Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Replica set with Auth #179

Closed
kalpakrg opened this issue May 12, 2017 · 1 comment
Closed

Replica set with Auth #179

kalpakrg opened this issue May 12, 2017 · 1 comment

Comments

@kalpakrg
Copy link

I am having issues setting up replicaset with auth using image mongo:3.4. If --replSet switch is passed to the process, entrypoint starts the mongod in replica set mode upfront which prevents from adding default users.

Here's what I want to do,

  1. Add root user on first boot.
  2. Add a new database and user for that database on first boot.
  3. Boot mongod in replica set mode.
  4. rs.initialize() the node on first boot.
  5. Boot to replica set mode automatically thereafter.

1, is taken care by MONGO_INITDB_ROOT_USERNAME & MONGO_INITDB_ROOT_PASSWORD variables, although this fails with --replSet switch passed.
2, 3 & 4 I am taking care through 01-init-db.sh under /docker-entrypoint-initdb.d directory

Here's my Dockerfile

FROM mongo:3.4

ARG MONGO_GID=1000
ARG MONGO_UID=1000

RUN groupmod -g $MONGO_GID mongodb && usermod -u $MONGO_UID -g $MONGO_GID mongodb

RUN mkdir -p /docker-entrypoint-initdb.d
ADD docker-entrypoint-initdb.d/* /docker-entrypoint-initdb.d/
RUN chmod +x /docker-entrypoint-initdb.d/*.sh

and 01-init-db.sh present in docker-entrypoint-initdb.d directory

#!/bin/bash

if ! [[ -a /data/db/mydb-initialized ]]; then
	mongo <<-EOF
		use admin;
		db.auth("$MONGO_INITDB_ROOT_USERNAME", "$MONGO_INITDB_ROOT_PASSWORD");
		use MYDB;
		db.createUser({ 
			user: "myuser", p
			wd: "password", 
			roles: [ "readWrite" ] 
		});
	EOF
	
	mongod --shutdown \
		&& mongod --fork --logpath=/var/log/mongod.log --replSet replica0 \
		&& mongo <<-EOF
			use admin;
			db.auth("$MONGO_INITDB_ROOT_USERNAME", "$MONGO_INITDB_ROOT_PASSWORD");
			rs.initiate({
				_id: "replica0",
				members: [
					{ _id: 0, host: "localhost:27017" }
				]
			});
		EOF

	touch /data/db/mydb-initialized
fi

I tried overriding the CMD with -f <config file> or --replSet option, but figured that my --replSet switch gets passed to ENTRYPOINT which again breaks the thing (new to Docker still don't understand this well)
@kalpakrg
Copy link
Author

Solved it by making changes in my 01-init-db.sh script as below,

#!/bin/bash

if ! [[ -a /data/db/mydb-initialized ]]; then
	mongod --shutdown \
	&& mongod --fork --logpath /var/log/mongod.log \
	&& mongo <<-EOF
		use admin;

		db.createUser({ 
			user: "$MONGO_INIT_USER",
			pwd: "$MONGO_INIT_PASSWORD", 
			roles: [ "root" ] 
		});
		
		use MYDB;
		
		db.createUser({ 
			user: "myuser",
			pwd: "password", 
			roles: [ "readWrite" ] 
		});
	EOF
	
	mongod --shutdown \
		&& mongod --auth --fork --logpath /var/log/mongod.log --replSet replica0 \
		&& mongo <<-EOF
			use admin;
			db.auth("$MONGO_INIT_USER", "$MONGO_INIT_PASSWORD");
			rs.initiate({
				_id: "replica0",
				members: [
					{ _id: 0, host: "localhost:27017" }
				]
			});
		EOF
	
	touch /data/db/mydb-initialized
fi

and booting the image with docker run -it myimage mongod --auth --replSet replica0

Basically, done away with image's default user creation and handled that myself through my own environmental variables.

This now allows to boot the image with auth and replicaset mode enabled with the given node initialized as primary.

@shalev67 shalev67 mentioned this issue May 24, 2017
Closed
@adalga adalga mentioned this issue Nov 3, 2017
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@kalpakrg