问题
I am new to Docker and I have read the Mongo Docker Docs. I need some help setting up a simple application.
I want a local mongodb that dumps / uses a database named "my_test_db"
and writes to <project-dir>/mongo/my_test_db
Here is my simple project:
# project structure
<project-dir>/
-- .env
-- docker-compose.yml
-- mongo/
-- + -- my_test_db/
The .env file:
# <project>/.env
MONGO_INITDB_ROOT_USERNAME=test_user
MONGO_INITDB_ROOT_PASSWORD=test_pwrd
MONGO_INITDB_DATABASE=my_test_db
MONGO_DATA_DIR=/mongo/my_test_db
MONGO_LOG_FILE=/mongo/mongodb.log
my attempt at docker compose:
#docker-compose.yml
version: '3'
services:
mongodb:
image: mongo:4.0
# load env variables
env_file:
- .env
# map data_dir to host <project>/<data_dir>
volumes:
- ".${MONGO_DATA_DIR}:${MONGO_DATA_DIR}"
expose:
- 27017
# set env vars with loaded vars (appears to be necessary for the user to be created, despite loading them with env_file)
environment:
MONGO_INITDB_ROOT_USERNAME: ${MONGO_INITDB_ROOT_USERNAME}
MONGO_INITDB_ROOT_PASSWORD: ${MONGO_INITDB_DATABASE}
MONGO_INITDB_DATABASE: ${MONGO_INITDB_DATABASE}
# map ports
ports:
- 27017:27017
command: "mongod --smallfiles"
container_name: mongodb-test
# --logpath=.${MONGO_LOG_FILE} # when added to command fails
then in two shells I have
#shell-1
<project-dir>$ docker-compose up
# I see my user created
# I see "MongoDB starting : pid=1 port=27017 dbpath=/data/db 64-bit host=e19ea190b601" so my custom db isnt made on init...
#shell-2
# <project-dir>$ mongo 27017 --usernamne test_user --password test_pwrd # does fails to connect
<project-dir>$ mongo 27017 # connects
> db.getName()
# 27017 # so naming it didnt work
> show users
# Error: command usersInfo requires authentication
> use my_test_db
> db.myColl.insert({'name': 'test'})
# WriteCommandError({..., "codeName": "Unauthorized"})
I am currently testing on macOS (as docs state that this might be relevant)
What am I doing wrong? I understand the concept of docker but personally don't use it as it is a pain to get used too... but I'm trying to learn.
回答1:
- For the authentication part: have you tried to add
--authenticationDatabase adminin order to be able to login ? Regarding
MONGO_INITDB_DATABASEit wont be effective unless you have a script under/docker-entrypoint-initdb.d/as shown in the docker-entrypoiny.sh that is used in the mongodb image so you can have a bash script indocker-entrypoint-initdb.d/with that said.Using the root user as an owner for your application db is not a security wise as it will have the ability to control everything in the mongodb instance.
IMHO a better approach would be adding extra variables like the following:
MONGO_APPLICATION_DATABASEMONGO_APPLICATION_USERNAMEMONGO_APPLICATION_PASSWORD
Then add a bash script that will create the user and assign it to the database by using environment variables ( you need to mount it to docker-entrypoint-initdb.d):
You might need to change the user role as you see fit.
# initmongo/setup.sh mongo admin -u $MONGO_INITDB_ROOT_USERNAME -p $MONGO_INITDB_ROOT_PASSWORD --eval "db.getSiblingDB('$MONGO_APPLICATION_DATABASE').createUser({user: '$MONGO_APPLICATION_USERNAME', pwd: '$MONGO_APPLICATION_PASSWORD', roles: [{role: 'readWrite', db: '$MONGO_APPLICATION_DATABASE'}]});"In the docker-compose.yml add a volume to your current list of volumes
#docker-compose.yml volumes: - ".${MONGO_DATA_DIR}:${MONGO_DATA_DIR}" - "./initmongo/:/docker-entrypoint-initdb.d/"And finally remove this variable
MONGO_INITDB_DATABASEas there is no need for itIn order to login use the following command:
replace the variables with your actual values
docker exec -it container_name mongo -u "$MONGO_APPLICATION_USERNAME" -p "$MONGO_APPLICATION_PASSWORD" --authenticationDatabase "$MONGO_APPLICATION_DATABASE" "$MONGO_APPLICATION_DATABASE"For the
.envfile i am not sure what could cause this issue. do you have any warnings while using it ? Also Consider checking this comment or this
来源:https://stackoverflow.com/questions/54967329/mongodb-and-docker-via-docker-compose-auth-error-and-not-initalizing-db