I've got the following docker compose file with MongoDB container:
version: '3.6'
services:
mongo:
image: mongo
volumes:
- ./keyfile.txt:/data/keyfile.txt
entrypoint:
- bash
- -c
- |
cp /data/keyfile.txt /data/replica.key
chmod 400 /data/replica.key
chown 999:999 /data/replica.key
exec docker-entrypoint.sh $$#
command: "--bind_ip_all --replSet rs0 --keyFile /data/replica.key"
environment:
MONGO_INITDB_ROOT_USERNAME: root
MONGO_INITDB_ROOT_PASSWORD: example
healthcheck:
test: test $$(echo "rs.initiate().ok || rs.status().ok" | mongo -u root -p example --quiet) -eq 1
interval: 10s
retries: 3
network_mode: host
I have to get rid of network_mode: host, so I changed it to
ports:
- "27017:27017"
After that change, I'm not able to connect to the mongo outside of the docker network.
I'm trying to connect to the database using Compass with the following URI:
mongodb://root:example#localhost:27017/?authMechanism=DEFAULT
How to fix that?
This is fully working example.
I'm recommending to create custom DB and custom user instead of using root user.
Use special path of auto-executing queries and create one or multiple databases.
mongodb:
image: mongo:latest
restart: always
ports:
- "27017:27017"
volumes:
- ./var/mongodb:/data/db
- ./mongo-init.js:/docker-entrypoint-initdb.d/mongo-init.js:ro
environment:
MONGO_INITDB_ROOT_USERNAME: root
MONGO_INITDB_ROOT_PASSWORD: pass
mongo-init.js
db = db.getSiblingDB('SOME_DB');
db.createUser({
user: 'some_db_user',
pwd: '12345',
roles: [{ role: 'readWrite', db: 'SOME_DB' }],
});
db = db.getSiblingDB('SOME_OTHER_DB');
db.createUser({
user: 'some_other_db_user',
pwd: '12345',
roles: [{ role: 'readWrite', db: 'SOME_OTHER_DB' }],
});
db.createCollection('test');
Related
I am creating mongo:latest container on my machine using docker-compose.
This is my docker-compose.yaml:
version: '3.6'
services:
backend:
image: backend:1.0.0
container_name: backend
ports:
- '5000:5000'
links:
- mongodb
environment:
NODE_ENV: PRODUCTION
API_PORT: 5000
MONGO_USERNAME: root
MONGO_PASSWORD: rootPassXXX
MONGO_HOST: mongodb
MONGO_PORT: 27017
MONGO_DATABASE: automatic
JWT_TOKEN: Auto
scheduler:
image: scheduler:1.0.0
container_name: scheduler
links:
- mongodb
environment:
NODE_ENV: PRODUCTION
API_PORT: 5000
MONGO_USERNAME: root
MONGO_PASSWORD: rootPassXXX
MONGO_HOST: mongodb
MONGO_PORT: 27017
MONGO_DATABASE: automatic
mongodb:
image: mongo
container_name: mongodb
expose:
- 27017
ports:
- '27017:27017'
environment:
- MONGO_INITDB_ROOT_USERNAME=root
- MONGO_INITDB_ROOT_PASSWORD=rootPassXXX
volumes:
- ./conf/mongodb:/data/db
volumes:
autoc:
external: true
networks:
default:
external:
name: automatic
After creating those containers I am receiving from them an error: MongoServerError: Authentication failed.
This is the URI that the application is trying to connect: mongodb://root:rootPassXXX#mongodb:27017/matiautomai.
While trying to investigate what was happening, I was trying to log in to the same mongo container
that initializes with the user name and password variables without the credentials using that way: mongodb://mongodb:27017/automatic, And the application manages to connect to it.
I've reviewed the docs inside the Docker hub and it seems to be that I used the environment variables in the correct way.
What am I missing here?
After seeing your helpful comments, I found the solution for this issue.
I needed to initialize a one-time docker-compose with an initial script that located inside.
docker-compose.yaml:
version: '3.7'
services:
mongodb:
container_name: mongodb
image: mongo:latest
restart: always
ports:
- 27017:27017
environment:
MONGO_INITDB_ROOT_USERNAME: root
MONGO_INITDB_ROOT_PASSWORD: password
MONGO_INITDB_DATABASE: root-db
volumes:
- ./docker-entrypoint-initdb.d/mongo-init.js:/docker-entrypoint-initdb.d/mongo-init.js:ro
This is the script that located inside ./docker-entrypoint-initdb.d/mongo-init.js:
print('start ~~~~');
db = db.getSiblingDB('yourDBname');
db.createUser(
{
user: 'username',
pwd: 'password',
roles: [{ role: 'readWrite', db: 'yourDBname' }],
},
);
db.createCollection('users');
print('end ~~~~');
After that, you will be able to connect to mongo with the credential you have set in the .js file.
I'm following the Mongo documentation for create init user with database and collection on first start of container, but when i create user with readWrite permissions i can't access my "dashboard" database with the collection "person_file_upload", with permission denied warning.
I just want to create an non-root user to read and write my database only. Is anything wrong with my script?
version: '3.8'
services:
mongo:
image: mongo:4.4.3-bionic
environment:
MONGO_INITDB_ROOT_USERNAME: root
MONGO_INITDB_ROOT_PASSWORD: mypassword
MONGO_INITDB_DATABASE: admin
volumes:
- ./proativa-dashboard-mongo/data:/data/db
- ./proativa-dashboard-mongo/init/mongo-init.js:/docker-entrypoint-initdb.d/mongo-init.js:ro
restart: always
ports:
- "127.0.0.1:27017:27017"
networks:
- mongo
container_name: mongo
db.createUser({
user: 'dashboard',
pwd: 'dashboard',
roles: [{
role: 'readWrite',
db: 'admin',
}]
});
db = db.getSiblingDB('dashboard');
db.createCollection('person_file_upload');
version: '3.1'
services:
mongo:
image: mongo
restart: always
environment:
MONGO_INITDB_ROOT_USERNAME: root
MONGO_INITDB_ROOT_PASSWORD: example
MONGO_INITDB_DATABASE: test
volumes:
- /home/victor/Desarrollo/docker/mongo:/data/db
- ./init-mongo.js:/docker-entrypoint-initdb.d/init-mongo.js:ro
ports:
- "27017:27017"
command:
- init-mongo.sh
mongo-express:
image: mongo-express
restart: always
ports:
- 8081:8081
environment:
ME_CONFIG_MONGODB_ADMINUSERNAME: root
ME_CONFIG_MONGODB_ADMINPASSWORD: example
and this init-mongo.sh in the same directory
db.auth("root","example")
use test
db.createUser(
{
user: "myTester",
pwd: "example", // or cleartext password
roles: [ { role: "readWrite", db: "test" } ]
}
)
db.createCollection("collectiontest");
when I build up this, the services wont start, it says its restarting, if I quit the command option from YAML, it works, but I need to create a user and a collection when I install MongoDB with docker.
How can I do that?
Thanks.
I'm trying to see the contents of a collection using MongoDB Compass. I have username/password authentication set up. I can log in successfully but can't see any documents in the collection. Instead, I see the error:
An error occurred while loading navigation: command hostInfo requires authentication.
Docker Compose file
version: '3.7'
services:
mongo:
image: mongo
restart: always
ports:
- 27017:27017
environment:
MONGO_INITDB_ROOT_USERNAME: admin
MONGO_INITDB_ROOT_PASSWORD: pass
volumes:
- ./mongo/init-mongo.js:/docker-entrypoint-initdb.d/init-mongo.js:ro
- ./mongo:/data/db
mongo-express:
image: mongo-express
restart: always
ports:
- 8081:8081
environment:
ME_CONFIG_BASICAUTH_USERNAME: rmurad93
ME_CONFIG_BASICAUTH_PASSWORD: Qwert111
ME_CONFIG_MONGODB_PORT : 27017
ME_CONFIG_MONGODB_ADMINUSERNAME: admin
ME_CONFIG_MONGODB_ADMINPASSWORD: pass
init-mongo.js file
use admin
db.createUser({
user: "rmurad93",
pwd: "password",
roles: [ { role: "root", db: "admin" } ]
})
Line in terminal mongo compass
mongodb://localhost:27017/rmurad93:password
to connect to MongoCompass you should follow this pattern
mongodb://USERNAME:PASSWORD#localhost:27017/DB_NAME
If you still can't connecting, try using (Fill in connection fields individually)
option shown above instead of (Paste connection string)
Trying to bring docker-compose up with the following:
version: '3.1'
services:
mongo:
image: mongo
container_name: mongo-db
networks:
- mongo
restart: always
environment:
MONGO_INITDB_ROOT_USERNAME: ${MONGO_ROOT_USER}
MONGO_INITDB_ROOT_PASSWORD: ${MONGO_ROOT_PASSWORD}
MONGO_INITDB_DATABASE: ${MONGO_INITDB_DATABASE}
ports:
- 27017:27017
volumes:
- ./mongo-init.js:/docker-entrypoint-initdb.d/mongo-init.js:ro
mongo-express:
image: mongo-express:latest
container_name: mongo-express
restart: always
networks:
- mongo
depends_on:
- mongo
ports:
- 8081:8081
environment:
ME_CONFIG_MONGODB_SERVER: mongo
ME_CONFIG_MONGODB_PORT: 27017
ME_CONFIG_MONGODB_ADMINUSERNAME: ${MONGO_ROOT_USER}
ME_CONFIG_MONGODB_ADMINPASSWORD: ${MONGO_ROOT_PASSWORD}
The entry point js file as below:
db.createUser(
{
user: "dba",
pwd: "dba",
roles: [
{
role: "readWrite",
db: "mydb"
}
]
}
);
The variables are defined in .env file as below:
MONGO_ROOT_USER=root
MONGO_ROOT_PASSWORD=root
MONGO_INITDB_DATABASE=mydb
MONGOEXPRESS_LOGIN=dev
MONGOEXPRESS_PASSWORD=dev
When I login to mongo-express, I don't see the user or the db that is created by mongo-init.js
Also, I can't login if I try to connect using:
docker exec -it mongo-db mongo --username dba
However, if I use the following I can connect but still don't see mydb when I run show dbs:
docker exec -it mongo-db mongo --username root
What's happening here?
Thanks in advance
I think you need to change the env to:
MONGO_INITDB_ROOT_USERNAME
MONGO_INITDB_ROOT_PASSWORD
These variables, used in conjunction, create a new user and set that
user's password. This user is created in the admin authentication
database and given the role of root, which is a "superuser" role.
see the Docs
another note:
if you do not insert data with your JavaScript files, then no database is created.
MONGO_INITDB_DATABASE
This variable allows you to specify the name of a database to be used
for creation scripts in /docker-entrypoint-initdb.d/*.js (see
Initializing a fresh instance below). MongoDB is fundamentally
designed for "create on first use", so if you do not insert data with
your JavaScript files, then no database is created.