SRE文档一、用户
- 安装完毕之后,默认没有开启权限,因此可以直接连接
1.0 创建用户和设置密码并授权
## 创建用户和设置密码,需要注意的是密码必须使用引号括起来
> CREATE USER testuser WITH PASSWORD 'testpwd' with all privileges;## 创建用户和设置密码,需要注意的是密码必须使用引号括起来
> CREATE USER testuser WITH PASSWORD 'testpwd' with all privileges;开启权限校验
vim /etc/influxdb/influxdb.conf
# 开启配置
[http]
enabled = true
bind-address = ":8086"
auth-enabled = truevim /etc/influxdb/influxdb.conf
# 开启配置
[http]
enabled = true
bind-address = ":8086"
auth-enabled = true重启并测试
连接测试
influx -username admin -password admin
#指定host port 登陆
influx -host 'localhost' -port '8086' -username 'admin' -password 'root123'
#或者
$ influx -precision rfc3339
Connected to http://localhost:8086 version 1.7.7
InfluxDB shell version: 1.7.7
> auth
username: rw_influxdb_de
password:
#或者
>auth username passwordinflux -username admin -password admin
#指定host port 登陆
influx -host 'localhost' -port '8086' -username 'admin' -password 'root123'
#或者
$ influx -precision rfc3339
Connected to http://localhost:8086 version 1.7.7
InfluxDB shell version: 1.7.7
> auth
username: rw_influxdb_de
password:
#或者
>auth username password1.1启动方式
格式:
python
influx -format=[format]influx -format=[format]format : 启动格式,支持column,csv,json三种格式,默认为column
[root@localhost ~]# influx -format=csv
Visit https://enterprise.influxdata.com to register for updates, InfluxDB server management, and monitoring.
Connected to http://localhost:8086 version 1.1.0
InfluxDB shell version: 1.1.0
> show databases;
name,name
databases,_internal
databases,testdb
> exit
[root@localhost ~]# influx -format=json
Visit https://enterprise.influxdata.com to register for updates, InfluxDB server management, and monitoring.
Connected to http://localhost:8086 version 1.1.0
InfluxDB shell version: 1.1.0
> show databases;
{"results":[{"series":[{"name":"databases","columns":["name"],"values":[["_internal"],["testdb"]]}]}]}
> exit
[root@localhost ~]# influx -format=json -pretty
Visit https://enterprise.influxdata.com to register for updates, InfluxDB server management, and monitoring.
Connected to http://localhost:8086 version 1.1.0
InfluxDB shell version: 1.1.0
> show databases;
{
"results": [
{
"series": [
{
"name": "databases",
"columns": [
"name"
],
"values": [
[
"_internal"
],
[
"testdb"
]
]
}
]
}
]
}
>[root@localhost ~]# influx -format=csv
Visit https://enterprise.influxdata.com to register for updates, InfluxDB server management, and monitoring.
Connected to http://localhost:8086 version 1.1.0
InfluxDB shell version: 1.1.0
> show databases;
name,name
databases,_internal
databases,testdb
> exit
[root@localhost ~]# influx -format=json
Visit https://enterprise.influxdata.com to register for updates, InfluxDB server management, and monitoring.
Connected to http://localhost:8086 version 1.1.0
InfluxDB shell version: 1.1.0
> show databases;
{"results":[{"series":[{"name":"databases","columns":["name"],"values":[["_internal"],["testdb"]]}]}]}
> exit
[root@localhost ~]# influx -format=json -pretty
Visit https://enterprise.influxdata.com to register for updates, InfluxDB server management, and monitoring.
Connected to http://localhost:8086 version 1.1.0
InfluxDB shell version: 1.1.0
> show databases;
{
"results": [
{
"series": [
{
"name": "databases",
"columns": [
"name"
],
"values": [
[
"_internal"
],
[
"testdb"
]
]
}
]
}
]
}
>1.2 设置用户并赋权
> GRANT ALL PRIVILEGES ON db_name TO testuser ## 授权数据库给指定用户> GRANT ALL PRIVILEGES ON db_name TO testuser ## 授权数据库给指定用户二、权限管理
2.0 用户类型及其权限
管理员
所有管理员有所有数据库的读写权限,并且可以执行以下所有的管理类查询语句:
数据库管理:
◦ CREATE DATABASE, 和 DROP DATABASE ◦ DROP SERIES 和 DROP MEASUREMENT ◦ CREATE RETENTION POLICY, ALTER RETENTION POLICY, 和 DROP RETENTION POLICY ◦ CREATE CONTINUOUS QUERY 和 DROP CONTINUOUS QUERY
用户管理: ◦ Admin user management: CREATE USER, GRANT ALL PRIVILEGES, REVOKE ALL PRIVILEGES, 和 SHOW USERS ◦ Non-admin user management: CREATE USER, GRANT [READ,WRITE,ALL], REVOKE [READ,WRITE,ALL], 和 SHOW GRANTS ◦ General user management: SET PASSWORD 和 DROP USER
非管理员用户
非管理员用户可以赋一种权限: ◦ READ ◦ WRITE ◦ ALL (READ 和 WRITE ) 这三种情况可以赋给每个用户,每个数据库
2.1 用户管理
>create user xxx with password 'pwd'>create user xxx with password 'pwd'2.2 重设密码
>set password for xxx='newpwd'>set password for xxx='newpwd'2.3 删除用户
>drop user xxx>drop user xxx2.4 查看用户
>show users>show users2.5 针对用户进行授权和回收
- 授权
>GRANT ALL PRIVILEGES TO <username>
>GRANT [READ,WRITE,ALL] ON <database_name> TO <username>>GRANT ALL PRIVILEGES TO <username>
>GRANT [READ,WRITE,ALL] ON <database_name> TO <username>- 回收
>REVOKE ALL PRIVILEGES FROM <username>
>REVOKE [READ,WRITE,ALL] ON <database_name> FROM <username>>REVOKE ALL PRIVILEGES FROM <username>
>REVOKE [READ,WRITE,ALL] ON <database_name> FROM <username>2.6 权限查询
>show grants for <username>>show grants for <username>2.7创建admin 用户
>create user "admin" with password 'admin' with all privileges;
#查看
>show users;
user admin
---- -----
admin true>create user "admin" with password 'admin' with all privileges;
#查看
>show users;
user admin
---- -----
admin true1.3
CREATE RETENTION POLICY "cadvisor_retention" ON "cadvisor" DURATION 30d REPLICATION 1 DEFAULT ## 创建默认的数据保留策略,设置保存时间30天,副本为1