写在前面
这篇文章的前提是,mongo2.6.9升级mongo3.0.7的过程中,发现authSchema版本过低无法启动mongos。在这种情况下,有了这么一篇调研方案
知识准备
这两篇文章关于authSchema版本的关键信息整理如下:
To override this behavior, run the upgrade command with the additional parameter upgradeShards:false. If you choose to override, you must run the upgrade procedure on the mongos first, and then run the procedure on the primary members of each shard.
If your existing MongoDB deployment is already running with authentication and authorization, your user data model authSchema must be at least version 3.
If you upgrade to 3.0 and have run authSchemaUpgrade, you cannot downgrade to 2.6 without disabling –auth or restoring a pre-upgrade backup, as authSchemaUpgrade discards the MONGODB-CR credentials used in 2.6. See Upgrade Existing MONGODB-CR Users to Use SCRAM-SHA-1.
查看当前authSchema版本
1 | use admin |
authSchema版本信息整理如下:
If you are currently using auth and you have schema version 2 or 3, the query returns the currentVersion of the existing authSchema.
If you do not currently have any users or you are using authSchema version 1, the query will not return any result.
If your authSchema version is less than 3 or the query does not return any results, see Upgrade User Authorization Data to 2.6 Format to upgrade the authSchema version before upgrading to MongoDB 3.0.
After upgrading MongoDB to 3.0 from 2.6, to use the new SCRAM-SHA-1 challenge-response mechanism if you have existing user data, you will need to upgrade the authentication schema a second time. This upgrades the MONGODB-CR user model to SCRAM-SHA-1 user model. See Upgrade to SCRAM-SHA-1 for details.
升级authSchema
1 | // 不作用于所有分片(但会影响所有mongos) |
降级authSchema
官网上我没有查到相关的降级方案,只是提示说升级authSchema要慎重,因为降级比升级麻烦多了,但是没有说具体的降级方案,网上查了这篇文章,也没有太大帮助,so,hack?
hack一下
注意,这方法仅供娱乐,和临时解决问题,没有在生产环境测试过
- 删掉system.version中authSchema
- 删掉system.users中的内容
- 删掉system.new_users中的内容
- 将system.bachup_users中的用户存入system.user中
降级完成之后,进行验证1
db.system.version.find( { _id: "authSchema" })