案例说明:

kingbaseES R6集群用户密码修改,需要修改两处:

 1)修改数据库用户密码(alter user);

 2)修改.encpwd文件中用户密码;

可以通过sys_monitor.sh change_password一键同时修改数据库内部用户密码和.encpwd文件中密码。

案例测试版本:

test=# select version();

                                                       version

----------------------------------------------------------------------------------------------------------------------

 KingbaseES V008R006C003B0010 on x86_64-pc-linux-gnu, compiled by gcc (GCC) 4.1.2 20080704 (Red Hat 4.1.2-46), 64-bit

(1 row)

集群架构:

sys_monitor.sh change_password user new_password —修改集群使用的用户的密码

描述:

sys_monitor.sh change_password user new_password判断用户是否为集群使用的用户,如果是则修改用户密码,如果不是则提示用户集群未使用该用户,请使用sql方式修改用户密码。

选项:

以下是脚本执行参数:

change_password: 脚本调用修改用户密码函数

user: 要进行修改密码的用户,只能是集群初始化时指定的用户和esrep

new_password: 用户的新密码

注意事项:

1.必须在集群所有节点状态正常的情况下才能执行修改密码操作

2.sys_monitor.sh change_password 用户名 '密码' 使用一键修改密码功能时 密码参数必须使用''括起来

3.用户必须是已经使用.encpwd免密配置文件配置了免密的用户才能进行修改密码,否则会提示集群未使用该用户,请使用sql alter user命令进行修改密码

一、查看esrep用户原密码

1).encpwd文件

 [kingbase@node1 ~]$ cat .encpwd

*:*:*:system:MTIzNDU2

*:*:*:esrep:S2luZ2Jhc2VoYTExMA==

[kingbase@node1 ~]$ echo 'S2luZ2Jhc2VoYTExMA=='|base64 -d

Kingbaseha110

2)数据库用户密码

用户密码登录测试(‘Kingbaseha110’):

[kingbase@node3 bin]$ ./ksql -U esrep -W esrep

Password:

ksql (V8.0)

Type "help" for help.

二、一键修改esrep用户密码

[kingbase@node3 bin]$ ./sys_monitor.sh  --help

Usage: ./sys_monitor.sh {start|stop|restart|stoplocal|set [--restart]|change_password user password}

[kingbase@node3 bin]$ ./sys_monitor.sh change_password esrep 'beijing'

 ID | Name    | Role    | Status    | Upstream | Location | Priority | Timeline | Connection string

----+---------+---------+-----------+----------+----------+----------+----------+---------------------------------------------------------------------------------------------------------------------------------------------------

 1  | node248 | standby |   running | node243  | default  | 90       | 26       | host=192.168.7.248 user=esrep dbname=esrep port=54321 connect_timeout=10 keepalives=1 keepalives_idle=10 keepalives_interval=1 keepalives_count=2

 3  | node243 | primary | * running |          | default  | 100      | 26       | host=192.168.7.243 user=esrep dbname=esrep port=54321 connect_timeout=10 keepalives=1 keepalives_idle=10 keepalives_interval=1 keepalives_count=2

 4  | node249 | standby |   running | node243  | default  | 100      | 26       | host=192.168.7.249 user=esrep dbname=esrep port=54321 connect_timeout=10 keepalives=1 keepalives_idle=10 keepalives_interval=1 keepalives_count=3

ALTER ROLE

三、新密码登录测试

# 新的用户密码登录(‘beijing’):

[kingbase@node3 bin]$ ./ksql -U esrep -W esrep

Password:

ksql (V8.0)

Type "help" for help.

# 查看.encpwd文件

[kingbase@node3 ~]$ cat .encpwd

*:*:*:system:MTIzNDU2

*:*:*:esrep:YmVpamluZw==

[kingbase@node3 ~]$ echo 'YmVpamluZw=='|base64 -d

beijing

# 所有节点密码都已经被修改

[kingbase@node1 ~]$ cat .encpwd

*:*:*:system:MTIzNDU2

*:*:*:esrep:YmVpamluZw==

[kingbase@node2 ~]$ cat .encpwd

*:*:*:system:MTIzNDU2

*:*:*:esrep:YmVpamluZw==

四、重启集群测试

[kingbase@node3 bin]$ ./sys_monitor.sh restart

2021-03-01 13:07:08 Ready to stop all DB ...

There is no service "node_export" running currently.

There is no service "postgres_ex" running currently.

There is no service "node_export" running currently.

There is no service "postgres_ex" running currently.

There is no service "node_export" running currently.

There is no service "postgres_ex" running currently.

2021-03-01 13:07:18 begin to stop repmgrd on "[192.168.7.248]".

2021-03-01 13:07:18 repmgrd on "[192.168.7.248]" already stopped.

2021-03-01 13:07:18 begin to stop repmgrd on "[192.168.7.243]".

2021-03-01 13:07:19 repmgrd on "[192.168.7.243]" already stopped.

2021-03-01 13:07:19 begin to stop repmgrd on "[192.168.7.249]".

2021-03-01 13:07:20 repmgrd on "[192.168.7.249]" already stopped.

2021-03-01 13:07:20 begin to stop DB on "[192.168.7.248]".

waiting for server to shut down.... done

server stopped

2021-03-01 13:07:21 DB on "[192.168.7.248]" stop success.

2021-03-01 13:07:21 begin to stop DB on "[192.168.7.249]".

sys_ctl: directory "/home/kingbase/cluster/R6HA/KHA/kingbase/data" does not exist

2021-03-01 13:07:23 DB on "[192.168.7.249]" stop success.

2021-03-01 13:07:23 begin to stop DB on "[192.168.7.243]".

waiting for server to shut down..... done

server stopped

2021-03-01 13:07:25 DB on "[192.168.7.243]" stop success.

2021-03-01 13:07:25 Done.

2021-03-01 13:07:25 Ready to start all DB ...

2021-03-01 13:07:25 begin to start DB on "[192.168.7.243]".

waiting for server to start.... done

server started

2021-03-01 13:07:27 execute to start DB on "[192.168.7.243]" success, connect to check it.

2021-03-01 13:07:28 DB on "[192.168.7.243]" start success.

2021-03-01 13:07:28 Try to ping trusted_servers on host 192.168.7.248 ...

2021-03-01 13:07:30 Try to ping trusted_servers on host 192.168.7.243 ...

2021-03-01 13:07:33 Try to ping trusted_servers on host 192.168.7.249 ...

2021-03-01 13:07:36 begin to start DB on "[192.168.7.248]".

waiting for server to start.... done

server started

2021-03-01 13:07:37 execute to start DB on "[192.168.7.248]" success, connect to check it.

2021-03-01 13:07:38 DB on "[192.168.7.248]" start success.

2021-03-01 13:07:38 begin to start DB on "[192.168.7.249]".

sys_ctl: directory "/home/kingbase/cluster/R6HA/KHA/kingbase/data" does not exist

2021-03-01 13:07:40 execute to start DB on "[192.168.7.249]" failed.

 ID | Name    | Role    | Status    | Upstream | Location | Priority | Timeline | Connection string

----+---------+---------+-----------+----------+----------+----------+----------+---------------------------------------------------------------------------------------------------------------------------------------------------

 1  | node248 | standby |   running | node243  | default  | 90       | 26       | host=192.168.7.248 user=esrep dbname=esrep port=54321 connect_timeout=10 keepalives=1 keepalives_idle=10 keepalives_interval=1 keepalives_count=2

 3  | node243 | primary | * running |          | default  | 100      | 26       | host=192.168.7.243 user=esrep dbname=esrep port=54321 connect_timeout=10 keepalives=1 keepalives_idle=10 keepalives_interval=1 keepalives_count=2

 4  | node249 | standby |   running | node243  | default  | 100      | 26       | host=192.168.7.249 user=esrep dbname=esrep port=54321 connect_timeout=10 keepalives=1 keepalives_idle=10 keepalives_interval=1 keepalives_count=3

2021-03-01 13:07:40 The primary DB is started.

2021-03-01 13:07:45 Success to load virtual ip [192.168.7.240/24] on primary host [192.168.7.243].

2021-03-01 13:07:45 Try to ping vip on host 192.168.7.248 ...

2021-03-01 13:07:47 Try to ping vip on host 192.168.7.243 ...

2021-03-01 13:07:50 Try to ping vip on host 192.168.7.249 ...

2021-03-01 13:07:53 begin to start repmgrd on "[192.168.7.248]".

[2021-03-01 13:08:03] [NOTICE] using provided configuration file "/home/kingbase/cluster/R6HA/KHA/kingbase/bin/../etc/repmgr.conf"

[2021-03-01 13:08:03] [NOTICE] redirecting logging output to "/home/kingbase/cluster/R6HA/KHA/kingbase/hamgr.log"

2021-03-01 13:07:53 repmgrd on "[192.168.7.248]" start success.

2021-03-01 13:07:53 begin to start repmgrd on "[192.168.7.243]".

[2021-03-01 13:07:54] [NOTICE] using provided configuration file "/home/kingbase/cluster/R6HA/KHA/kingbase/bin/../etc/repmgr.conf"

[2021-03-01 13:07:54] [NOTICE] redirecting logging output to "/home/kingbase/cluster/R6HA/KHA/kingbase/hamgr.log"

2021-03-01 13:07:54 repmgrd on "[192.168.7.243]" start success.

2021-03-01 13:07:54 begin to start repmgrd on "[192.168.7.249]".

[2021-03-01 13:06:04] [NOTICE] using provided configuration file "/home/kingbase/cluster/R6HA/KHA/kingbase/bin/../etc/repmgr.conf"

[2021-03-01 13:06:04] [NOTICE] redirecting logging output to "/home/kingbase/cluster/R6HA/KHA/kingbase/hamgr.log"

2021-03-01 13:07:56 repmgrd on "[192.168.7.249]" start success.

 ID | Name    | Role    | Status    | Upstream | repmgrd | PID   | Paused? | Upstream last seen

----+---------+---------+-----------+----------+---------+-------+---------+--------------------

 1  | node248 | standby |   running | node243  | running | 2625  | no      | 0 second(s) ago

 3  | node243 | primary | * running |          | running | 22122 | no      | n/a

 4  | node249 | standby |   running | node243  | running | 16939 | no      | n/a

2021-03-01 13:08:08 Done.

# 查看集群节点状态信息

[kingbase@node3 bin]$ ./repmgr cluster show

 ID | Name    | Role    | Status    | Upstream | Location | Priority | Timeline | Connection string

----+---------+---------+-----------+----------+----------+----------+----------+---------------------------------------------------------------------------------------------------------------------------------------------------

 1  | node248 | standby |   running | node243  | default  | 90       | 26       | host=192.168.7.248 user=esrep dbname=esrep port=54321 connect_timeout=10 keepalives=1 keepalives_idle=10 keepalives_interval=1 keepalives_count=2

 3  | node243 | primary | * running |          | default  | 100      | 26       | host=192.168.7.243 user=esrep dbname=esrep port=54321 connect_timeout=10 keepalives=1 keepalives_idle=10 keepalives_interval=1 keepalives_count=2

 4  | node249 | standby |   running | node243  | default  | 100      | 26       | host=192.168.7.249 user=esrep dbname=esrep port=54321 connect_timeout=10 keepalives=1 keepalives_idle=10 keepalives_interval=1 keepalives_count=3

KingbaseES R6 集群sys_monitor.sh change_password一键修改集群用户密码的更多相关文章

  1. KingbaseES R6 集群一键修改集群和数据库参数测试案例

    ​ 案例说明: 集群环境修改集群或数据库参数,需要在每个node上都要修改,在每个节点而执行修改操作,容易出现漏改或节点上参数不一致等错误:在KingbaseES V8R6的集群中增加了,一键修改参数 ...

  2. KingbaseES R3 集群一键修改集群用户密码案例

    案例说明: 在KingbaseES R3集群的最新版本中增加了kingbase_monitor.sh一键修改集群用户密码的功能,本案例是对此功能的测试. kingbaseES R3集群一键修改密码说明 ...

  3. KingbaseES R6 集群禁用 root ssh 后需要修改集群为es_server 案例

    案例说明: 在生产环境下,由于安全需要,主机间不允许建立root用户的ssh信任连接,这样导致KingbaseES R6 repmgr集群,通过sys_monitor.sh脚本启动集群时,节点之间不能 ...

  4. KingbaseES R3 集群修改system用户密码方案

    方案说明: 对于kingbaseES R3集群修改system密码相比单机环境有一定的复杂性,需要修改的位置如下: 1)数据库中system用户密码,可以用alter user命令修改 2)在reco ...

  5. 网页一键加入QQ群

    三步简单实现功能:网页提供加入qq群按钮  让他人一键加入qq群 第一步:进入qq群官网:http://qun.qq.com/join.html 第二步:选择需要加入的群并生成网页代码 第三步:在网页 ...

  6. KingbaseES R6 集群修改ssh端口执行sys_backup.sh备份案例

    数据库环境:** test=# select version(); version ---------------------------------------------------------- ...

  7. KingbaseES R6 通过脚本构建集群案例

      案例说明: KingbaseES V8R6部署一般可采用图形化方式快速部署,但在生产一线,有的服务器系统未启用图形化环境,所以对于KingbaseES V8R6的集群需采用手工字符界面方式部署,本 ...

  8. KingbaseES R6 主备流复制集群创建级联复制案例

    案例环境: 数据库: test=# select version(); version -------------------------------------------------------- ...

  9. KingbaseES R6 集群修改物理IP和VIP案例

    在用户的实际环境里,可能有时需要修改主机的IP,这就涉及到集群的配置修改.以下以例子的方式,介绍下KingbaseES R6集群如何修改IP. 一.案例测试环境 操作系统: [KINGBASE@nod ...

随机推荐

  1. python+requests+yaml实现接口自动化用例(二)---升级版

    一.前言:前面一段时间封装的接口自动化测试框架用了一段时间发现还是有很多弊端的,目前又改良了一下,可以说整体思路全都推翻了,功能比之前强大许多,有兴趣的可以私信我单独交流,希望共同学习进步! 二.项目 ...

  2. 互联网研发效能之去哪儿网(Qunar)核心领域DevOps落地实践

    本文从业务目标角度出发,确定了开源+自建模式搭建 Qunar 研发工具链整体生态:通过 APPCODE 打通工具链,流程规范化自动化:多种手段+发布门禁助力质量提升:建立应用画像确定运维最小单元,可发 ...

  3. Java获取当天或者明天等零点时间(00:00:00)0时0分0秒的方法

    SimpleDateFormat sdfYMD = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss"); Calendar calendar = ...

  4. [零基础学IoT Pwn] 环境搭建

    [零基础学IoT Pwn] 环境搭建 0x00 前言 这里指的零基础其实是我们在实战中遇到一些基础问题,再相应的去补充学习理论知识,这样起码不会枯燥. 本系列主要是利用网上已知的IoT设备(路由器)漏 ...

  5. Spring学习笔记(4)Spring 事件原理及其应用

    在 JDK 中已经提供相应的自定义事件发布功能的基础类: java.util.EventObject类 :自定义事件类型 java.util.EventListener接口:事件的监听器 首先了解几个 ...

  6. day03 对象流与序列化

    对象流 java.io.ObjectOutputStream和ObjectInputSteam 对象流是一对高级流,在流连接中的作用是进行对象的序列化与反序列化. 对象序列化:将一个java对象按照其 ...

  7. Gorgerous -「歌词」留言板

    歌者,献祭「心声」,以沐浴「新生」. Oh love. How I miss you every single days when I see you on those streets. Oh lov ...

  8. tsconfig常用配置全解

    include, exclude, files配置项 extends配置 compilerOptions下的配置 compilerOptions.allowUnreachableCode compil ...

  9. 图像处理——相位恢复(GS,TIE,改进型角谱迭代法)

    利用GS,TIE,改进型角谱迭代算法进行相位恢复 角谱传播理论 角谱传播理论可以翻阅傅里叶光学的书,就能找到定量分析的计算公式,可以分析某个平面的角谱垂直传播到另外一个平面的角谱,得到其振幅与相位信息 ...

  10. 乘风破浪,遇见未来新能源汽车(Electric Vehicle)之特斯拉提车必须知道的十个流程

    订车 线下门店或者官网可以咨询和下单,一般来说,订金就是1000,还算可以接受. 订单账号 特斯拉账号是以邮箱为区分的,而不是手机号,我们下单的时候需要提供一个邮箱用来注册特斯拉账号. 注意了,敲黑板 ...