案例说明:

在KingbaseES R3集群的最新版本中增加了kingbase_monitor.sh一键修改集群用户密码的功能,本案例是对此功能的测试。

kingbaseES R3集群一键修改密码说明:

1、 命令行命令

kingbase_monitor.sh change_password user old_password new_password

kingbase_monitor.sh change_password user old_password new_password —修改集群使用的用户的密码。

2、描述

kingbase_monitor.sh change_password user old_password new_password判断用户是否为集群使用的用户,如果是则修改用户密码,如果不是则提示用户集群未使用该用户,请使用sql方式修改用户密码。

3、选项

以下是脚本执行参数:

change_password
脚本调用修改用户密码函数
user
要进行修改密码的用户,只能是集群初始化时指定的用户
old_password
用户的旧密码
new_password
用户的新密码

例:

4、注意事项

1.必须在集群所有节点状态正常的情况下才能执行修改密码操作
2.kingbase_monitor.sh change_password 用户名 '旧密码' '新密码' 使用一键修改密码功能时 旧密码,新密码参数必须使用''括起来
3.用户必须是集群流复制使用的用户才能进行修改密码,否则会提示集群未使用该用户,请使用sql alter user命令进行修改密码

kingbaseES R3集群一键修改密码测试案例:

数据库版本:

集群架构:

一、查看集群状态

[kingbase@node1 bin]$  ./ksql -U SYSTEM -W 123456 TEST -p 9999
ksql (V008R003C002B0270)
Type "help" for help.
TEST=# show pool_nodes;
node_id | hostname | port | status | lb_weight | role | select_cnt | load_balance_node | replication_delay
---------+---------------+-------+--------+-----------+---------+------------+-------------------+-------------------
0 | 192.168.7.243 | 54321 | up | 0.500000 | standby | 0 | false | 0
1 | 192.168.7.248 | 54321 | up | 0.500000 | primary | 0 | true | 0
(2 rows) TEST=# select * from sys_stat_replication;
PID | USESYSID | USENAME | APPLICATION_NAME | CLIENT_ADDR | CLIENT_HOSTNAME | CLIENT_PORT | BACKEND_START | BACKEND_XMIN | STATE | SENT_LOCATION | WRITE_LOCATION | FLUSH_LOCATION | REPLAY_LOCATION | SYNC_PRIORITY | SYNC_STATE
------+----------+---------+------------------+---------------+-----------------+-------------+--
9903 | 10 | SYSTEM | node243 | 192.168.7.243 | | 47620 | 2021-03-01 16:15:28.263706+08 | | streaming | 0/13003B50 | 0/13003B50 | 0/13003B50 | 0/13003B50 | 1 | sync
(1 row)

二、修改system用户密码

# 查看kingbase_monitor.sh功能
[kingbase@node1 bin]$ ./kingbase_monitor.sh
-----------------------------------------------------------------------
2021-03-01 16:20:55 KingbaseES automation beging...
usage: ./kingbase_monitor.sh start | stop | restart | set [--restart] | change_password user old_password new_password # 一键修改用户密码
[kingbase@node1 bin]$ ./kingbase_monitor.sh change_password SYSTEM '123456' '12345678'
-----------------------------------------------------------------------
2021-03-01 16:25:34 KingbaseES automation beging...
Begin alter user password
2021-03-01 16:25:55: pid 20642: LOG: stop request sent to kingbasecluster. waiting for termination.....done.
2021-03-01 16:25:41: pid 14549: LOG: stop request sent to kingbasecluster. waiting for termination.....done.
Alter user password OK

=注意:由以上信息获知,在修改集群用户密码时,将会stop主备库的kingbasecluster服务,在生产环境修改时,需要注意,尽量不要在业务运行期间修改。=

三、验证密码修改效果

1、验证system用户密码修改结果



测试修改SUPERMANAGER_V8ADMIN用户密码:(修改失败)

2、查看kingbasecluster 服务(所有节点)

[kingbase@node1 bin]$ netstat -an |grep 9999
unix 2 [ ACC ] STREAM LISTENING 2999949 @/tmp/dbus-fXYPBXlK
unix 2 [ ACC ] STREAM LISTENING 2999948 @/tmp/dbus-h5GlLPYf
unix 2 [ ] STREAM CONNECTED 2999944
[kingbase@node1 bin]$ netstat -an |grep 9000
[kingbase@node1 bin]$ netstat -an |grep 9694

3、查看kingbasecluster日志

主库:

备库:

=通过以上信息获知,system用户密码修改成功,但是主备库上的kingbasecluster服务都被stop。=

四、手工启动kingbasecluster服务(root用户)

1、root用户手工启动kingbasecluster服务

[root@node1 ~]# /home/kingbase/cluster/kha/kingbasecluster/bin/kingbasecluster -n >>/home/kingbase/cluster/kha/log/cluster.log 2>&1 &
[1] 18241

2、查看kingbasecluster进程

[root@node1 ~]# ps -ef |grep kingbase
kingbase 9254 1 0 16:13 ? 00:00:00 /home/kingbase/cluster/kha/db/bin/kingbase -D /home/kingbase/cluster/kha/db/data
kingbase 9256 9254 0 16:13 ? 00:00:00 kingbase: logger process
kingbase 9816 9254 0 16:15 ? 00:00:00 kingbase: checkpointer process
kingbase 9817 9254 0 16:15 ? 00:00:00 kingbase: writer process
kingbase 9818 9254 0 16:15 ? 00:00:00 kingbase: wal writer process
kingbase 9819 9254 0 16:15 ? 00:00:00 kingbase: autovacuum launcher process
kingbase 9820 9254 0 16:15 ? 00:00:00 kingbase: archiver process failed on 000000020000000000000010
kingbase 9821 9254 0 16:15 ? 00:00:00 kingbase: stats collector process
kingbase 9822 9254 0 16:15 ? 00:00:00 kingbase: bgworker: syslogical supervisor
kingbase 9903 9254 0 16:15 ? 00:00:00 kingbase: wal sender process SYSTEM 192.168.7.243(47620) streaming 0/13004420
root 13110 11490 0 14:07 pts/1 00:00:00 su - kingbase
kingbase 13112 13110 0 14:07 pts/1 00:00:00 -bash
root 18241 17531 0 16:40 pts/0 00:00:00 /home/kingbase/cluster/kha/kingbasecluster/bin/kingbasecluster -n
root 18260 18241 0 16:40 pts/0 00:00:00 kingbasecluster: watchdog
root 18310 18241 0 16:40 pts/0 00:00:00 kingbasecluster: lifecheck
root 18312 18310 0 16:40 pts/0 00:00:00 kingbasecluster: heartbeat receiver
root 18314 18310 0 16:40 pts/0 00:00:00 kingbasecluster: heartbeat sender
root 18315 18241 0 16:40 pts/0 00:00:00 kingbasecluster: wait for connection request
root 18316 18241 0 16:40 pts/0 00:00:00 kingbasecluster: wait for connection request
root 18317 18241 0 16:40 pts/0 00:00:00 kingbasecluster: wait for connection request
root 18318 18241 0 16:40 pts/0 00:00:00 kingbasecluster: wait for connection request
root 18319 18241 0 16:40 pts/0 00:00:00 kingbasecluster: wait for connection request
root 18320 18241 0 16:40 pts/0 00:00:00 kingbasecluster: wait for connection request
root 18321 18241 0 16:40 pts/0 00:00:00 kingbasecluster: wait for connection request
root 18322 18241 0 16:40 pts/0 00:00:00 kingbasecluster: wait for connection request
root 18323 18241 0 16:40 pts/0 00:00:00 kingbasecluster: wait for connection request
root 18324 18241 0 16:40 pts/0 00:00:00 kingbasecluster: wait for connection request
root 18325 18241 0 16:40 pts/0 00:00:00 kingbasecluster: wait for connection request
root 18326 18241 0 16:40 pts/0 00:00:00 kingbasecluster: wait for connection request
root 18327 18241 0 16:40 pts/0 00:00:00 kingbasecluster: wait for connection request
root 18328 18241 0 16:40 pts/0 00:00:00 kingbasecluster: wait for connection request
root 18329 18241 0 16:40 pts/0 00:00:00 kingbasecluster: wait for connection request
root 18330 18241 0 16:40 pts/0 00:00:00 kingbasecluster: wait for connection request
root 18334 18241 0 16:40 pts/0 00:00:00 kingbasecluster: PCP: wait for connection request
root 18335 18241 0 16:40 pts/0 00:00:00 kingbasecluster: worker process

3、验证kingbasecluster服务

[kingbase@node1 bin]$ ./ksql -U SYSTEM -W 12345678 TEST -p 9999
ksql (V008R003C002B0270)
Type "help" for help. TEST=# show pool_nodes;
node_id | hostname | port | status | lb_weight | role | select_cnt | load_balance_node | replication_delay
---------+---------------+-------+--------+-----------+---------+------------+-------------------+-------------------
0 | 192.168.7.243 | 54321 | up | 0.500000 | standby | 0 | true | 0
1 | 192.168.7.248 | 54321 | up | 0.500000 | primary | 0 | false | 0
(2 rows) [kingbase@node1 bin]$ ./ksql -U SYSTEM -W 12345678 TEST
ksql (V008R003C002B0270)
Type "help" for help. TEST=# select * from sys_stat_replication;
PID | USESYSID | USENAME | APPLICATION_NAME | CLIENT_ADDR | CLIENT_HOSTNAME | CLIENT_PORT | BACKEND_START | BACKEND_XMIN | STATE | SENT_LOCATION | WRITE_LOCATION | FLUSH_LOCATION | REPLAY_LOCATION | SYNC_PRIORITY | SYNC_STATE
------+----------+---------+------------------+---------------+-----------------+-------------+-
9903 | 10 | SYSTEM | node243 | 192.168.7.243 | | 47620 | 2021-03-01 16:15:28.263706+08 | | streaming | 0/13004420 | 0/13004420 | 0/13004420 | 0/13004420 | 1 | sync
(1 row)

五、测试kingbase_monitor.sh一键重启(可选)

[kingbase@node1 bin]$ ./kingbase_monitor.sh restart
-----------------------------------------------------------------------
2021-03-01 16:48:42 KingbaseES automation beging...
2021-03-01 16:48:42 stop kingbasecluster [192.168.7.243] ...
remove status file /home/kingbase/cluster/kha/run/kingbasecluster/kingbasecluster_status
DEL VIP NOW AT 2021-03-01 16:49:05 ON enp0s3
No VIP on my dev, nothing to do.
2021-03-01 16:48:48 Done...
2021-03-01 16:48:48 stop kingbasecluster [192.168.7.248] ...
remove status file /home/kingbase/cluster/kha/run/kingbasecluster/kingbasecluster_status
DEL VIP NOW AT 2021-03-01 16:48:53 ON enp0s3
No VIP on my dev, nothing to do.
2021-03-01 16:48:53 Done...
2021-03-01 16:48:53 stop kingbase [192.168.7.243] ...
set /home/kingbase/cluster/kha/db/data down now...
2021-03-01 16:48:56 Done...
2021-03-01 16:48:57 Del kingbase VIP [192.168.7.245/24] ...
DEL VIP NOW AT 2021-03-01 16:49:16 ON enp0s3
No VIP on my dev, nothing to do.
2021-03-01 16:48:58 Done...
2021-03-01 16:48:58 stop kingbase [192.168.7.248] ...
set /home/kingbase/cluster/kha/db/data down now...
2021-03-01 16:49:04 Done...
2021-03-01 16:49:05 Del kingbase VIP [192.168.7.245/24] ...
DEL VIP NOW AT 2021-03-01 16:49:05 ON enp0s3
execute: [/sbin/ip addr del 192.168.7.245/24 dev enp0s3]
Oprate del ip cmd end.
2021-03-01 16:49:05 Done...
......................
all stop..
ping trust ip 192.168.7.1 success ping times :[3], success times:[2]
ping trust ip 192.168.7.1 success ping times :[3], success times:[2]
start crontab kingbase position : [3]
Redirecting to /bin/systemctl restart crond.service
start crontab kingbase position : [2]
Redirecting to /bin/systemctl restart crond.service
ADD VIP NOW AT 2021-03-01 16:49:18 ON enp0s3
execute: [/sbin/ip addr add 192.168.7.245/24 dev enp0s3 label enp0s3:2]
execute: /home/kingbase/cluster/kha/db/bin/arping -U 192.168.7.245 -I enp0s3 -w 1
ARPING 192.168.7.245 from 192.168.7.245 enp0s3
Sent 1 probes (1 broadcast(s))
Received 0 response(s)
ping vip 192.168.7.245 success ping times :[3], success times:[2]
ping vip 192.168.7.245 success ping times :[3], success times:[2]
now,there is a synchronous standby.
wait kingbase recovery 5 sec...
start crontab kingbasecluster line number: [6]
Redirecting to /bin/systemctl restart crond.service
start crontab kingbasecluster line number: [3]
Redirecting to /bin/systemctl restart crond.service
......................
all started..
...
now we check again
=======================================================================
| ip | program| [status]
[ 192.168.7.243]| [kingbasecluster]| [active]
[ 192.168.7.248]| [kingbasecluster]| [active]
[ 192.168.7.243]| [kingbase]| [active]
[ 192.168.7.248]| [kingbase]| [active]
=======================================================================

六、总结

 对于KingbaseES R3集群,kingbase_monitor.sh一键修改密码的功能,增加了管理员管理集群用户的方便性;但是需要注意的是,在修改集群用户密码时,将会将集群所有node的kingbasecluster服务stop,这个在生产环境使用时,需要注意。

KingbaseES R3 集群一键修改集群用户密码案例的更多相关文章

  1. KingbaseES R6 集群一键修改集群和数据库参数测试案例

    ​ 案例说明: 集群环境修改集群或数据库参数,需要在每个node上都要修改,在每个节点而执行修改操作,容易出现漏改或节点上参数不一致等错误:在KingbaseES V8R6的集群中增加了,一键修改参数 ...

  2. KingbaseES R6 集群sys_monitor.sh change_password一键修改集群用户密码

    案例说明: kingbaseES R6集群用户密码修改,需要修改两处: 1)修改数据库用户密码(alter user): 2)修改.encpwd文件中用户密码: 可以通过sys_monitor.sh ...

  3. java修改AD域用户密码使用SSL连接方式

    正常情况下,JAVA修改AD域用户属性,只能修改一些普通属性, 如果要修改AD域用户密码和userAccountControl属性就得使用SSL连接的方式修改, SSL连接的方式需要操作以下步骤: 1 ...

  4. 德邦总管 修改oracle数据库用户密码的方法

    WIN+R打开运行窗口,输入cmd进入命令行: 输入sqlplus ,输入用户名,输入口令(如果是超级管理员SYS的话需在口令之后加上as sysdba)进入sql命令行:    连接成功后,输入“s ...

  5. 修改oracle数据库用户密码的方法

    WIN+R打开运行窗口,输入cmd进入命令行: 输入sqlplus ,输入用户名,输入口令(如果是超级管理员SYS的话需在口令之后加上as sysdba)进入sql命令行:    连接成功后,输入“s ...

  6. 烦烦烦SharePoint2013 以其他用户登录和修改AD域用户密码

    sharepoint默认是没有修改AD密码 和切换 用户的功能,这里我用future的方式来实现. 部署wsp前: 部署后 点击以其他用户身份登录 点击修改用户密码: 这里的扩展才菜单我们用Custo ...

  7. SharePoint中修改密码的WEB Part之终极版:即可以修改AD,又可以修改本机用户密码的Web Part!!

    转:http://www.cnblogs.com/dosboy/archive/2007/08/01/838859.html 在网上查了那么多SharePoint密码修改的第三方开发,都有问题.总结下 ...

  8. 忘记oracle的sys密码该如何重置;附如何修改oracle数据库用户密码

    参考博客:http://blog.itpub.net/26015009/viewspace-717505/ 这里只说一种方法:使用ORAPWD.EXE 工具修改密码 打开命令提示符窗口,输入如下命令: ...

  9. SharePoint2013 以其他用户登录和修改AD域用户密码 功能

    sharepoint默认是没有修改AD密码 和切换 用户的功能,这里我用future的方式来实现. 部署wsp前: 部署后: 点击以其他用户身份登录 点击修改用户密码: 这里的扩展才菜单我们用Cust ...

随机推荐

  1. Servlet 之 Http协议

    请求消息数据格式 请求行  请求方式 请求url 请求协议或者版本 (GET    /login.html   HTTP/1.1) 请求头 请求头名称:请求头值 多个用逗号分隔 请求空行  空行分隔作 ...

  2. umask默认权限及特殊权限

    1. linux系统中,创建一个新的文件或者目录的时候,新的文件或目录都会有默认的访问权限,umask命令与文件和目录的默认访问权限有关. 用户创建一个文件,文件的默认权限为 -rw-rw-rw-(6 ...

  3. Json多层级动态结构数据解析

    一.工具 (1)GSON Google Gson是一个简单的基于Java的库,用于将Java对象序列化为JSON,反之亦然. 它是由Google开发的一个开源库. 以下几点说明为什么应该使用这个库 - ...

  4. java反射之-Javabean与Map的互转

    1.BeanUntils工具类的准备 /** * @ClassName: BeanUtils * @Description: * @Author: songwp * @Date: 9:02 2022/ ...

  5. cenos 7 zookeeper Error contacting service. It is probably not running

    zkServer.sh status 命令查看zookeeper集群的状态,发现异常 Error contacting service. It is probably not running 最开始以 ...

  6. Nginx配置解决NetCore的跨域

    使用Nginx配置解决NetCore的跨域 废话不多说,直接上Nginx配置 server { listen 80; server_name 你的Id或域名; location / { add_hea ...

  7. flex这些问题应该被理解

    flex三连问,帮助我们更好的理解布局利器 问题: flex的值 auto, none, 0, 1, initial分别是什么?有什么作用?有什么表现? flex-basis和width的区别?单值f ...

  8. 并发刺客(False Sharing)——并发程序的隐藏杀手

    并发刺客(False Sharing)--并发程序的隐藏杀手 前言 前段时间在各种社交平台"雪糕刺客"这个词比较火,简单的来说就是雪糕的价格非常高!其实在并发程序当中也有一个刺客, ...

  9. 多云部署多主模式的MGR集群,每个云一个MGR 节点,满足业务单元化改造的需求

    欢迎来到 GreatSQL社区分享的MySQL技术文章,如有疑问或想学习的内容,可以在下方评论区留言,看到后会进行解答 GreatSQL社区原创内容未经授权不得随意使用,转载请联系小编并注明来源. 本 ...

  10. 一步一图带你深入剖析 JDK NIO ByteBuffer 在不同字节序下的设计与实现

    让我们来到微观世界重新认识 Netty 在前面 Netty 源码解析系列 <聊聊 Netty 那些事儿>中,笔者带领大家从宏观世界详细剖析了 Netty 的整个运转流程.从一个网络数据包在 ...