Docker 中的 Mongo 身份验证 [英] Mongo authentication inside Docker
问题描述
我正在尝试通过身份验证运行 mongo docker 映像.遵循文档中最简单的示例我通过 docker-compose up 命令运行了 mongo 和 mongo-express 图像.我的 docker-compose.yml 在这个阶段:
I am trying to run the mongo docker image with authentication. Following the most simple example from the documentation I ran the mongo and the mongo-express images by the docker-compose up command. My docker-compose.yml at this stage:
version: '3.1'
services:
mongo:
image: mongo
restart: always
environment:
MONGO_INITDB_ROOT_USERNAME: root
MONGO_INITDB_ROOT_PASSWORD: example
mongo-express:
image: mongo-express
restart: always
ports:
- 8081:8081
environment:
ME_CONFIG_MONGODB_ADMINUSERNAME: root
ME_CONFIG_MONGODB_ADMINPASSWORD: example
这会运行,两个容器都可以正常启动,我可以从 mongo-express 网站浏览 mongo 的内容.但是,每当我更改 docker-compose.yml 文件中的用户名或密码时,例如:
This runs, both containers start ok and I can browse the contents of mongo from the mongo-express website. However, whenever I change the username or the password in the docker-compose.yml file, for example to this:
version: '3.1'
services:
mongo:
image: mongo
restart: always
environment:
MONGO_INITDB_ROOT_USERNAME: root
MONGO_INITDB_ROOT_PASSWORD: example123
mongo-express:
image: mongo-express
restart: always
ports:
- 8081:8081
environment:
ME_CONFIG_MONGODB_ADMINUSERNAME: root
ME_CONFIG_MONGODB_ADMINPASSWORD: example123
mongo-express 抛出一条未经授权的错误消息:
the mongo-express throws an unauthotrized error message:
mongo-express_1 | Admin Database connected
mongo-express_1 | { MongoError: Authentication failed.
mongo-express_1 | at Function.MongoError.create (/node_modules/mongodb-core/lib/error.js:31:11)
mongo-express_1 | at /node_modules/mongodb-core/lib/connection/pool.js:483:72
mongo-express_1 | at authenticateStragglers (/node_modules/mongodb-core/lib/connection/pool.js:429:16)
mongo-express_1 | at Connection.messageHandler (/node_modules/mongodb-core/lib/connection/pool.js:463:5)
mongo-express_1 | at Socket.<anonymous> (/node_modules/mongodb-core/lib/connection/connection.js:319:22)
mongo-express_1 | at emitOne (events.js:116:13)
mongo-express_1 | at Socket.emit (events.js:211:7)
mongo-express_1 | at addChunk (_stream_readable.js:263:12)
mongo-express_1 | at readableAddChunk (_stream_readable.js:250:11)
mongo-express_1 | at Socket.Readable.push (_stream_readable.js:208:10)
mongo-express_1 | name: 'MongoError',
mongo-express_1 | message: 'Authentication failed.',
mongo-express_1 | ok: 0,
mongo-express_1 | errmsg: 'Authentication failed.',
mongo-express_1 | code: 18,
mongo-express_1 | codeName: 'AuthenticationFailed' }
mongo-express_1 | unable to list databases
mongo-express_1 | { MongoError: command listDatabases requires authentication
mongo-express_1 | at Function.MongoError.create (/node_modules/mongodb-core/lib/error.js:31:11)
mongo-express_1 | at /node_modules/mongodb-core/lib/connection/pool.js:483:72
mongo-express_1 | at authenticateStragglers (/node_modules/mongodb-core/lib/connection/pool.js:429:16)
mongo-express_1 | at Connection.messageHandler (/node_modules/mongodb-core/lib/connection/pool.js:463:5)
mongo-express_1 | at Socket.<anonymous> (/node_modules/mongodb-core/lib/connection/connection.js:319:22)
mongo-express_1 | at emitOne (events.js:116:13)
mongo-express_1 | at Socket.emit (events.js:211:7)
mongo-express_1 | at addChunk (_stream_readable.js:263:12)
mongo-express_1 | at readableAddChunk (_stream_readable.js:250:11)
mongo-express_1 | at Socket.Readable.push (_stream_readable.js:208:10)
mongo-express_1 | name: 'MongoError',
mongo-express_1 | message: 'command listDatabases requires authentication',
mongo-express_1 | ok: 0,
mongo-express_1 | errmsg: 'command listDatabases requires authentication',
mongo-express_1 | code: 13,
mongo-express_1 | codeName: 'Unauthorized' }
无论我在 docker-compose.yml 中输入什么用户名或密码,我都无法让 mongo-express 连接到 mongo,只有当我使用原始的 root 和example 对.
No matter what username or password I enter in docker-compose.yml, I cannot make mongo-express connect to mongo, only if I use the original root and example pair.
请注意,我没有将用户名和密码作为环境变量,而是直接将它们输入到 docker-compose.yml 文件中,如您在此处看到的那样.
Note, that I am not getting the username and password as environment variables, but they are directly typed into the docker-compose.yml file as you can see here.
另请注意,当我将 MONGO_INITDB_ROOT_USERNAME 和 MONGO_INITDB_ROOT_PASSWORD(mongo 的)变量更改为任何内容时,它们似乎没有效果,我仍然可以连接使用原始根和示例凭据的 mongo-express.
Also note, that when I change the MONGO_INITDB_ROOT_USERNAME and MONGO_INITDB_ROOT_PASSWORD (mongo's) variables to anything, they don't seem to have an effect, I can still connect with mongo-express using the original root and example credentials.
是什么导致了这种行为?我怎样才能使这项工作?
What causes this behaviour? How can I make this work?
推荐答案
你的 docker-compose 命令:
Your docker-compose command:
docker-compose up --build --force-recreate
Mongo 镜像 使用匿名卷,所以你还需要 --renew-anon-volumes (doc):
Mongo image uses anonymous volumes, so you need also --renew-anon-volumes (doc):
docker-compose up --build --force-recreate --renew-anon-volumes
否则使用已初始化数据库的先前卷 => 不会使用 INITDB 环境变量.
Otherwise previous volume with already initialized DB is used => INITDB env variables won't be used.
这篇关于Docker 中的 Mongo 身份验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
