简体繁体 English

使用身份验证重新启动 mongodb docker

[英]restart mongodb docker with auth

原文 2016-10-10 21:35:56 2 2 mongodb/ docker

I have a mongoDB docker with name hi_mongo and id 123456789 I have some data already stored in the DB.我有一个名为hi_mongo和 id 123456789的 mongoDB docker 我有一些数据已经存储在数据库中。 I have stopped it sometime back and restarted with the command:我已经停止了它并使用以下命令重新启动：
docker restart 123456789

But now I want to restart this docker with authorization enabled.但现在我想在启用授权的情况下重新启动这个 docker。 How to do it without making a new mongoDB docker.如何在不制作新的 mongoDB docker 的情况下做到这一点。

What I have tried so far is - enter this mongoDB container using:到目前为止我尝试过的是 - 使用以下方法输入这个 mongoDB 容器：
docker exec -it 123456789 /bin/bash
and tried editing the /etc/mongo.conf.orig file and setting the authorization:'enabled' thinking that when I restart the docker from host mongod will restart with auth enabled but that is not the case.并尝试编辑/etc/mongo.conf.orig file并设置authorization:'enabled'认为当我从主机重新启动 docker 时，mongod 将在启用身份验证的情况下重新启动，但事实并非如此。

2 个解决方案

Would be able to enable auth by modifying the entrypoint.sh in container.可以通过修改容器中的 entrypoint.sh 来启用身份验证。 Try below steps:尝试以下步骤：

1) docker exec -it yourcontainer bash 1) docker exec -it yourcontainer bash

2) find out the mongo configs in your run. 2）找出运行中的mongo配置。 it is probably just exec mongod.它可能只是 exec mongod。 but for safety, find it out first.但为了安全起见，先找出来。

sed -i 's/exec "$@"/echo "new entrypoint $@" > \/tmp\/echo.txt/g' entrypoint.sh

stop and start container again.停止并再次启动容器。 attach to container and check /tmp/echo.txt.附加到容器并检查 /tmp/echo.txt。

3) replace exec "$@" in entrypoint.sh with like exec mongod --auth . 3) 将 entrypoint.sh 中的exec "$@"替换为 like exec mongod --auth 。

4) restart the container, mongod should run with auth enabled. 4) 重新启动容器，mongod 应该在启用身份验证的情况下运行。

You should really consider to store the data in a volume instead inside the container.您真的应该考虑将数据存储在一个卷中，而不是在容器内。

I am using MongoDB 3.4 and It looks fine.我正在使用 MongoDB 3.4，它看起来不错。 What I did is that我所做的是

Stop your running container.停止正在运行的容器。 ( docker stop your_container_name ) ( docker stop your_container_name )
db.createUser({"user":"admin","pwd":"password","roles":[ {role:"root",db:"admin"}]}); db.createUser({"user":"admin","pwd":"password","roles":[ {role:"root",db:"admin"}]});
Edit your mongodb config.编辑您的 mongodb 配置。 ( in my case /etc/mongod.conf ) （在我的情况下 /etc/mongod.conf ）
Restart your container.重启你的容器。 ( docker restart your_container_name) （ docker 重新启动 your_container_name ）

When you tried to create new user after login then you will get folowing an error.当您在登录后尝试创建新用户时，您将收到以下错误。

db.createUser({"user":"demo","pwd":"password","roles":[ {role:"read",db:"admin"}]}); db.createUser({"user":"demo","pwd":"password","roles":[ {role:"read",db:"admin"}]}); 2016-12-24T14:17:43.949+0000 E QUERY 2016-12-24T14:17:43.949+0000 电子查询
[main] Error: couldn't add user: not authorized on admin to execute command { createUser: "demo", pw d: "xxx", roles: [ { role: "read", db: "admin" } ], digestPassword: false, writeConcern: { w: "majority", wtimeout: 300000.0 } } : _getErrorWithCode@src/mongo/shell/utils.js:25:13 DB.prototype.createUser@src/mongo/shell/db.js:1290:15 [主]错误：无法添加用户：管理员未授权执行命令{ createUser：“demo”，pw d：“xxx”，角色：[{角色：“read”，db：“admin”}]， digestPassword: false, writeConcern: { w: "majority", wtimeout: 300000.0 } } : _getErrorWithCode@src/mongo/shell/utils.js:25:13 DB.prototype.createUser@src/mongo/shell/db.js: 1290:15

Hope this helps you.希望这对您有所帮助。