We have created 3 shards and each shard has 2 replicas with mongodb version 3.6.21. Then we created admin user with root privileges in the primary node of each shard on different nodes. We are able to login to mongod service directly by using user/pass auth. Now we would like to enable sharding on an application dB and for that we are using below commands.
[root@MONGODB01 ~]# mongo --port 27017
MongoDB shell version v3.6.21
connecting to: mongodb://127.0.0.1:27017/?gssapiServiceName=mongodb
Implicit session: session { "id" : UUID("45c58424-422c-4a73-9d18-027718aa0a36") }
MongoDB server version: 3.6.21
mongos> use dsyh_mongo
switched to db dsyh_mongo
mongos> sh.enableSharding("dsyh_mongo")
{
"ok" : 0,
"errmsg" : "not authorized on admin to execute command { enableSharding: \"dsyh_mongo\", lsid: { id: UUID(\"45c58424-422c-4a73-9d18-027718aa0a36\") }, $clusterTime: { clusterTime: Timestamp(1634624354, 1), signature: { hash: BinData(0, 3F3BBFE3DD659B7E0FAEE493345496D9DAB9B2A4), keyId: 7020363352299798554 } }, $db: \"admin\" }",
"code" : 13,
"codeName" : "Unauthorized",
"operationTime" : Timestamp(1634624352, 1),
"$clusterTime" : {
"clusterTime" : Timestamp(1634624354, 1),
"signature" : {
"hash" : BinData(0,"Pzu/491lm34PruSTNFSW2dq5sqQ="),
"keyId" : NumberLong("7020363352299798554")
}
}
}
But we are facing above error. Here mongos is running on port 27017 and mongodb is running on port 37017 on the same server Please suggest what went wrong here as we were able to use the similar steps earlier?
CodePudding user response:
I assume you mix "normal" user and "shard-local" user. From the tutorial I provided in my comment:
Users
In general, to create users for a sharded clusters, connect to the
mongos
and add the sharded cluster users.However, some maintenance operations require direct connections to specific shards in a sharded cluster. To perform these operations, you must connect directly to the shard and authenticate as a shard-local administrative user.
Shard-local users exist only in the specific shard and should only be used for shard-specific maintenance and configuration. You cannot connect to the
mongos
with shard-local users.
Or see Sharded Cluster Users