1.查看user.xml文件可知設置密碼的多種方式

<!-- Password could be specified in plaintext or in SHA256 (in hex format). If you want to specify password in plaintext (not recommended), place it in 'password' element. Example: <password>qwerty</password>. Password could be empty.If you want to specify SHA256, place it in 'password_sha256_hex' element. Example: <password_sha256_hex>65e84be33532fb784c48129675f9eff3a682b27168c0ea744b2cf58ee02337c5</password_sha256_hex> Restrictions of SHA256: impossibility to connect to ClickHouse using MySQL JS client (as of July 2019).If you want to specify double SHA1, place it in 'password_double_sha1_hex' element. Example: <password_double_sha1_hex>e395796d6546b1b65db9d665cd43f0e858dd4303</password_double_sha1_hex>If you want to specify a previously defined LDAP server (see 'ldap_servers' in the main config) for authentication, place its name in 'server' element inside 'ldap' element. Example: <ldap><server>my_ldap_server</server></ldap>If you want to authenticate the user via Kerberos (assuming Kerberos is enabled, see 'kerberos' in the main config), place 'kerberos' element instead of 'password' (and similar) elements. The name part of the canonical principal name of the initiator must match the user name for authentication to succeed. You can also place 'realm' element inside 'kerberos' element to further restrict authentication to only those requests whose initiator's realm matches it. Example: <kerberos /> Example: <kerberos><realm>EXAMPLE.COM</realm></kerberos>How to generate decent password: Execute: PASSWORD=$(base64 < /dev/urandom | head -c8); echo "$PASSWORD"; echo -n "$PASSWORD" | sha256sum | tr -d '-' In first line will be password and in second - corresponding SHA256.How to generate double SHA1: Execute: PASSWORD=$(base64 < /dev/urandom | head -c8); echo "$PASSWORD"; echo -n "$PASSWORD" | sha1sum | tr -d '-' | xxd -r -p | sha1sum | tr -d '-' In first line will be password and in second - corresponding double SHA1. -->

2.測試一下明文和SHA256方式

2.1 明文

# 修改配置文件 vim /etc/clickhouse-server/users.xml # 密碼改為 <password>666666</password># 重啟服務 systemctl restart clickhouse-server.service# 使用密碼登錄 [root@tcloud ~]# clickhouse-client --password 666666 ClickHouse client version 21.6.6.51 (official build). Connecting to localhost:9000 as user default. Connected to ClickHouse server version 21.6.6 revision 54448.

2.2 SHA256

# 這是配置文件里的說明 How to generate decent password: Execute: PASSWORD=$(base64 < /dev/urandom | head -c8); echo "$PASSWORD"; echo -n "$PASSWORD" | sha256sum | tr -d '-' In first line will be password and in second - corresponding SHA256.# 根據說明生成SHA256密碼 [root@tcloud ~]# PASSWORD=$(base64 < /dev/urandom | head -c8); echo "$PASSWORD"; echo -n "$PASSWORD" | sha256sum | tr -d '-' zQEkhhcL cfaaae90d863c47187d9a9a58e9e1ef919fcd0d765c67e961bd3e56e96bfea8a# 上邊是隨機生成的 這個是土豪方式 [root@tcloud ~]# PASSWORD=88888888; echo "$PASSWORD"; echo -n "$PASSWORD" | sha256sum | tr -d '-' 88888888 615ed7fb1504b0c724a296d7a69e6c7b2f9ea2c57c1d8206c5afdf392ebdfd25# 修改配置文件 vim /etc/clickhouse-server/users.xml # 密碼改為 <password_sha256_hex>615ed7fb1504b0c724a296d7a69e6c7b2f9ea2c57c1d8206c5afdf392ebdfd25</password_sha256_hex># 再次重啟服務 systemctl restart clickhouse-server.service# 使用密碼登錄 [root@tcloud ~]# clickhouse-client --password 88888888 ClickHouse client version 21.6.6.51 (official build). Connecting to localhost:9000 as user default. Connected to ClickHouse server version 21.6.6 revision 54448.

3.新用戶添加

想象中加一個用戶標簽和密碼就OK了，配置走起！

# 修改配置文件 vim /etc/clickhouse-server/users.xml # 添加一下標簽 <admin>就是用戶名 內部的標簽就是當前用戶的設置項 <admin><password>123456</password><networks><ip>::/0</ip></networks><profile>default</profile><quota>default</quota> </admin># 再再次重啟服務 systemctl restart clickhouse-server.service# 使用用戶名和密碼登錄 如果只使用密碼則是default用戶 [root@tcloud ~]# clickhouse-client --user admin --password 123456 ClickHouse client version 21.6.6.51 (official build). Connecting to localhost:9000 as user admin. Connected to ClickHouse server version 21.6.6 revision 54448.

3.1 readonly mode設置

如果要設置一個只讀用戶，可以修改user.xml里用戶的標簽屬性。我們先看一下官方配置文件的說明：

<profiles><!-- Default settings. --><default><!-- Maximum memory usage for processing single query, in bytes. --><max_memory_usage>10000000000</max_memory_usage><!-- How to choose between replicas during distributed query processing.random - choose random replica from set of replicas with minimum number of errorsnearest_hostname - from set of replicas with minimum number of errors, choose replicawith minimum number of different symbols between replica's hostname and local hostname(Hamming distance).in_order - first live replica is chosen in specified order.first_or_random - if first replica one has higher number of errors, pick a random one from replicas with minimum number of errors.--><load_balancing>random</load_balancing></default><!-- Profile that allows only read queries. --><readonly><readonly>1</readonly></readonly></profiles>

測試：

# 修改配置文件 vim /etc/clickhouse-server/users.xml # 添加一下標簽 <admin>就是用戶名 內部的標簽就是當前用戶的設置項 <admin><password>123456</password><networks><ip>::/0</ip></networks><profile>readonly</profile><quota>default</quota> </admin># 再再再次重啟服務 systemctl restart clickhouse-server.service# 使用用戶名和密碼登錄【此時用戶是只讀模式】 [root@tcloud clickhouse-server]# clickhouse-client --user admin --password 123456 ClickHouse client version 21.7.2.7 (official build). Connecting to localhost:9000 as user admin. Connected to ClickHouse server version 21.7.2 revision 54449.# 測試 先進行查詢操作 tcloud :) select * from tb_stat;SELECT * FROM tb_stat Query id: 323ffecb-6e19-4c1a-998c-d415410c0de8 ┌─id─┬─region──┬─group─┬─yesterday─┬─today─┬───────────stat_date─┐ │ 4 │ 1232364 │ 222 │ 89 │ 222 │ 2020-03-25 12:13:00 │ │ 7 │ 1232364 │ 333 │ 76 │ 128 │ 2020-03-25 12:11:00 │ └────┴─────────┴───────┴───────────┴───────┴─────────────────────┘ ┌─id─┬─region──┬─group─┬─yesterday─┬─today─┬───────────stat_date─┐ │ 1 │ 1232364 │ 111 │ 32 │ 2 │ 2021-07-09 12:56:00 │ └────┴─────────┴───────┴───────────┴───────┴─────────────────────┘ ┌─id─┬─region──┬─group─┬─yesterday─┬─today─┬───────────stat_date─┐ │ 2 │ 1232364 │ 111 │ 34 │ 44 │ 2021-07-09 12:21:00 │ └────┴─────────┴───────┴───────────┴───────┴─────────────────────┘ 4 rows in set. Elapsed: 0.009 sec.# 數據入庫操作【報錯Cannot execute query in readonly mode 可見當前用戶是只讀模式】 tcloud :) INSERT INTO tb_stat VALUES( '1','1232364', '111', 32, 2, '2021-07-09 12:56:00' );INSERT INTO tb_stat VALUES Query id: b9dc2175-554c-4b26-9127-bb0b88064d42 0 rows in set. Elapsed: 0.027 sec. Received exception from server (version 21.7.2): Code: 164. DB::Exception: Received from localhost:9000. DB::Exception: admin: Cannot execute query in readonly mode.

總結

以上是生活随笔為你收集整理的ClickHouse【环境搭建 02】设置用户密码的两种方式（明文+SHA256）及新用户添加及只读模式 Cannot execute query in readonly mode 问题解决的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。