Mongodb replicaset creation with authentication through docker script - mongodb

I am struggling to find out the solution to authenticate my mongo db replica set through docker script.I am able to achieve the target on native mongo of server but in docker image I am not able to implement the authentication.(I am able to create the replicaset on docker image as well).

I was facing the same issue, i had to do the process in a different order.
Try setting up the authentication first and then create replications.
1.start docker mongo without replica or auth
docker run --rm -p 22222:27017 -v datadb1:/data/db --name mongonew mongo:2.6
2.connect with mongo and add users you want. And make sure you add a superuser, we will use this user to initiate replication later
db.createUser({ user: "superuser", pwd: "superuser", roles: [ "userAdminAnyDatabase","readWriteAnyDatabase","dbAdminAnyDatabase","clusterAdmin" ]})
3.stop docker mongo and restart with replica and auth
docker run --rm -p 22222:27017 -v datadb1:/data/db --name mongonew mongo:2.6 --replSet replocalnew --auth
4.connect with mongo now. authenticate with the superuser we created.
db.auth("superuser","superuser");
5.now initiate replication
rs.initiate();

Related

How to connect Mongo docker container to mongodb compass community installed on host

1. Pulled docker image
2. Started container by:
$ docker run mongo
3. Took the ip of container by:
$ docker inspect --format '{{ .NetworkSettings.IPAddress }}' container_name_or_id
4. Launched mongodb compass client on host and tried to connect to the ip
If map the container port to host port like this, then you can directly connect with loopback(127.0.0.1) ip or localhost. So you do not need to check for container IP every time. This IP is going to change everytime you create mongo container.
sudo docker run -d -p 27017:27017 -v ~/data:/data/db mongo
What kind of errors are you seeing when you attempt to connect? I'd start by locking down the IP like the previous answer suggests and try to take note of the specific errors being thrown. I've had authentication issues in the past, which weren't made very descriptive by Compass.
If you're still stuck, you could try the Docker Compose configuration I use:
https://github.com/alexmacarthur/local-docker-db/tree/master/mongo
After spinning up the container, you should be able to create databases with users. Ex:
use admin;
db.auth("root", "password");
use myDatabase;
db.createUser({user: "root", pwd: "password", roles:[{role: "readWrite" , db:"myDatabase"}]});
Once a DB and respective user are created, you should be able to access the DB through a string like this:
mongodb://user:password#localhost:27017/myDatabase
I don't know what kind of application you're building, but this might at least be able to help get you up & running for the time being.

Mongodb authentication inside a docker container

This is my situation. I have a mongodb docker container instance and i need to change the admin password. Now, I have the credentials to connect to the mongodb just fine, using the host and ip and the credentials. I have access to the server via ssh and I need to change the admin password. But if i do,
mongo manager --port 27017 -u "admin" -p "--------"
--authenticationDatabase "manager"
Gives me an authentication error. And i cannot run any administration commands such as: db.auth('admin', 'password')
My question is how can i stop mongo inside the container if i do?
docker exec -it mongodb bash
Any other workaround will work. The goal is the change the password or create a new admin user to control the users and roles.
Thank you so much for the help. Please let me know if more information is needed.
Are you sure your authenticationDatabase is "manager"?
In anyway, you don't need to stop mongo proces to interact with database but authenticate a user with necessary privileges using mongo shell.
Get access to running mongo container:
$ docker exec -it «container_name» bash
Authenticate using mongo shell:
$ mongo -u admin -p 123admin --authenticationDatabase admin
Once you authenticated, run shell script to switch to database that holds user's data.
$ use admin
Run changeUserPassword command to change password:
$ db.changeUserPassword("admin", "admin123")
Thats it.

Connect to container's localhost interface in Docker

Is it possible to connect to a process running in a Docker container but exactly via container's loopback interface ?
Basically I am looking for this option:
docker run ... -p 12345:127.0.0.1:12345 ...
This is rejected by Docker.
The use case is for example to setup Mongo admin user via Localhost Exception
You have the port mapping slightly wrong. Try it like this:
$ docker run -itd -p 27117:27017 mongo
so 27117 is the port you can connect to outwith the docker container, and 27017 is the port mongod is running on within docker
So when I connect the mongo shell I can connect to the mongod within docker like:
$ mongo --port 27117
Try like this :
Step 1 :
pulling mongo image from docker.
docker pull mongo
Step 2 :
Create new directory for storing mongodb data in you shared location like /home/user/databases/mongo
Step 3:
Run mongodb from docker image using below command
if you want change the mongodb port like 12345 set it in the command. 27017 is globally declared in docker you cannot change it but i want locally change the mongodb port like 12345
docker run -d -p 12345:27017 -v /home/user/databases/mongo:/data/db --name mongodb mongo

MongoDB with Docker Authentication

I have set up a docker with MongoDB Image. By default it has no password set up. I made a user and assigned it roles, which works perfectly well. But the issue is that the connection is still possible without authentication.
Connect with Authentication > Right Username, Right Password -> CONNECTED
Connect with Authentication > Right Username, Wrong Password -> CONNECTION FAILED
Connection without Authentication > CONNECTED
I want the 3rd point to stop working.
Steps:-
1) Run a docker instance without authentication
$ docker run --name container-name -d -p 27017:27017 -v ~/mongodb:/data/db mongo
2) Create a main administrator user with admin roles
$ mongo --port 27017
$ use admin;
$ db.createUser({user: "adminUserName",pwd: "adminPassword",roles: [{ role: "userAdminAnyDatabase", db: "admin" }})
This will create a user in the admin database with roles "userAdminAnyDatabase". This is like a superuser.
3) Create User for a particular database
$ use
$ db.createUser({user: "dev-read-username",pwd: "dev-read-password",roles:["read"]})
-- User with "read" role
$ db.createUser({user: "dev-write-username",pwd: "dev-write-password",roles:["readWrite"]})
-- User with "readWrite" role
For list of roles available or how to create custom roles, please check https://docs.mongodb.com/manual/reference/built-in-roles/
4) Remove the docker container
$ docker ps -a
$ docker stop container_id
$ docker rm container_id
5) Run the docker instance with authentication enabled
$ docker run --name container-name -d -p 27017:27017 -v ~/mongodb:/data/db mongo --auth
I assume you might not have started the docker container with --auth enabled. Once you start with --auth enabled, then you will not be able to connect without credentials.
Run with auth option to add authorizations docker run --name some-mongo -d mongo --auth
You should create an admin user. You can check if admin user exists using db.getSiblingDB('admin').system.users.find() or create one like : db.createUser({ user: 'jsmith', pwd: 'some-initial-password', roles: [{ role: "userAdminAnyDatabase", db: "admin" } ] });
Source : https://hub.docker.com/r/library/mongo/

How to allow remote connections from mongo docker container

I am using the official mongodb docker container.
I want to connect to the mongodb container from my host machine on port 27017.
I ran the container with these ports exposed
-p 27017:27017
I am not able to connect (connection refused) and I believe its because the mongo conf file is not configured to allow remote connections. How can I configure it to allow? The official container does not have vi/nano installed to modify the image.
I am able to connect to mongodb from another container by creating a link - however this is not my wish
Better solutions for furthering:
https://blog.madisonhub.org/setting-up-a-mongodb-server-with-auth-on-docker/
https://docs.mongodb.com/v2.6/tutorial/add-user-administrator/
My answer to another question. How to enable authentication on MongoDB through Docker?
Here's what I did for the same problem, and it worked.
Run the mongo docker instance on your server
docker run -d -p 27017:27017 -v ~/dataMongo:/data/db mongo
Open bash on the running docker instance.
docker ps
CONTAINER IDIMAGE COMMAND CREATED STATUS PORTS NAMES
b07599e429fb mongo "docker-entrypoint..." 35 minutes ago Up 35 minutes 0.0.0.0:27017->27017/tcp musing_stallman
docker exec -it b07599e429fb bash
root#b07599e429fb:/#
Reference- https://github.com/arunoda/meteor-up-legacy/wiki/Accessing-the-running-Mongodb-docker-container-from-command-line-on-EC2
Enter the mongo shell by typing mongo.
root#b07599e429fb:/# mongo
For this example, I will set up a user named ian and give that user read & write access to the cool_db database.
> use cool_db
> db.createUser({
user: 'ian',
pwd: 'secretPassword',
roles: [{ role: 'readWrite', db:'cool_db'}]
})
Reference: https://ianlondon.github.io/blog/mongodb-auth/ (First point only)
Exit from mongod shell and bash.
Now run the mongo docker with auth enabled.
docker run -d -p 27017:27017 -v ~/dataMongo:/data/db mongo mongod --auth
Reference: How to enable authentication on MongoDB through Docker? (Usman Ismail's answer to this question)
I was able to connect to the instance running on a Google Cloud server from my local windows laptop using the below command.
mongo <ip>:27017/cool_db -u ian -p secretPassword
Reference: how can I connect to a remote mongo server from Mac OS terminal