官方镜像地址: https://hub.docker.com/_/mongo?tab=description
docker版的mongo移除了默认的/etc/mongo.conf, 修改了db数据存储路径为 /data/db.
创建configmap配置,注意不能加fork=true,否则Pod会变成Completed。
apiVersion: v1
kind: ConfigMap
metadata:
name: mongodb-conf
data:
mongodb.conf: |
dbpath=/data/middleware-data/mongodb
logpath=/data/middleware-data/mongodb/mongodb.log
pidfilepath=/data/middleware-data/mongodb/master.pid
directoryperdb=true
logappend=true
bind_ip=0.0.0.0
port=27017
创建StatefulSet:
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: mongodb
spec:
replicas: 1
serviceName: mongodb
selector:
matchLabels:
name: mongodb
template:
metadata:
labels:
name: mongodb
spec:
containers:
- name: mongodb
image: mongo:4.2.1
command:
- sh
- -c
- "exec mongod -f /data/middleware-data/mongodb/conf/mongodb.conf"
imagePullPolicy: IfNotPresent
ports:
- containerPort: 27017
name: mongodb
protocol: TCP
volumeMounts:
- name: mongodb-config
mountPath: /data/middleware-data/mongodb/conf/
- name: data
mountPath: /data/middleware-data/mongodb/
volumes:
- name: mongodb-config
configMap:
name: mongodb-conf
- name: data
hostPath:
path: /data/middleware-data/mongodb/
创建Service暴露端口:
kind: Service
apiVersion: v1
metadata:
labels:
name: mongodb
name: mongodb
spec:
type: NodePort
ports:
- name: mongodb
port: 27017
targetPort: 27017
nodePort: 30002
selector:
name: mongodb
接着使用以下命令添加用户和设置密码,并且尝试连接,以及修改密码:
[root@liabio mongodb]# kubectl exec -ti mongodb-0 -- mongo admin
MongoDB shell version v4.2.1
connecting to: mongodb://127.0.0.1:27017/admin?compressors=disabled&gssapiServiceName=mongodb
Implicit session: session { "id" : UUID("6d31af3f-3749-3111-87d2-7c8745pob66c") }
MongoDB server version: 4.2.1
Welcome to the MongoDB shell.
For interactive help, type "help".
For more comprehensive documentation, see
http://docs.mongodb.org/
Questions? Try the support group
http://groups.google.com/group/mongodb-user
Server has startup warnings:
2019-11-29T08:57:58.414+0000 I CONTROL [initandlisten]
2019-11-29T08:57:58.414+0000 I CONTROL [initandlisten] ** WARNING: Access control is not enabled for the database.
2019-11-29T08:57:58.414+0000 I CONTROL [initandlisten] ** Read and write access to data and configuration is unrestricted.
2019-11-29T08:57:58.414+0000 I CONTROL [initandlisten]
2019-11-29T08:57:58.414+0000 I CONTROL [initandlisten]
2019-11-29T08:57:58.414+0000 I CONTROL [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/enabled is 'always'.
2019-11-29T08:57:58.414+0000 I CONTROL [initandlisten] ** We suggest setting it to 'never'
2019-11-29T08:57:58.415+0000 I CONTROL [initandlisten]
2019-11-29T08:57:58.415+0000 I CONTROL [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/defrag is 'always'.
2019-11-29T08:57:58.415+0000 I CONTROL [initandlisten] ** We suggest setting it to 'never'
2019-11-29T08:57:58.415+0000 I CONTROL [initandlisten]
---
Enable MongoDB's free cloud-based monitoring service, which will then receive and display
metrics about your deployment (disk utilization, CPU, operation statistics, etc).
The monitoring data will be available on a MongoDB website with a unique URL accessible to you
and anyone you share the URL with. MongoDB may use this information to make product
improvements and to suggest MongoDB products and deployment options to you.
To enable free monitoring, run the following command: db.enableFreeMonitoring()
To permanently disable this reminder, run the following command: db.disableFreeMonitoring()
---
> db.createUser({ user:'admin',pwd:'910921',roles:[ { role:'userAdminAnyDatabase', db: 'admin'}]});
Successfully added user: {
"user" : "admin",
"roles" : [
{
"role" : "userAdminAnyDatabase",
"db" : "admin"
}
]
}
> db.auth('admin', '910921')
1
> db.changeUserPassword("admin","390191");
db.createUser({ user:'admin',pwd:'910921',roles:[ { role:'userAdminAnyDatabase', db: 'admin'}]});
admin用户只对admin这个db有权限。
要操作mall这个db,可以这样:
use mall;
db.createUser({ user:'mall',pwd:'390191',roles:[ { role:'readWrite', db: 'mall'}]});
查看权限:
db.system.users.find()
参考
docker安装各种中间件、数据库教程
docker安装mongodb并备份
使用Docker和Kubernetes将MongoDB作为微服务运行
