_replication;

 PID  | USESYSID | USENAME | APPLICATION_NAME |  CLIENT_ADDR  | CLIENT_HOSTNAME | CLIENT_PORT |         BACKEND_START         | BACKEND_XMIN |   STATE   | SENT_LOCATION | WRITE_LOCATION | FLUSH_LOCATION | REPLAY_LOCATION | SYNC_PRIORITY | SYNC_STATE

------+----------+---------+------------------+---------------+-----------------+-------------+--

 9903 |       10 | SYSTEM  | node243          | 192.168.7.243 |                 |       47620 | 2021-03-01 16:15:28.263706+08 |              | streaming | 0/13003B50    | 0/13003B50     | 0/13003B50     | 0/13003B50      |             1 | sync

(1 row)

二、修改system用户密码

# 查看kingbase_monitor.sh功能

[kingbase@node1 bin]$ ./kingbase_monitor.sh

-----------------------------------------------------------------------

2021-03-01 16:20:55 KingbaseES automation beging...

usage: ./kingbase_monitor.sh start | stop | restart | set [--restart] | change_password user old_password new_password 

# 一键修改用户密码

[kingbase@node1 bin]$ ./kingbase_monitor.sh change_password SYSTEM '123456' '12345678'

-----------------------------------------------------------------------

2021-03-01 16:25:34 KingbaseES automation beging...

Begin alter user password

2021-03-01 16:25:55: pid 20642: LOG:  stop request sent to kingbasecluster. waiting for termination.....done.

2021-03-01 16:25:41: pid 14549: LOG:  stop request sent to kingbasecluster. waiting for termination.....done.

Alter user password OK

=注意:由以上信息获知,在修改集群用户密码时,将会stop主备库的kingbasecluster服务,在生产环境修改时,需要注意,尽量不要在业务运行期间修改。=

三、验证密码修改效果

1、验证system用户密码修改结果



测试修改SUPERMANAGER_V8ADMIN用户密码:(修改失败)

2、查看kingbasecluster 服务(所有节点)

[kingbase@node1 bin]$ netstat -an |grep 9999

unix  2      [ ACC ]     STREAM     LISTENING     2999949  @/tmp/dbus-fXYPBXlK

unix  2      [ ACC ]     STREAM     LISTENING     2999948  @/tmp/dbus-h5GlLPYf

unix  2      [ ]         STREAM     CONNECTED     2999944

[kingbase@node1 bin]$ netstat -an |grep 9000

[kingbase@node1 bin]$ netstat -an |grep 9694

3、查看kingbasecluster日志

主库:

备库:

=通过以上信息获知,system用户密码修改成功,但是主备库上的kingbasecluster服务都被stop。=

四、手工启动kingbasecluster服务(root用户)

1、root用户手工启动kingbasecluster服务

[root@node1 ~]# /home/kingbase/cluster/kha/kingbasecluster/bin/kingbasecluster -n >>/home/kingbase/cluster/kha/log/cluster.log 2>&1 &

[1] 18241

2、查看kingbasecluster进程

[root@node1 ~]# ps -ef |grep kingbase

kingbase  9254     1  0 16:13 ?        00:00:00 /home/kingbase/cluster/kha/db/bin/kingbase -D /home/kingbase/cluster/kha/db/data

kingbase  9256  9254  0 16:13 ?        00:00:00 kingbase: logger process

kingbase  9816  9254  0 16:15 ?        00:00:00 kingbase: checkpointer process

kingbase  9817  9254  0 16:15 ?        00:00:00 kingbase: writer process

kingbase  9818  9254  0 16:15 ?        00:00:00 kingbase: wal writer process

kingbase  9819  9254  0 16:15 ?        00:00:00 kingbase: autovacuum launcher process

kingbase  9820  9254  0 16:15 ?        00:00:00 kingbase: archiver process   failed on 000000020000000000000010

kingbase  9821  9254  0 16:15 ?        00:00:00 kingbase: stats collector process

kingbase  9822  9254  0 16:15 ?        00:00:00 kingbase: bgworker: syslogical supervisor

kingbase  9903  9254  0 16:15 ?        00:00:00 kingbase: wal sender process SYSTEM 192.168.7.243(47620) streaming 0/13004420

root     13110 11490  0 14:07 pts/1    00:00:00 su - kingbase

kingbase 13112 13110  0 14:07 pts/1    00:00:00 -bash

root     18241 17531  0 16:40 pts/0    00:00:00 /home/kingbase/cluster/kha/kingbasecluster/bin/kingbasecluster -n

root     18260 18241  0 16:40 pts/0    00:00:00 kingbasecluster: watchdog

root     18310 18241  0 16:40 pts/0    00:00:00 kingbasecluster: lifecheck

root     18312 18310  0 16:40 pts/0    00:00:00 kingbasecluster: heartbeat receiver

root     18314 18310  0 16:40 pts/0    00:00:00 kingbasecluster: heartbeat sender

root     18315 18241  0 16:40 pts/0    00:00:00 kingbasecluster: wait for connection request

root     18316 18241  0 16:40 pts/0    00:00:00 kingbasecluster: wait for connection request

root     18317 18241  0 16:40 pts/0    00:00:00 kingbasecluster: wait for connection request

root     18318 18241  0 16:40 pts/0    00:00:00 kingbasecluster: wait for connection request

root     18319 18241  0 16:40 pts/0    00:00:00 kingbasecluster: wait for connection request

root     18320 18241  0 16:40 pts/0    00:00:00 kingbasecluster: wait for connection request

root     18321 18241  0 16:40 pts/0    00:00:00 kingbasecluster: wait for connection request

root     18322 18241  0 16:40 pts/0    00:00:00 kingbasecluster: wait for connection request

root     18323 18241  0 16:40 pts/0    00:00:00 kingbasecluster: wait for connection request

root     18324 18241  0 16:40 pts/0    00:00:00 kingbasecluster: wait for connection request

root     18325 18241  0 16:40 pts/0    00:00:00 kingbasecluster: wait for connection request

root     18326 18241  0 16:40 pts/0    00:00:00 kingbasecluster: wait for connection request

root     18327 18241  0 16:40 pts/0    00:00:00 kingbasecluster: wait for connection request

root     18328 18241  0 16:40 pts/0    00:00:00 kingbasecluster: wait for connection request

root     18329 18241  0 16:40 pts/0    00:00:00 kingbasecluster: wait for connection request

root     18330 18241  0 16:40 pts/0    00:00:00 kingbasecluster: wait for connection request

root     18334 18241  0 16:40 pts/0    00:00:00 kingbasecluster: PCP: wait for connection request

root     18335 18241  0 16:40 pts/0    00:00:00 kingbasecluster: worker process

3、验证kingbasecluster服务

[kingbase@node1 bin]$ ./ksql -U SYSTEM -W 12345678 TEST -p 9999

ksql (V008R003C002B0270)

Type "help" for help.

TEST=# show pool_nodes;

 node_id |   hostname    | port  | status | lb_weight |  role   | select_cnt | load_balance_node | replication_delay

---------+---------------+-------+--------+-----------+---------+------------+-------------------+-------------------

 0       | 192.168.7.243 | 54321 | up     | 0.500000  | standby | 0          | true              | 0

 1       | 192.168.7.248 | 54321 | up     | 0.500000  | primary | 0          | false             | 0

(2 rows)

[kingbase@node1 bin]$ ./ksql -U SYSTEM -W 12345678 TEST

ksql (V008R003C002B0270)

Type "help" for help.

TEST=# select * from sys_stat_replication;

 PID  | USESYSID | USENAME | APPLICATION_NAME |  CLIENT_ADDR  | CLIENT_HOSTNAME | CLIENT_PORT |         BACKEND_START         | BACKEND_XMIN |   STATE   | SENT_LOCATION | WRITE_LOCATION | FLUSH_LOCATION | REPLAY_LOCATION | SYNC_PRIORITY | SYNC_STATE

------+----------+---------+------------------+---------------+-----------------+-------------+-

 9903 |       10 | SYSTEM  | node243          | 192.168.7.243 |                 |       47620 | 2021-03-01 16:15:28.263706+08 |              | streaming | 0/13004420    | 0/13004420     | 0/13004420     | 0/13004420      |             1 | sync

(1 row)

五、测试kingbase_monitor.sh一键重启(可选)

[kingbase@node1 bin]$ ./kingbase_monitor.sh restart

-----------------------------------------------------------------------

2021-03-01 16:48:42 KingbaseES automation beging...

2021-03-01 16:48:42 stop kingbasecluster [192.168.7.243] ...

remove status file  /home/kingbase/cluster/kha/run/kingbasecluster/kingbasecluster_status

DEL VIP NOW AT 2021-03-01 16:49:05 ON enp0s3

No VIP on my dev, nothing to do.

2021-03-01 16:48:48 Done...

2021-03-01 16:48:48 stop kingbasecluster [192.168.7.248] ...

remove status file  /home/kingbase/cluster/kha/run/kingbasecluster/kingbasecluster_status

DEL VIP NOW AT 2021-03-01 16:48:53 ON enp0s3

No VIP on my dev, nothing to do.

2021-03-01 16:48:53 Done...

2021-03-01 16:48:53 stop kingbase [192.168.7.243] ...

set /home/kingbase/cluster/kha/db/data down now...

2021-03-01 16:48:56 Done...

2021-03-01 16:48:57 Del kingbase VIP [192.168.7.245/24] ...

DEL VIP NOW AT 2021-03-01 16:49:16 ON enp0s3

No VIP on my dev, nothing to do.

2021-03-01 16:48:58 Done...

2021-03-01 16:48:58 stop kingbase [192.168.7.248] ...

set /home/kingbase/cluster/kha/db/data down now...

2021-03-01 16:49:04 Done...

2021-03-01 16:49:05 Del kingbase VIP [192.168.7.245/24] ...

DEL VIP NOW AT 2021-03-01 16:49:05 ON enp0s3

execute: [/sbin/ip addr del 192.168.7.245/24 dev enp0s3]

Oprate del ip cmd end.

2021-03-01 16:49:05 Done...

......................

all stop..

ping trust ip 192.168.7.1 success ping times :[3], success times:[2]

ping trust ip 192.168.7.1 success ping times :[3], success times:[2]

start crontab kingbase position : [3]

Redirecting to /bin/systemctl restart  crond.service

start crontab kingbase position : [2]

Redirecting to /bin/systemctl restart  crond.service

ADD VIP NOW AT 2021-03-01 16:49:18 ON enp0s3

execute: [/sbin/ip addr add 192.168.7.245/24 dev enp0s3 label enp0s3:2]

execute: /home/kingbase/cluster/kha/db/bin/arping -U 192.168.7.245 -I enp0s3 -w 1

ARPING 192.168.7.245 from 192.168.7.245 enp0s3

Sent 1 probes (1 broadcast(s))

Received 0 response(s)

ping vip 192.168.7.245 success ping times :[3], success times:[2]

ping vip 192.168.7.245 success ping times :[3], success times:[2]

now,there is a synchronous standby.

wait kingbase recovery 5 sec...

start crontab kingbasecluster line number: [6]

Redirecting to /bin/systemctl restart  crond.service

start crontab kingbasecluster line number: [3]

Redirecting to /bin/systemctl restart  crond.service

......................

all started..

...

now we check again

=======================================================================

|             ip |                       program|              [status]

[  192.168.7.243]|             [kingbasecluster]|              [active]

[  192.168.7.248]|             [kingbasecluster]|              [active]

[  192.168.7.243]|                    [kingbase]|              [active]

[  192.168.7.248]|                    [kingbase]|              [active]

=======================================================================

六、总结

 对于KingbaseES R3集群,kingbase_monitor.sh一键修改密码的功能,增加了管理员管理集群用户的方便性;但是需要注意的是,在修改集群用户密码时,将会将集群所有node的kingbasecluster服务stop,这个在生产环境使用时,需要注意。

KingbaseES R3 集群一键修改集群用户密码案例的更多相关文章

  1. KingbaseES R6 集群一键修改集群和数据库参数测试案例

    ​ 案例说明: 集群环境修改集群或数据库参数,需要在每个node上都要修改,在每个节点而执行修改操作,容易出现漏改或节点上参数不一致等错误:在KingbaseES V8R6的集群中增加了,一键修改参数 ...

  2. KingbaseES R6 集群sys_monitor.sh change_password一键修改集群用户密码

    案例说明: kingbaseES R6集群用户密码修改,需要修改两处: 1)修改数据库用户密码(alter user): 2)修改.encpwd文件中用户密码: 可以通过sys_monitor.sh ...

  3. java修改AD域用户密码使用SSL连接方式

    正常情况下,JAVA修改AD域用户属性,只能修改一些普通属性, 如果要修改AD域用户密码和userAccountControl属性就得使用SSL连接的方式修改, SSL连接的方式需要操作以下步骤: 1 ...

  4. 德邦总管 修改oracle数据库用户密码的方法

    WIN+R打开运行窗口,输入cmd进入命令行: 输入sqlplus ,输入用户名,输入口令(如果是超级管理员SYS的话需在口令之后加上as sysdba)进入sql命令行:    连接成功后,输入“s ...

  5. 修改oracle数据库用户密码的方法

    WIN+R打开运行窗口,输入cmd进入命令行: 输入sqlplus ,输入用户名,输入口令(如果是超级管理员SYS的话需在口令之后加上as sysdba)进入sql命令行:    连接成功后,输入“s ...

  6. 烦烦烦SharePoint2013 以其他用户登录和修改AD域用户密码

    sharepoint默认是没有修改AD密码 和切换 用户的功能,这里我用future的方式来实现. 部署wsp前: 部署后 点击以其他用户身份登录 点击修改用户密码: 这里的扩展才菜单我们用Custo ...

  7. SharePoint中修改密码的WEB Part之终极版:即可以修改AD,又可以修改本机用户密码的Web Part!!

    转:http://www.cnblogs.com/dosboy/archive/2007/08/01/838859.html 在网上查了那么多SharePoint密码修改的第三方开发,都有问题.总结下 ...

  8. 忘记oracle的sys密码该如何重置;附如何修改oracle数据库用户密码

    参考博客:http://blog.itpub.net/26015009/viewspace-717505/ 这里只说一种方法:使用ORAPWD.EXE 工具修改密码 打开命令提示符窗口,输入如下命令: ...

  9. SharePoint2013 以其他用户登录和修改AD域用户密码 功能

    sharepoint默认是没有修改AD密码 和切换 用户的功能,这里我用future的方式来实现. 部署wsp前: 部署后: 点击以其他用户身份登录 点击修改用户密码: 这里的扩展才菜单我们用Cust ...

随机推荐

  1. 从0到1搭建一款页面自适应组件(Vue.js)

    组件将根据屏幕比例及当前浏览器窗口大小,自动进行缩放处理. 建议在组件内使用百分比搭配flex进行布局,以便于在不同的分辨率下得到较为一致的展示效果.使用前请注意将body的margin设为0,否则会 ...

  2. SAP FICO 常用table

    Table 描 述 "Table Type" "Application Class" "Data Class" Description &q ...

  3. Django快速入门之项目配置

    开始 环境 python:3.6.2 django:2.0.5 跑起来 用pycharm导入或新建一个Django项目,在目录中存在manage.py的文件,通过下列指令运行Django后台. pyt ...

  4. 用WindowsAppSDK(WASDK)优雅的开发上位机应用

    C#开发上位机应用的一些选择 如果你不想看介绍,可以直接跳到优雅开发示例那里. 1. WASDK(WinUI 3) Windows 应用 SDK 是一组新的开发人员组件和工具,它们代表着 Window ...

  5. Mybatis整合第三方缓存

    1) 为了提高扩展性.MyBatis定义了缓存接口Cache.我们可以通过实现Cache接口来自定义二级缓存 2) EhCache 是一个纯Java的进程内缓存框架,具有快速.精干等特点. 3) 整合 ...

  6. 基于MATLAB静态目标分割的药板胶囊检测

    一.目标 1 将药板从黑色背景中分离(药板部分显示为白色,背景显示为黑色): 2 根据分割结果将药板旋转至水平: 3 提取药板中的药丸的位置信息: 二.方法描述 处理图像如下: (1)首先将图像转为灰 ...

  7. 2022-7-10 css 第七组 刘昀航

    ​ 样式通常存储在样式表中(先定义样式表),再把样式表添加到html元素中 定义CSS样式的方式: 行内样式(内联样式) ​ ·行内样式仅针对当前标签生效,如果当前的样式不需要复用,可以用行内样式 · ...

  8. 互联网界的IT巨变:从DOS的编辑器,到如今的无代码开发

    众所周知,Borland Pascal.Turbo Pascal.Turbo C等这类开发工具,都习惯自带IDE. 因此,我产生了一个大胆的想法. DOS时代下的Turbo C 如果说Anders这类 ...

  9. 字符输入流Reader类和FileReader和字符输入流读取字符数据

    java.io.Reader:字符输入流,是字符输入流的最顶层的父类,定义了一些共性的成员方法,是一个抽象类 共性成员方法: int read();读取单个字符并返回 int read(char[] ...

  10. 从零开始Blazor Server(8)--增加菜单以及调整位置

    这篇干啥 这篇文章主要是把前面的一些东西稍微调整一下,使其更适合后面的内容. 主要是两个事,一个是把原来的PermissionEntity直接变成MenuEntity,直接让最后一级是菜单,这样后面就 ...