Skip to content

Commit 05154da

Browse files
authored
Update docs for new configuration features
1 parent c00c79c commit 05154da

File tree

1 file changed

+94
-30
lines changed

1 file changed

+94
-30
lines changed

mongo/content.md

Lines changed: 94 additions & 30 deletions
Original file line numberDiff line numberDiff line change
@@ -10,71 +10,127 @@ First developed by the software company 10gen (now MongoDB Inc.) in October 2007
1010

1111
# How to use this image
1212

13-
## start a mongo instance
13+
## Start a `%%IMAGE%%` server instance
1414

1515
```console
16-
$ docker run --name some-mongo -d %%IMAGE%%
16+
$ docker run --name some-%%REPO%% -d %%IMAGE%%:tag
1717
```
18+
... where `some-%%REPO%%` is the name you want to assign to your container and tag is the tag specifying the Mongo version you want. See the list above for relevant tags.
1819

19-
This image includes `EXPOSE 27017` (the mongo port), so standard container linking will make it automatically available to the linked containers (as the following examples illustrate).
20+
## Connect to Mongo from an application in another Docker container
2021

21-
## connect to it from an application
22+
This image includes `EXPOSE 27017` (the standard Mongo port), so standard container linking will make it automatically available to the linked containers (as the following examples illustrate).
2223

2324
```console
24-
$ docker run --name some-app --link some-mongo:mongo -d application-that-uses-mongo
25+
$ docker run --name some-app --link some-%%REPO%%:mongo -d application-that-uses-mongo
2526
```
2627

27-
## ... or via `mongo`
28+
## Connect to Mongo from the Mongo command line client
29+
30+
The following command starts another `%%IMAGE%%` container instance and runs the `mongo` command line client against your original `%%IMAGE%%` container, allowing you to execute Mongo statements against your database instance:
2831

2932
```console
30-
$ docker run -it --link some-mongo:mongo --rm %%IMAGE%% sh -c 'exec mongo "$MONGO_PORT_27017_TCP_ADDR:$MONGO_PORT_27017_TCP_PORT/test"'
33+
$ docker run -it --link some-%%REPO%%:mongo --rm %%IMAGE%% sh -c 'exec mongo "$MONGO_PORT_27017_TCP_ADDR:$MONGO_PORT_27017_TCP_PORT/test"'
3134
```
35+
... where `some-mongo` is the name of your original `mongo` container.
3236

33-
## Configuration
37+
## ... via `docker-compose`
3438

35-
See the [official docs](https://docs.mongodb.com/manual/) for infomation on using and configuring MongoDB for things like replica sets and sharding.
39+
Example `docker-compose.yml` for `mongo`:
3640

37-
Just add the `--storageEngine` argument if you want to use the WiredTiger storage engine in MongoDB 3.0 and above without making a config file. WiredTiger is the default storage engine in MongoDB 3.2 and above. Be sure to check the [docs](https://docs.mongodb.com/manual/release-notes/3.0-upgrade/#change-storage-engine-for-standalone-to-wiredtiger) on how to upgrade from older versions.
41+
```
42+
version: '2.1'
43+
44+
services:
45+
46+
db:
47+
image: %%IMAGE%%
48+
restart: always
49+
environment:
50+
MONGO_INITDB_ROOT_USERNAME: MongoRootUser
51+
MONGO_INITDB_ROOT_PASSWORD: AMuchStrongerPassword
52+
53+
app:
54+
build: ./app
55+
ports:
56+
- 80:80
57+
links:
58+
- db
59+
```
60+
61+
## Container shell access and viewing Mongo logs
62+
63+
The `docker exec` command allows you to run commands inside a Docker container. The following command line will give you a bash shell inside your `%%IMAGE%%` container:
3864

3965
```console
40-
$ docker run --name some-mongo -d %%IMAGE%% --storageEngine wiredTiger
66+
$ docker exec -it some-%%REPO%% bash
4167
```
4268

43-
### Authentication and Authorization
69+
The Mongo Server log is available through Docker's container log:
4470

45-
MongoDB does not require authentication by default, but it can be configured to do so. For more details about the functionality described here, please see the sections in the official documentation which describe [authentication](https://docs.mongodb.com/manual/core/authentication/) and [authorization](https://docs.mongodb.com/manual/core/authorization/) in more detail.
71+
```console
72+
$ docker logs some-%%REPO%%
73+
```
4674

47-
#### Start the Database
75+
## Configuration
76+
77+
See the [official docs](https://docs.mongodb.com/manual/) for infomation on using and configuring MongoDB for things like replica sets and sharding.
78+
79+
## Using a custom Mongo configuration file
80+
81+
The `--config` option can be used to customize Mongo startup configuration. If you want to use a customized Mongo configuration, you can create your alternative configuration file in a directory on the host machine and then mount that directory location inside the `%%IMAGE%%` container. Note that a few problematic kets are removed from a provided `--config` file: `systemLog`, `processManagement`, `net`, and `security`.
82+
83+
If `/my/custom/config-file.conf` is the path and name of your custom configuration file, you can start your `%%IMAGE%%` container like this (note that only the directory path of the custom config file is used in this command):
4884

4985
```console
50-
$ docker run --name some-mongo -d mongo --auth
86+
$ docker run --name some-%%REPO%% -v /my/custom:/etc/mongo/conf.d -d %%IMAGE%%:tag mongo --config /etc/mongo/conf.d/config-file.conf
5187
```
5288

53-
#### Add the Initial Admin User
89+
## Customize storage engine without configuration file
90+
91+
Just add the `--storageEngine` argument if you want to use the WiredTiger storage engine in MongoDB 3.0 and above without making a config file. WiredTiger is the default storage engine in MongoDB 3.2 and above. Be sure to check the [docs](https://docs.mongodb.com/manual/release-notes/3.0-upgrade/#change-storage-engine-for-standalone-to-wiredtiger) on how to upgrade from older versions.
5492

5593
```console
56-
$ docker exec -it some-mongo mongo admin
57-
connecting to: admin
58-
> db.createUser({ user: 'jsmith', pwd: 'some-initial-password', roles: [ { role: "userAdminAnyDatabase", db: "admin" } ] });
59-
Successfully added user: {
60-
"user" : "jsmith",
61-
"roles" : [
62-
{
63-
"role" : "userAdminAnyDatabase",
64-
"db" : "admin"
65-
}
66-
]
67-
}
94+
$ docker run --name some-%%REPO%% -d %%IMAGE%% --storageEngine wiredTiger
6895
```
6996

70-
#### Connect Externally
97+
## Environment Variables
98+
99+
When you start the `%%IMAGE%%` image, you can adjust the configuration of the Mongo instance by passing one or more environment variables on the `docker run` command line.
71100

101+
### `MONGO_INITDB_ROOT_USERNAME`, `MONGO_INITDB_ROOT_PASSWORD`
102+
103+
These variables are optional, used in conjunction to create a new user and to set that user's password. This user will be created in the `admin` authentication database and given the role of `root`. superuser permissions (see above) for the database specified by the `MYSQL_DATABASE` variable. Both variables are required for a user to be created. If both are present then Mongo will start with authentication enabled: `mongod --auth`. Authentication in MongoDB is fairly complex, so more complex user setup is explicitly left to the user via `/docker-entrypoint-initdb.d/` (see _Initializing a fresh instance_ below).
104+
105+
Do note that MongoDB does not require authentication by default, but it can be configured to do so. For more details about the functionality described here, please see the sections in the official documentation which describe [authentication](https://docs.mongodb.com/manual/core/authentication/) and [authorization](https://docs.mongodb.com/manual/core/authorization/) in more detail.
106+
107+
If you do create a root user, you will need to connect against the `admin` authentication database:
72108
```console
73-
$ docker run -it --rm --link some-mongo:mongo %%IMAGE%% mongo -u jsmith -p some-initial-password --authenticationDatabase admin some-mongo/some-db
109+
$ docker run -it --rm --link some-%%REPO%%:mongo %%IMAGE%% mongo -u jsmith -p some-initial-password --authenticationDatabase admin some-%%REPO%%/some-db
74110
> db.getName();
75111
some-db
76112
```
77113

114+
### `MONGO_INITDB_DATABASE`
115+
116+
This variable is optional and allows you to specify the name of a database to be used for creation scripts in `/docker-entrypoint-initdb.d/*.js` (see _Initializing a fresh instance_ below). MongoDB is fundamentally designed for "create on first use" so automating database creation does not make much sense.
117+
118+
## Docker Secrets
119+
120+
As an alternative to passing sensitive information via environment variables, `_FILE` may be appended to the previously listed environment variables, causing the initialization script to load the values for those variables from files present in the container. In particular, this can be used to load passwords from Docker secrets stored in `/run/secrets/<secret_name>` files. For example:
121+
122+
```console
123+
$ docker run --name some-%%REPO%% -e MONGO_INITDB_ROOT_PASSWORD_FILE=/run/secrets/mongo-root -d %%IMAGE%%:tag
124+
```
125+
126+
Currently, this is only supported for `MONGO_INITDB_ROOT_USERNAME` and `MONGO_INITDB_ROOT_PASSWORD`.
127+
128+
# Initializing a fresh instance
129+
130+
When a container is started for the first time it will execute files with extensions `.sh` and `.js` that are found in `/docker-entrypoint-initdb.d`. Files will be executed in alphabetical order. `.js` files will be executed by Mongo using the database specified by the `MONGO_INITDB_DATABASE` variable, if it is present, or `test` otherwise. You may also switch databases within the `.js` script.
131+
132+
# Caveats
133+
78134
## Where to Store Data
79135

80136
Important note: There are several ways to store data used by applications that run in Docker containers. We encourage users of the `%%REPO%%` images to familiarize themselves with the options available, including:
@@ -102,3 +158,11 @@ Note that users on host systems with SELinux enabled may see issues with this. T
102158
```console
103159
$ chcon -Rt svirt_sandbox_file_t /my/own/datadir
104160
```
161+
162+
## Creating database dumps
163+
164+
Most of the normal tools will work, although their usage might be a little convoluted in some cases to ensure they have access to the `mongod` server. A simple way to ensure this is to use `docker exec` and run the tool from the same container, similar to the following:
165+
166+
```console
167+
$ docker exec some-%%REPO%% sh -c 'exec mongodump -d <database_name> --archive' > /some/path/on/your/host/all-collections.archive
168+
```

0 commit comments

Comments
 (0)