seabox scdcs
seabox scdcs¶
管理Seabox数据库的scdcs模块
- 语法
- ``` bash seabox scdcs config.
Usage: seabox scdcs [OPTIONS]
Options: -?, –help show this help, then exit
Commands: auth seabox scdcs auth config. cert seabox scdcs cert config. ```
- 描述
-
对seabox数据库的scdcs模块进行管理,目前包括对scdcs的认证管理。
- 注意:无
- 选项
- 该命令支持以下子命令:auth, cert
seabox scdcs auth¶
管理Seabox数据库的scdcs模块基于用户名密码的认证功能
- 语法
- ``` bash seabox scdcs auth config.
Usage: seabox scdcs auth [OPTIONS]
Options: -h, –help show this help, then exit
Commands: disable disables scdcs authentication. enable enables scdcs authentication. status show scdcs authentication status. ```
- 描述
-
对seabox数据库的scdcs模块进行管理,目前包括对scdcs的认证管理。
- 注意:无
- 选项
- 该命令支持以下子命令:enable/disable/status
seabox scdcs auth enable¶
开启Seabox数据库的scdcs模块的认证功能
- 语法
- ``` bash enables scdcs authentication.
Usage: seabox scdcs auth enable [OPTIONS]
Options: -h, –help show this help, then exit ```
- 描述
-
开启scdcs模块的认证功能。数据库安装后,默认scdcs模块无需认证。用户使用客户端工具,如etcdctl,不需要用户名密码就可以读取,修改scdcs中的数据。当执行seabox scdcs auth enable后,scdcs开始要求必须使用用户名密码才能访问
- 注意:使用此命令要求数据库除scdcs的其它模块都停止运行,仅保留scdcs运行
- 选项
- 无
- 示例
- 以下是
seabox scdcs auth enable的执行结果:
[jack@test-1 mpp]$ seabox scdcs auth enable
2024-07-01 01:18:17 UTC [36901] seabox default INFO: begin enable scdcs auth
2024-07-01 01:18:17 UTC [36901] seabox default INFO: etcdctl --endpoints=172.16.12.11:31110,172.16.12.7:31110,172.16.12.2:31110 user add root:7591dd1ae612ac9cde90edf5a9d289c1
2024-07-01 01:18:17 UTC [36901] seabox default INFO: etcdctl --endpoints=172.16.12.11:31110,172.16.12.7:31110,172.16.12.2:31110 auth enable
2024-07-01 01:18:17 UTC [36901] seabox default INFO: finish enable scdcs auth
seabox scdcs auth disable¶
关闭Seabox数据库的scdcs模块的认证功能
- 语法
- ``` bash disables scdcs authentication.
Usage: seabox scdcs auth disable [OPTIONS]
Options: -h, –help show this help, then exit ```
- 描述
-
关闭scdcs模块的用户认证功能。关闭后,scdcs可以匿名访问
- 注意:使用此命令要求数据库除scdcs的其它模块都停止运行,仅保留scdcs运行
- 选项
- 无
- 示例
- 以下是
seabox scdcs auth disable的执行结果:
[jack@test-1 mpp]$ seabox scdcs auth disable
2024-07-01 01:19:30 UTC [36952] seabox default INFO: begin disable scdcs auth
2024-07-01 01:19:30 UTC [36952] seabox default INFO: etcdctl --endpoints=172.16.12.11:31110,172.16.12.7:31110,172.16.12.2:31110 --user=root --password=7591dd1ae612ac9cde90edf5a9d289c1 auth disable
2024-07-01 01:19:30 UTC [36952] seabox default INFO: etcdctl --endpoints=172.16.12.11:31110,172.16.12.7:31110,172.16.12.2:31110 --user=root --password=7591dd1ae612ac9cde90edf5a9d289c1 user delete root
2024-07-01 01:19:30 UTC [36952] seabox default INFO: etcdctl --endpoints=172.16.12.11:31110,172.16.12.7:31110,172.16.12.2:31110 --user=root --password=7591dd1ae612ac9cde90edf5a9d289c1 role delete root
2024-07-01 01:19:30 UTC [36952] seabox default INFO: finish disable scdcs auth
seabox scdcs auth status¶
查看Seabox数据库的scdcs模块的认证功能是否开启
- 语法
- ``` bash show scdcs authentication status.
Usage: seabox scdcs auth status [OPTIONS]
Options: -h, –help show this help, then exit ```
- 描述
-
查看Seabox数据库的scdcs模块的认证功能是否开启,如果开启,则显示True,反之显示False
- 注意:使用此命令要求scdcs模块在线,与其他模块无关
- 选项
- 无
- 示例
- 以下是
seabox scdcs auth status的执行结果:
[jack@test-1 mpp]$ seabox scdcs auth status
scdcs authentication status: False
seabox scdcs cert¶
管理Seabox数据库的scdcs模块基于tls的认证功能。这里的认证包括scdcs客户端(如gtm, monitor)与scdcs之间的认证,也包括scdcs自身节点之间的认证
语法:
seabox scdcs cert config.
Usage:
seabox scdcs cert [OPTIONS]
Options:
-h, --help show this help, then exit
Commands:
disable disables scdcs cert authentication.
enable enables scdcs cert authentication.
status show scdcs cert authentication status.
- 描述
-
对seabox数据库的scdcs模块进行tls认证管理
- 注意:无
- 选项
- 该命令支持以下子命令:enable/disable/status
seabox scdcs cert enable¶
开启Seabox数据库的scdcs模块的tls认证功能
语法:
[jack@master ~]$ seabox scdcs cert enable --help
enables scdcs cert authentication.
Usage:
seabox scdcs cert enable [OPTIONS]
Options:
--onlyfile only add tls file, modify scdcs config file
-h, --help show this help, then exit
- 描述
-
开启scdcs模块的tls认证功能。开启后,scdcs的客户端须制定认证文件才能连接scdcs
- 注意:建议使用此命令时数据库除scdcs的其它模块都停止运行,仅保留scdcs运行
- 选项
- 该命令支持的选项
--onlyfile
: 仅准备好tls的认证文件,配置好scdcs的配置文件,不与scdcs进行交互。用于特殊情况下,集群状态的修复
- 示例
- 以下是
seabox scdcs cert enable的执行结果:
[jack@master etc]$ seabox scdcs cert enable
2024-09-27 07:23:52 UTC [52735] seabox default INFO: begin enable cluster cert authentication
2024-09-27 07:23:52 UTC [52735] seabox default INFO: begin update scdcs peer urls
2024-09-27 07:23:52 UTC [52735] seabox default INFO: begin stop scdcs
2024-09-27 07:24:00 UTC [52735] seabox default INFO: begin distribute tls config files
2024-09-27 07:24:01 UTC [52735] seabox default INFO: prepare_tls_config_local
2024-09-27 07:24:02 UTC [52735] seabox default INFO: begin generate tls config
2024-09-27 07:24:03 UTC [52735] seabox default INFO: finish generate tls config
2024-09-27 07:24:03 UTC [52735] seabox default INFO: begin distribute tls config files
2024-09-27 07:24:03 UTC [52735] seabox default INFO: scdcs is offline, read info from scdcs dump file
2024-09-27 07:24:03 UTC [52735] seabox default INFO: scscp -h node1,node2 -S /home/seabox/sdsql/etc/tls_7780f59e7ca111efad211dd5d2c3042a/openssl.conf -D /home/seabox/sdsql/etc/tls_7780f59e7ca111efad211dd5d2c3042a/openssl.conf
2024-09-27 07:24:05 UTC [52735] seabox default INFO: scscp -h node1,node2 -S /home/seabox/sdsql/etc/tls_7780f59e7ca111efad211dd5d2c3042a/ca.key -D /home/seabox/sdsql/etc/tls_7780f59e7ca111efad211dd5d2c3042a/ca.key
2024-09-27 07:24:07 UTC [52735] seabox default INFO: scscp -h node1,node2 -S /home/seabox/sdsql/etc/tls_7780f59e7ca111efad211dd5d2c3042a/ca.crt -D /home/seabox/sdsql/etc/tls_7780f59e7ca111efad211dd5d2c3042a/ca.crt
2024-09-27 07:24:09 UTC [52735] seabox default INFO: scscp -h node1,node2 -S /home/seabox/sdsql/etc/tls_7780f59e7ca111efad211dd5d2c3042a/ca.srl -D /home/seabox/sdsql/etc/tls_7780f59e7ca111efad211dd5d2c3042a/ca.srl
2024-09-27 07:24:11 UTC [52735] seabox default INFO: scscp -h node1,node2 -S /home/seabox/sdsql/etc/tls_7780f59e7ca111efad211dd5d2c3042a/client.key -D /home/seabox/sdsql/etc/tls_7780f59e7ca111efad211dd5d2c3042a/client.key
2024-09-27 07:24:13 UTC [52735] seabox default INFO: scscp -h node1,node2 -S /home/seabox/sdsql/etc/tls_7780f59e7ca111efad211dd5d2c3042a/client.csr -D /home/seabox/sdsql/etc/tls_7780f59e7ca111efad211dd5d2c3042a/client.csr
2024-09-27 07:24:15 UTC [52735] seabox default INFO: scscp -h node1,node2 -S /home/seabox/sdsql/etc/tls_7780f59e7ca111efad211dd5d2c3042a/client.crt -D /home/seabox/sdsql/etc/tls_7780f59e7ca111efad211dd5d2c3042a/client.crt
2024-09-27 07:24:17 UTC [52735] seabox default INFO: scscp -h node1,node2 -S /home/seabox/sdsql/etc/tls_7780f59e7ca111efad211dd5d2c3042a/peer.key -D /home/seabox/sdsql/etc/tls_7780f59e7ca111efad211dd5d2c3042a/peer.key
2024-09-27 07:24:20 UTC [52735] seabox default INFO: scscp -h node1,node2 -S /home/seabox/sdsql/etc/tls_7780f59e7ca111efad211dd5d2c3042a/peer.csr -D /home/seabox/sdsql/etc/tls_7780f59e7ca111efad211dd5d2c3042a/peer.csr
2024-09-27 07:24:22 UTC [52735] seabox default INFO: scscp -h node1,node2 -S /home/seabox/sdsql/etc/tls_7780f59e7ca111efad211dd5d2c3042a/peer.crt -D /home/seabox/sdsql/etc/tls_7780f59e7ca111efad211dd5d2c3042a/peer.crt
2024-09-27 07:24:24 UTC [52735] seabox default INFO: scscp -h node1,node2 -S /home/seabox/sdsql/etc/tls_7780f59e7ca111efad211dd5d2c3042a/cert_enabled -D /home/seabox/sdsql/etc/tls_7780f59e7ca111efad211dd5d2c3042a/cert_enabled
2024-09-27 07:24:26 UTC [52735] seabox default INFO: finish distribute tls config files
2024-09-27 07:24:27 UTC [52735] seabox default INFO: finish scdcs tls config enable
2024-09-27 07:24:28 UTC [52735] seabox default INFO: finish add tls config
2024-09-27 07:24:36 UTC [52735] seabox default INFO: finish enable cluster cert authentication
seabox scdcs cert disable¶
关闭Seabox数据库的scdcs模块的tls认证功能
- 语法
- ``` bash disables scdcs cert authentication.
Usage: seabox scdcs cert disable [OPTIONS]
Options: –onlyfile only remove tls file, modify scdcs config file -h, –help show this help, then exit ```
- 描述
- 关闭scdcs模块的用户tls认证功能。关闭后,连接scdcs将不需要认证文件
- 选项
- 无
- 示例
- 以下是
seabox scdcs cert disable的执行结果:
[jack@master etc]$ seabox scdcs cert disable
2024-09-27 07:51:33 UTC [6907] seabox default INFO: begin scdcs config disable cert authentication
2024-09-27 07:51:33 UTC [6907] seabox default INFO: begin update scdcs peer urls
2024-09-27 07:51:33 UTC [6907] seabox default INFO: begin stop scdcs
2024-09-27 07:52:06 UTC [6907] seabox default INFO: begin remove tls config
2024-09-27 07:52:07 UTC [6907] seabox default INFO: finish remove tls config
2024-09-27 07:52:09 UTC [6907] seabox default INFO: finish scdcs tls config disable
2024-09-27 07:52:10 UTC [6907] seabox default INFO: finish remove tls config
2024-09-27 07:52:10 UTC [6907] seabox default INFO: begin start scdcs
2024-09-27 07:52:18 UTC [6907] seabox default INFO: finish disable cluster cert authentication
seabox scdcs cert status¶
查看Seabox数据库的scdcs模块的tls认证功能是否开启
- 语法
- ``` bash show scdcs cert authentication status.
Usage: seabox scdcs cert status [OPTIONS]
Options: -h, –help show this help, then exit ```
- 描述
- 查看Seabox数据库的scdcs模块的tls认证功能是否开启,如果开启,则显示True,反之显示False
- 选项
- 无
- 示例
- 以下是
seabox scdcs cert status的执行结果:
[jack@master etc]$ seabox scdcs cert status
scdcs tls cert status: False