PyMongo – UserNotFound：无法find用户authentication@pipe理员

我检查了/etc/mongod.conf的权限：

 vagrant@trusty64:/vagrant/test$ sudo docker exec -it mongodb ls -l /etc/mongod.conf -rw-r--r-- 1 root root 472 Jun 22 00:09 /etc/mongod.conf

然后，我检查了它的相应内容：

 vagrant@trusty64:/vagrant/test$ sudo docker exec -it mongodb cat /etc/mongod.conf ## mongodb.conf, this file is enforced by puppet. ## ## Note: http://docs.mongodb.org/manual/reference/configuration-options/ ## ## where and how to store data. storage: dbPath: /var/lib/mongodb journal: enabled: true ## where to write logging data. systemLog: destination: file logAppend: true path: /var/log/mongodb/mongod.log ## network interfaces net: port: 27017 bindIp: 0.0.0.0 ## mongodb process processManagement: pidFilePath: /var/run/mongod.pid ## role-based access controls #security: # authorization: enabled

接下来，我添加了一个mongodb用户，调整了mongod.conf ，并重新启动了mongod进程：

 vagrant@trusty64:/vagrant/test$ sudo docker exec -it mongodb sudo mongo mongodb://mongodb:27017 --eval "db.getSiblingDB('admin'); db.createUser({\ user: 'authenticated',\ pwd: 'password',\ roles: [\ 'readWrite',\ 'userAdmin',\ 'dbAdmin',\ { role: 'readWrite', db: 'dataset' },\ { role: 'userAdmin', db: 'dataset' },\ { role: 'dbAdmin', db: 'dataset' },\ ]\ },\ { w: 'majority' , wtimeout: 5000 } )" --quiet sudo docker exec -it mongodb sudo sed -i "/#[[:space:]]*security:/s/^#//g" /etc/mongod.conf sudo docker exec -it mongodb sudo sed -i "/#[[:space:]]*authorization:[[:space:]]*enabled/s/^#//g" /etc/mongod.conf sudo docker restart mongodb

现在，我准备尝试从Docker容器中实现pymongo连接器：

 vagrant@trusty64:/vagrant/test$ sudo docker exec -it webserver python Python 2.7.6 (default, Oct 26 2016, 20:30:19) [GCC 4.8.4] on linux2 Type "help", "copyright", "credits" or "license" for more information. >>> from pymongo import MongoClient, errors >>> cur = MongoClient("mongodb://authenticated:password@mongodb:27017/admin") >>> db = cur['dataset'] >>> col = db['svm'] >>> posts = col.posts >>> result = posts.insert_one({'one': 'two'}) Traceback (most recent call last): File "<stdin>", line 1, in <module> File "/usr/local/lib/python2.7/dist-packages/pymongo/collection.py", line 654, in insert_one with self._socket_for_writes() as sock_info: File "/usr/lib/python2.7/contextlib.py", line 17, in __enter__ return self.gen.next() File "/usr/local/lib/python2.7/dist-packages/pymongo/mongo_client.py", line 825, in _get_socket with server.get_socket(self.__all_credentials) as sock_info: File "/usr/lib/python2.7/contextlib.py", line 17, in __enter__ return self.gen.next() File "/usr/local/lib/python2.7/dist-packages/pymongo/server.py", line 168, in get_socket with self.pool.get_socket(all_credentials, checkout) as sock_info: File "/usr/lib/python2.7/contextlib.py", line 17, in __enter__ return self.gen.next() File "/usr/local/lib/python2.7/dist-packages/pymongo/pool.py", line 792, in get_socket sock_info.check_auth(all_credentials) File "/usr/local/lib/python2.7/dist-packages/pymongo/pool.py", line 512, in check_auth auth.authenticate(credentials, self) File "/usr/local/lib/python2.7/dist-packages/pymongo/auth.py", line 470, in authenticate auth_func(credentials, sock_info) File "/usr/local/lib/python2.7/dist-packages/pymongo/auth.py", line 450, in _authenticate_default return _authenticate_scram_sha1(credentials, sock_info) File "/usr/local/lib/python2.7/dist-packages/pymongo/auth.py", line 201, in _authenticate_scram_sha1 res = sock_info.command(source, cmd) File "/usr/local/lib/python2.7/dist-packages/pymongo/pool.py", line 419, in command collation=collation) File "/usr/local/lib/python2.7/dist-packages/pymongo/network.py", line 116, in command parse_write_concern_error=parse_write_concern_error) File "/usr/local/lib/python2.7/dist-packages/pymongo/helpers.py", line 210, in _check_command_response raise OperationFailure(msg % errmsg, code, response) pymongo.errors.OperationFailure: Authentication failed.

Authentication failed我被拒绝。我确认我们的/etc/mongod.confconfiguration文件是正确调整的，相对于authorization指令：

 vagrant@trusty64:/vagrant/test$ sudo docker exec -it mongodb cat /etc/mongod.conf ## mongodb.conf, this file is enforced by puppet. ## ## Note: http://docs.mongodb.org/manual/reference/configuration-options/ ## ## where and how to store data. storage: dbPath: /var/lib/mongodb journal: enabled: true ## where to write logging data. systemLog: destination: file logAppend: true path: /var/log/mongodb/mongod.log ## network interfaces net: port: 27017 bindIp: 0.0.0.0 ## mongodb process processManagement: pidFilePath: /var/run/mongod.pid ## role-based access controls security: authorization: enabled

随着检查日志和相应进程的状态：

 vagrant@trusty64:/vagrant/test$ sudo docker exec -it webserver sudo telnet mongodb 27017 Trying 172.18.0.2... Connected to mongodb. Escape character is '^]'. telnet> quit vagrant@trusty64:/vagrant/test$ cat /var/log/mongodb/mongod.log [LOGS OMITTED...] vagrant@trusty64:/vagrant/test$ sudo docker exec -it mongodb cat /var/log/mongodb/mongod.log 2017-06-22T15:47:06.359-0400 I CONTROL [initandlisten] MongoDB starting : pid=1 port=27017 dbpath=/var/lib/mongodb 64-bit host=4a5966185063 2017-06-22T15:47:06.360-0400 I CONTROL [initandlisten] db version v3.2.14 2017-06-22T15:47:06.360-0400 I CONTROL [initandlisten] git version: 92f6668a768ebf294bd4f494c50f48459198e6a3 2017-06-22T15:47:06.360-0400 I CONTROL [initandlisten] OpenSSL version: OpenSSL 1.0.1f 6 Jan 2014 2017-06-22T15:47:06.360-0400 I CONTROL [initandlisten] allocator: tcmalloc 2017-06-22T15:47:06.360-0400 I CONTROL [initandlisten] modules: none 2017-06-22T15:47:06.360-0400 I CONTROL [initandlisten] build environment: 2017-06-22T15:47:06.360-0400 I CONTROL [initandlisten] distmod: ubuntu1404 2017-06-22T15:47:06.360-0400 I CONTROL [initandlisten] distarch: x86_64 2017-06-22T15:47:06.360-0400 I CONTROL [initandlisten] target_arch: x86_64 2017-06-22T15:47:06.360-0400 I CONTROL [initandlisten] options: { config: "/etc/mongod.conf", net: { bindIp: "0.0.0.0", port: 27017 }, processManagement: { pidFilePath: "/var/run/mongod.pid" }, storage: { dbPath: "/var/lib/mongodb", journal: { enabled: true } }, systemLog: { destination: "file", logAppend: true, path: "/var/log/mongodb/mongod.log" } } 2017-06-22T15:47:06.393-0400 I STORAGE [initandlisten] wiredtiger_open config: create,cache_size=1G,session_max=20000,eviction=(threads_min=4,threads_max=4),config_base=false,statistics=(fast),log=(enabled=true,archive=true,path=journal,compressor=snappy),file_manager=(close_idle_time=100000),checkpoint=(wait=60,log_size=2GB),statistics_log=(wait=0), 2017-06-22T15:47:07.211-0400 I CONTROL [initandlisten] ** WARNING: You are running this process as the root user, which is not recommended. 2017-06-22T15:47:07.211-0400 I CONTROL [initandlisten] 2017-06-22T15:47:07.211-0400 I CONTROL [initandlisten] 2017-06-22T15:47:07.211-0400 I CONTROL [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/enabled is 'always'. 2017-06-22T15:47:07.211-0400 I CONTROL [initandlisten] ** We suggest setting it to 'never' 2017-06-22T15:47:07.211-0400 I CONTROL [initandlisten] 2017-06-22T15:47:07.211-0400 I CONTROL [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/defrag is 'always'. 2017-06-22T15:47:07.211-0400 I CONTROL [initandlisten] ** We suggest setting it to 'never' 2017-06-22T15:47:07.211-0400 I CONTROL [initandlisten] 2017-06-22T15:47:07.504-0400 I FTDC [initandlisten] Initializing full-time diagnostic data capture with directory '/var/lib/mongodb/diagnostic.data' 2017-06-22T15:47:07.504-0400 I NETWORK [initandlisten] waiting for connections on port 27017 2017-06-22T15:47:07.505-0400 I NETWORK [HostnameCanonicalizationWorker] Starting hostname canonicalization worker 2017-06-22T15:47:08.713-0400 I NETWORK [initandlisten] connection accepted from 172.18.0.2:39746 #1 (1 connection now open) 2017-06-22T15:47:09.008-0400 I COMMAND [conn1] insert admin.system.users ninserted:1 keyUpdates:0 writeConflicts:0 numYields:0 locks:{ Global: { acquireCount: { r: 4, w: 4 } }, Database: { acquireCount: { W: 4 } }, Collection: { acquireCount: { w: 1 } } } 151ms 2017-06-22T15:47:09.008-0400 I COMMAND [conn1] command test.$cmd command: createUser { createUser: "authenticated", pwd: "xxx", roles: [ "readWrite", "userAdmin", "dbAdmin", { role: "readWrite", db: "dataset" }, { role: "userAdmin", db: "dataset" }, { role: "dbAdmin", db: "dataset" } ], digestPassword: false, writeConcern: { w: "majority", wtimeout: 5000.0 } } keyUpdates:0 writeConflicts:0 numYields:0 reslen:22 locks:{ Global: { acquireCount: { r: 4, w: 4 } }, Database: { acquireCount: { W: 4 } }, Collection: { acquireCount: { w: 1 } } } protocol:op_command 280ms 2017-06-22T15:47:09.198-0400 I NETWORK [conn1] end connection 172.18.0.2:39746 (0 connections now open) 2017-06-22T15:47:09.744-0400 I CONTROL [signalProcessingThread] got signal 15 (Terminated), will terminate after current cmd ends 2017-06-22T15:47:09.749-0400 I FTDC [signalProcessingThread] Shutting down full-time diagnostic data capture 2017-06-22T15:47:09.753-0400 I CONTROL [signalProcessingThread] now exiting 2017-06-22T15:47:09.753-0400 I NETWORK [signalProcessingThread] shutdown: going to close listening sockets... 2017-06-22T15:47:09.753-0400 I NETWORK [signalProcessingThread] closing listening socket: 6 2017-06-22T15:47:09.753-0400 I NETWORK [signalProcessingThread] closing listening socket: 7 2017-06-22T15:47:09.753-0400 I NETWORK [signalProcessingThread] removing socket file: /tmp/mongodb-27017.sock 2017-06-22T15:47:09.754-0400 I NETWORK [signalProcessingThread] shutdown: going to flush diaglog... 2017-06-22T15:47:09.754-0400 I NETWORK [signalProcessingThread] shutdown: going to close sockets... 2017-06-22T15:47:09.754-0400 I STORAGE [signalProcessingThread] WiredTigerKVEngine shutting down 2017-06-22T15:47:10.044-0400 I STORAGE [signalProcessingThread] shutdown: removing fs lock... 2017-06-22T15:47:10.045-0400 I CONTROL [signalProcessingThread] dbexit: rc: 0 2017-06-22T15:47:10.825-0400 I CONTROL [main] ***** SERVER RESTARTED ***** 2017-06-22T15:47:10.922-0400 I CONTROL [initandlisten] MongoDB starting : pid=1 port=27017 dbpath=/var/lib/mongodb 64-bit host=4a5966185063 2017-06-22T15:47:10.922-0400 I CONTROL [initandlisten] db version v3.2.14 2017-06-22T15:47:10.922-0400 I CONTROL [initandlisten] git version: 92f6668a768ebf294bd4f494c50f48459198e6a3 2017-06-22T15:47:10.922-0400 I CONTROL [initandlisten] OpenSSL version: OpenSSL 1.0.1f 6 Jan 2014 2017-06-22T15:47:10.922-0400 I CONTROL [initandlisten] allocator: tcmalloc 2017-06-22T15:47:10.922-0400 I CONTROL [initandlisten] modules: none 2017-06-22T15:47:10.922-0400 I CONTROL [initandlisten] build environment: 2017-06-22T15:47:10.922-0400 I CONTROL [initandlisten] distmod: ubuntu1404 2017-06-22T15:47:10.922-0400 I CONTROL [initandlisten] distarch: x86_64 2017-06-22T15:47:10.922-0400 I CONTROL [initandlisten] target_arch: x86_64 2017-06-22T15:47:10.923-0400 I CONTROL [initandlisten] options: { config: "/etc/mongod.conf", net: { bindIp: "0.0.0.0", port: 27017 }, processManagement: { pidFilePath: "/var/run/mongod.pid" }, security: { authorization: "enabled" }, storage: { dbPath: "/var/lib/mongodb", journal: { enabled: true } }, systemLog: { destination: "file", logAppend: true, path: "/var/log/mongodb/mongod.log" } } 2017-06-22T15:47:10.940-0400 I - [initandlisten] Detected data files in /var/lib/mongodb created by the 'wiredTiger' storage engine, so setting the active storage engine to 'wiredTiger'. 2017-06-22T15:47:10.940-0400 I STORAGE [initandlisten] wiredtiger_open config: create,cache_size=1G,session_max=20000,eviction=(threads_min=4,threads_max=4),config_base=false,statistics=(fast),log=(enabled=true,archive=true,path=journal,compressor=snappy),file_manager=(close_idle_time=100000),checkpoint=(wait=60,log_size=2GB),statistics_log=(wait=0), 2017-06-22T15:47:13.466-0400 I CONTROL [initandlisten] ** WARNING: You are running this process as the root user, which is not recommended. 2017-06-22T15:47:13.467-0400 I CONTROL [initandlisten] 2017-06-22T15:47:13.468-0400 I CONTROL [initandlisten] 2017-06-22T15:47:13.468-0400 I CONTROL [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/enabled is 'always'. 2017-06-22T15:47:13.468-0400 I CONTROL [initandlisten] ** We suggest setting it to 'never' 2017-06-22T15:47:13.468-0400 I CONTROL [initandlisten] 2017-06-22T15:47:13.468-0400 I CONTROL [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/defrag is 'always'. 2017-06-22T15:47:13.468-0400 I CONTROL [initandlisten] ** We suggest setting it to 'never' 2017-06-22T15:47:13.468-0400 I CONTROL [initandlisten] 2017-06-22T15:47:13.876-0400 I FTDC [initandlisten] Initializing full-time diagnostic data capture with directory '/var/lib/mongodb/diagnostic.data' 2017-06-22T15:47:13.876-0400 I NETWORK [initandlisten] waiting for connections on port 27017 2017-06-22T15:47:13.876-0400 I NETWORK [HostnameCanonicalizationWorker] Starting hostname canonicalization worker 2017-06-22T15:48:13.362-0400 I NETWORK [initandlisten] connection accepted from 172.18.0.6:39426 #1 (1 connection now open) 2017-06-22T15:48:13.492-0400 I NETWORK [initandlisten] connection accepted from 172.18.0.6:39428 #2 (2 connections now open) 2017-06-22T15:48:13.528-0400 I ACCESS [conn2] SCRAM-SHA-1 authentication failed for authenticated on admin from client 172.18.0.6 ; UserNotFound: Could not find user authenticated@admin 2017-06-22T15:48:30.488-0400 I NETWORK [initandlisten] connection accepted from 172.18.0.6:39454 #3 (3 connections now open) 2017-06-22T15:48:30.493-0400 I NETWORK [initandlisten] connection accepted from 172.18.0.6:39456 #4 (4 connections now open) 2017-06-22T15:48:30.495-0400 I ACCESS [conn4] SCRAM-SHA-1 authentication failed for authenticated on admin from client 172.18.0.6 ; UserNotFound: Could not find user authenticated@admin 2017-06-22T15:48:34.065-0400 I NETWORK [conn2] end connection 172.18.0.6:39428 (3 connections now open) 2017-06-22T15:48:34.065-0400 I NETWORK [conn1] end connection 172.18.0.6:39426 (2 connections now open) 2017-06-22T15:48:44.930-0400 I NETWORK [conn4] end connection 172.18.0.6:39456 (1 connection now open) 2017-06-22T15:48:44.930-0400 I NETWORK [conn3] end connection 172.18.0.6:39454 (0 connections now open) 2017-06-22T15:48:46.287-0400 I NETWORK [initandlisten] connection accepted from 172.18.0.6:39484 #5 (1 connection now open) 2017-06-22T15:48:46.291-0400 I NETWORK [initandlisten] connection accepted from 172.18.0.6:39486 #6 (2 connections now open) 2017-06-22T15:48:46.293-0400 I ACCESS [conn6] SCRAM-SHA-1 authentication failed for authenticated on admin from client 172.18.0.6 ; UserNotFound: Could not find user authenticated@admin 2017-06-22T15:48:58.031-0400 I NETWORK [conn6] end connection 172.18.0.6:39486 (1 connection now open) 2017-06-22T15:48:58.032-0400 I NETWORK [conn5] end connection 172.18.0.6:39484 (0 connections now open) 2017-06-22T15:49:02.907-0400 I NETWORK [initandlisten] connection accepted from 172.18.0.6:39512 #7 (1 connection now open) 2017-06-22T15:49:02.912-0400 I NETWORK [initandlisten] connection accepted from 172.18.0.6:39514 #8 (2 connections now open) 2017-06-22T15:49:02.915-0400 I ACCESS [conn8] SCRAM-SHA-1 authentication failed for authenticated on admin from client 172.18.0.6 ; UserNotFound: Could not find user authenticated@admin 2017-06-22T15:49:10.806-0400 I NETWORK [conn8] end connection 172.18.0.6:39514 (1 connection now open) 2017-06-22T15:49:10.807-0400 I NETWORK [conn7] end connection 172.18.0.6:39512 (0 connections now open) vagrant@trusty64:/vagrant/test$ sudo docker exec -it mongodb netstat -ntlup Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:27017 0.0.0.0:* LISTEN 1/mongod tcp 0 0 127.0.0.11:44122 0.0.0.0:* LISTEN - udp 0 0 127.0.0.11:49005 0.0.0.0:*

我以为我已经创build了一个基于上述步骤的用户。我有没有在本地数据库上创build一个用户？我可以成功地使用已authenticated用户（而不是特定的数据库）login：

 vagrant@trusty64:/vagrant/test$ sudo docker exec -it mongodb mongo --port 27017 -u authenticated -p password MongoDB shell version: 3.2.14 connecting to: 127.0.0.1:27017/test Welcome to the MongoDB shell. For interactive help, type "help". For more comprehensive documentation, see http://docs.mongodb.org/ Questions? Try the support group http://groups.google.com/group/mongodb-user >

注意：我有一个相应的github 问题，来跟踪这个问题的进度。

也许，我需要特别注意从以上/var/log/mongodb/mongod.log取得的以下子代码片段：

 2017-06-22T17:49:49.663-0400 I NETWORK [initandlisten] connection accepted from 172.18.0.2:40926 #1 (1 connection now open) 2017-06-22T17:49:50.180-0400 I COMMAND [conn1] update admin.system.version query: { _id: "authSchema" } update: { $set: { currentVersion: 5 } } keysExamined:0 docsExamined:0 nMatched:1 nModified:1 upsert:1 keyUpdates:0 writeConflicts:0 numYields:0 locks:{ Global: { acquireCount: { r: 2, w: 2 } }, Database: { acquireCount: { W: 2 } } } 428ms 2017-06-22T17:49:50.397-0400 I COMMAND [conn1] insert admin.system.users ninserted:1 keyUpdates:0 writeConflicts:0 numYields:0 locks:{ Global: { acquireCount: { r: 4, w: 4 } }, Database: { acquireCount: { W: 4 } }, Collection: { acquireCount: { w: 1 } } } 188ms 2017-06-22T17:49:50.397-0400 I COMMAND [conn1] command test.$cmd command: createUser { createUser: "authenticated", pwd: "xxx", roles: [ "readWrite", "userAdmin", "dbAdmin", { role: "readWrite", db: "dataset" }, { role: "userAdmin", db: "dataset" }, { role: "dbAdmin", db: "dataset" } ], digestPassword: false, writeConcern: { w: "majority", wtimeout: 5000.0 } } keyUpdates:0 writeConflicts:0 numYields:0 reslen:22 locks:{ Global: { acquireCount: { r: 4, w: 4 } }, Database: { acquireCount: { W: 4 } }, Collection: { acquireCount: { w: 1 } } } protocol:op_command 703ms

哪些可能与相同日志文件中的后续代码段有关：

 2017-06-22T17:59:38.129-0400 I ACCESS [conn10] SCRAM-SHA-1 authentication failed for authenticated on admin from client 172.18.0.4 ; UserNotFound: Could not find user authenticated@admin

我早些时候和你谈过IRC。

问题是，当你正在用线创build你的用户

 vagrant@trusty64:/vagrant/test$ sudo docker exec -it mongodb sudo mongo mongodb://mongodb:27017 --eval "db.getSiblingDB('admin'); db.createUser(...

你实际上并没有把dbvariables设置为兄弟（admin）数据库。你只是简单的调用一个返回数据库的函数。

您需要使用命令db = db.getSiblingDB('admin'); 在shell中将当前数据库设置为“admin”数据库。

你也可以用简写formsuse admin 。

或者你可以在你的mongod调用中包含admin数据库，并放弃所有的eval'd数据库开关。数据库名称通常是mongod可执行文件的第一个参数。我不能100％确定它将如何转换为您的docker命令。

也许vagrant@trusty64:/vagrant/test$ sudo docker exec -it mongodb sudo mongo admin mongodb://mongodb:27017 --eval "db.createUser(...

干杯!

PyMongo – UserNotFound：无法find用户authentication@pipe理员

PyMongo和Django