zoukankan      html  css  js  c++  java
  • Docker 创建 mongo 容器

    一、1、直接获取 docker 认证 mongo 镜像:

    docker pull mongo

    2、创建运行 mongo 容器:

    docker run -d -it -p 127:27017 --name mongo3 -m 512M -v /data/docker-file/mongo3/db3:/data/db docker.io/mongo
    
    -p   # 宿主机端口 127 映射到 容器 27017 
    --name   # 设置容器名称 mongo3 
    -m   # 设置容器使用内存
    -v   # 设置挂载目录; 宿主机 /data/docker-file/mongo3/db3 挂载到 mongo容器 默认 /data/db 下
    docker.io/monogo    # 使用镜像; 

    3、链接测试;

    二、通过 创建 Dockerfile 文件构建容器;

    FROM debian:jessie-slim
    
    # add our user and group first to make sure their IDs get assigned consistently, regardless of whatever dependencies get added
    RUN groupadd -r mongodb && useradd -r -g mongodb mongodb
    
    RUN apt-get update 
        && apt-get install -y --no-install-recommends 
            ca-certificates 
            jq 
            numactl 
        && rm -rf /var/lib/apt/lists/*
    
    # grab gosu for easy step-down from root (https://github.com/tianon/gosu/releases)
    ENV GOSU_VERSION 1.10
    # grab "js-yaml" for parsing mongod's YAML config files (https://github.com/nodeca/js-yaml/releases)
    ENV JSYAML_VERSION 3.10.0
    
    RUN set -ex; 
        
        apt-get update; 
        apt-get install -y --no-install-recommends 
            wget 
        ; 
        rm -rf /var/lib/apt/lists/*; 
        
        dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; 
        wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; 
        wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; 
        export GNUPGHOME="$(mktemp -d)"; 
        gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; 
        gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; 
        command -v gpgconf && gpgconf --kill all || :; 
        rm -r "$GNUPGHOME" /usr/local/bin/gosu.asc; 
        chmod +x /usr/local/bin/gosu; 
        gosu nobody true; 
        
        wget -O /js-yaml.js "https://github.com/nodeca/js-yaml/raw/${JSYAML_VERSION}/dist/js-yaml.js"; 
    # TODO some sort of download verification here
        
        apt-get purge -y --auto-remove wget
    
    RUN mkdir /docker-entrypoint-initdb.d
    
    ENV GPG_KEYS 
    # pub   4096R/A15703C6 2016-01-11 [expires: 2018-01-10]
    #       Key fingerprint = 0C49 F373 0359 A145 1858  5931 BC71 1F9B A157 03C6
    # uid                  MongoDB 3.4 Release Signing Key <packaging@mongodb.com>
        0C49F3730359A14518585931BC711F9BA15703C6
    # https://docs.mongodb.com/manual/tutorial/verify-mongodb-packages/#download-then-import-the-key-file
    RUN set -ex; 
        export GNUPGHOME="$(mktemp -d)"; 
        for key in $GPG_KEYS; do 
            gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys "$key"; 
        done; 
        gpg --batch --export $GPG_KEYS > /etc/apt/trusted.gpg.d/mongodb.gpg; 
        command -v gpgconf && gpgconf --kill all || :; 
        rm -r "$GNUPGHOME"; 
        apt-key list
    
    # Allow build-time overrides (eg. to build image with MongoDB Enterprise version)
    # Options for MONGO_PACKAGE: mongodb-org OR mongodb-enterprise
    # Options for MONGO_REPO: repo.mongodb.org OR repo.mongodb.com
    # Example: docker build --build-arg MONGO_PACKAGE=mongodb-enterprise --build-arg MONGO_REPO=repo.mongodb.com .
    ARG MONGO_PACKAGE=mongodb-org
    ARG MONGO_REPO=repo.mongodb.org
    ENV MONGO_PACKAGE=${MONGO_PACKAGE} MONGO_REPO=${MONGO_REPO}
    
    ENV MONGO_MAJOR 3.4
    ENV MONGO_VERSION 3.4.18
    
    RUN echo "deb http://$MONGO_REPO/apt/debian jessie/${MONGO_PACKAGE%-unstable}/$MONGO_MAJOR main" | tee "/etc/apt/sources.list.d/${MONGO_PACKAGE%-unstable}.list"
    
    RUN set -x 
        && apt-get update 
        && apt-get install -y 
            ${MONGO_PACKAGE}=$MONGO_VERSION 
            ${MONGO_PACKAGE}-server=$MONGO_VERSION 
            ${MONGO_PACKAGE}-shell=$MONGO_VERSION 
            ${MONGO_PACKAGE}-mongos=$MONGO_VERSION 
            ${MONGO_PACKAGE}-tools=$MONGO_VERSION 
        && rm -rf /var/lib/apt/lists/* 
        && rm -rf /var/lib/mongodb 
        && mv /etc/mongod.conf /etc/mongod.conf.orig
    
    RUN mkdir -p /data/db /data/configdb 
        && chown -R mongodb:mongodb /data/db /data/configdb
    VOLUME /data/db /data/configdb
    
    COPY docker-entrypoint.sh /usr/local/bin/
    RUN ln -s usr/local/bin/docker-entrypoint.sh /entrypoint.sh # backwards compat
    ENTRYPOINT ["docker-entrypoint.sh"]
    
    EXPOSE 27017
    CMD ["mongod"]

    创建 docker-entrypoint.sh 文件;

    #!/bin/bash
    set -Eeuo pipefail
    
    if [ "${1:0:1}" = '-' ]; then
        set -- mongod "$@"
    fi
    
    originalArgOne="$1"
    
    # allow the container to be started with `--user`
    # all mongo* commands should be dropped to the correct user
    if [[ "$originalArgOne" == mongo* ]] && [ "$(id -u)" = '0' ]; then
        if [ "$originalArgOne" = 'mongod' ]; then
            find /data/configdb /data/db ! -user mongodb -exec chown mongodb '{}' +
        fi
    
        # make sure we can write to stdout and stderr as "mongodb"
        # (for our "initdb" code later; see "--logpath" below)
        chown --dereference mongodb "/proc/$$/fd/1" "/proc/$$/fd/2" || :
        # ignore errors thanks to https://github.com/docker-library/mongo/issues/149
    
        exec gosu mongodb "$BASH_SOURCE" "$@"
    fi
    
    # you should use numactl to start your mongod instances, including the config servers, mongos instances, and any clients.
    # https://docs.mongodb.com/manual/administration/production-notes/#configuring-numa-on-linux
    if [[ "$originalArgOne" == mongo* ]]; then
        numa='numactl --interleave=all'
        if $numa true &> /dev/null; then
            set -- $numa "$@"
        fi
    fi
    
    # usage: file_env VAR [DEFAULT]
    #    ie: file_env 'XYZ_DB_PASSWORD' 'example'
    # (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
    #  "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
    file_env() {
        local var="$1"
        local fileVar="${var}_FILE"
        local def="${2:-}"
        if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
            echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
            exit 1
        fi
        local val="$def"
        if [ "${!var:-}" ]; then
            val="${!var}"
        elif [ "${!fileVar:-}" ]; then
            val="$(< "${!fileVar}")"
        fi
        export "$var"="$val"
        unset "$fileVar"
    }
    
    # see https://github.com/docker-library/mongo/issues/147 (mongod is picky about duplicated arguments)
    _mongod_hack_have_arg() {
        local checkArg="$1"; shift
        local arg
        for arg; do
            case "$arg" in
                "$checkArg"|"$checkArg"=*)
                    return 0
                    ;;
            esac
        done
        return 1
    }
    # _mongod_hack_get_arg_val '--some-arg' "$@"
    _mongod_hack_get_arg_val() {
        local checkArg="$1"; shift
        while [ "$#" -gt 0 ]; do
            local arg="$1"; shift
            case "$arg" in
                "$checkArg")
                    echo "$1"
                    return 0
                    ;;
                "$checkArg"=*)
                    echo "${arg#$checkArg=}"
                    return 0
                    ;;
            esac
        done
        return 1
    }
    declare -a mongodHackedArgs
    # _mongod_hack_ensure_arg '--some-arg' "$@"
    # set -- "${mongodHackedArgs[@]}"
    _mongod_hack_ensure_arg() {
        local ensureArg="$1"; shift
        mongodHackedArgs=( "$@" )
        if ! _mongod_hack_have_arg "$ensureArg" "$@"; then
            mongodHackedArgs+=( "$ensureArg" )
        fi
    }
    # _mongod_hack_ensure_no_arg '--some-unwanted-arg' "$@"
    # set -- "${mongodHackedArgs[@]}"
    _mongod_hack_ensure_no_arg() {
        local ensureNoArg="$1"; shift
        mongodHackedArgs=()
        while [ "$#" -gt 0 ]; do
            local arg="$1"; shift
            if [ "$arg" = "$ensureNoArg" ]; then
                continue
            fi
            mongodHackedArgs+=( "$arg" )
        done
    }
    # _mongod_hack_ensure_no_arg '--some-unwanted-arg' "$@"
    # set -- "${mongodHackedArgs[@]}"
    _mongod_hack_ensure_no_arg_val() {
        local ensureNoArg="$1"; shift
        mongodHackedArgs=()
        while [ "$#" -gt 0 ]; do
            local arg="$1"; shift
            case "$arg" in
                "$ensureNoArg")
                    shift # also skip the value
                    continue
                    ;;
                "$ensureNoArg"=*)
                    # value is already included
                    continue
                    ;;
            esac
            mongodHackedArgs+=( "$arg" )
        done
    }
    # _mongod_hack_ensure_arg_val '--some-arg' 'some-val' "$@"
    # set -- "${mongodHackedArgs[@]}"
    _mongod_hack_ensure_arg_val() {
        local ensureArg="$1"; shift
        local ensureVal="$1"; shift
        _mongod_hack_ensure_no_arg_val "$ensureArg" "$@"
        mongodHackedArgs+=( "$ensureArg" "$ensureVal" )
    }
    
    # _js_escape 'some "string" value'
    _js_escape() {
        jq --null-input --arg 'str' "$1" '$str'
    }
    
    jsonConfigFile="${TMPDIR:-/tmp}/docker-entrypoint-config.json"
    tempConfigFile="${TMPDIR:-/tmp}/docker-entrypoint-temp-config.json"
    _parse_config() {
        if [ -s "$tempConfigFile" ]; then
            return 0
        fi
    
        local configPath
        if configPath="$(_mongod_hack_get_arg_val --config "$@")"; then
            # if --config is specified, parse it into a JSON file so we can remove a few problematic keys (especially SSL-related keys)
            # see https://docs.mongodb.com/manual/reference/configuration-options/
            mongo --norc --nodb --quiet --eval "load('/js-yaml.js'); printjson(jsyaml.load(cat($(_js_escape "$configPath"))))" > "$jsonConfigFile"
            jq 'del(.systemLog, .processManagement, .net, .security)' "$jsonConfigFile" > "$tempConfigFile"
            return 0
        fi
    
        return 1
    }
    dbPath=
    _dbPath() {
        if [ -n "$dbPath" ]; then
            echo "$dbPath"
            return
        fi
    
        if ! dbPath="$(_mongod_hack_get_arg_val --dbpath "$@")"; then
            if _parse_config "$@"; then
                dbPath="$(jq -r '.storage.dbPath // empty' "$jsonConfigFile")"
            fi
        fi
    
        : "${dbPath:=/data/db}"
    
        echo "$dbPath"
    }
    
    if [ "$originalArgOne" = 'mongod' ]; then
        file_env 'MONGO_INITDB_ROOT_USERNAME'
        file_env 'MONGO_INITDB_ROOT_PASSWORD'
        # pre-check a few factors to see if it's even worth bothering with initdb
        shouldPerformInitdb=
        if [ "$MONGO_INITDB_ROOT_USERNAME" ] && [ "$MONGO_INITDB_ROOT_PASSWORD" ]; then
            # if we have a username/password, let's set "--auth"
            _mongod_hack_ensure_arg '--auth' "$@"
            set -- "${mongodHackedArgs[@]}"
            shouldPerformInitdb='true'
        elif [ "$MONGO_INITDB_ROOT_USERNAME" ] || [ "$MONGO_INITDB_ROOT_PASSWORD" ]; then
            cat >&2 <<-'EOF'
                error: missing 'MONGO_INITDB_ROOT_USERNAME' or 'MONGO_INITDB_ROOT_PASSWORD'
                       both must be specified for a user to be created
            EOF
            exit 1
        fi
    
        if [ -z "$shouldPerformInitdb" ]; then
            # if we've got any /docker-entrypoint-initdb.d/* files to parse later, we should initdb
            for f in /docker-entrypoint-initdb.d/*; do
                case "$f" in
                    *.sh|*.js) # this should match the set of files we check for below
                        shouldPerformInitdb="$f"
                        break
                        ;;
                esac
            done
        fi
    
        # check for a few known paths (to determine whether we've already initialized and should thus skip our initdb scripts)
        if [ -n "$shouldPerformInitdb" ]; then
            dbPath="$(_dbPath "$@")"
            for path in 
                "$dbPath/WiredTiger" 
                "$dbPath/journal" 
                "$dbPath/local.0" 
                "$dbPath/storage.bson" 
            ; do
                if [ -e "$path" ]; then
                    shouldPerformInitdb=
                    break
                fi
            done
        fi
    
        if [ -n "$shouldPerformInitdb" ]; then
            mongodHackedArgs=( "$@" )
            if _parse_config "$@"; then
                _mongod_hack_ensure_arg_val --config "$tempConfigFile" "${mongodHackedArgs[@]}"
            fi
            _mongod_hack_ensure_arg_val --bind_ip 127.0.0.1 "${mongodHackedArgs[@]}"
            _mongod_hack_ensure_arg_val --port 27017 "${mongodHackedArgs[@]}"
    
            # remove "--auth" and "--replSet" for our initial startup (see https://docs.mongodb.com/manual/tutorial/enable-authentication/#start-mongodb-without-access-control)
            # https://github.com/docker-library/mongo/issues/211
            _mongod_hack_ensure_no_arg --auth "${mongodHackedArgs[@]}"
            if [ "$MONGO_INITDB_ROOT_USERNAME" ] && [ "$MONGO_INITDB_ROOT_PASSWORD" ]; then
                _mongod_hack_ensure_no_arg_val --replSet "${mongodHackedArgs[@]}"
            fi
    
            sslMode="$(_mongod_hack_have_arg '--sslPEMKeyFile' "$@" && echo 'allowSSL' || echo 'disabled')" # "BadValue: need sslPEMKeyFile when SSL is enabled" vs "BadValue: need to enable SSL via the sslMode flag when using SSL configuration parameters"
            _mongod_hack_ensure_arg_val --sslMode "$sslMode" "${mongodHackedArgs[@]}"
    
            if stat "/proc/$$/fd/1" > /dev/null && [ -w "/proc/$$/fd/1" ]; then
                # https://github.com/mongodb/mongo/blob/38c0eb538d0fd390c6cb9ce9ae9894153f6e8ef5/src/mongo/db/initialize_server_global_state.cpp#L237-L251
                # https://github.com/docker-library/mongo/issues/164#issuecomment-293965668
                _mongod_hack_ensure_arg_val --logpath "/proc/$$/fd/1" "${mongodHackedArgs[@]}"
            else
                initdbLogPath="$(_dbPath "$@")/docker-initdb.log"
                echo >&2 "warning: initdb logs cannot write to '/proc/$$/fd/1', so they are in '$initdbLogPath' instead"
                _mongod_hack_ensure_arg_val --logpath "$initdbLogPath" "${mongodHackedArgs[@]}"
            fi
            _mongod_hack_ensure_arg --logappend "${mongodHackedArgs[@]}"
    
            pidfile="${TMPDIR:-/tmp}/docker-entrypoint-temp-mongod.pid"
            rm -f "$pidfile"
            _mongod_hack_ensure_arg_val --pidfilepath "$pidfile" "${mongodHackedArgs[@]}"
    
            "${mongodHackedArgs[@]}" --fork
    
            mongo=( mongo --host 127.0.0.1 --port 27017 --quiet )
    
            # check to see that our "mongod" actually did start up (catches "--help", "--version", MongoDB 3.2 being silly, slow prealloc, etc)
            # https://jira.mongodb.org/browse/SERVER-16292
            tries=30
            while true; do
                if ! { [ -s "$pidfile" ] && ps "$(< "$pidfile")" &> /dev/null; }; then
                    # bail ASAP if "mongod" isn't even running
                    echo >&2
                    echo >&2 "error: $originalArgOne does not appear to have stayed running -- perhaps it had an error?"
                    echo >&2
                    exit 1
                fi
                if "${mongo[@]}" 'admin' --eval 'quit(0)' &> /dev/null; then
                    # success!
                    break
                fi
                (( tries-- ))
                if [ "$tries" -le 0 ]; then
                    echo >&2
                    echo >&2 "error: $originalArgOne does not appear to have accepted connections quickly enough -- perhaps it had an error?"
                    echo >&2
                    exit 1
                fi
                sleep 1
            done
    
            if [ "$MONGO_INITDB_ROOT_USERNAME" ] && [ "$MONGO_INITDB_ROOT_PASSWORD" ]; then
                rootAuthDatabase='admin'
    
                "${mongo[@]}" "$rootAuthDatabase" <<-EOJS
                    db.createUser({
                        user: $(_js_escape "$MONGO_INITDB_ROOT_USERNAME"),
                        pwd: $(_js_escape "$MONGO_INITDB_ROOT_PASSWORD"),
                        roles: [ { role: 'root', db: $(_js_escape "$rootAuthDatabase") } ]
                    })
                EOJS
            fi
    
            export MONGO_INITDB_DATABASE="${MONGO_INITDB_DATABASE:-test}"
    
            echo
            for f in /docker-entrypoint-initdb.d/*; do
                case "$f" in
                    *.sh) echo "$0: running $f"; . "$f" ;;
                    *.js) echo "$0: running $f"; "${mongo[@]}" "$MONGO_INITDB_DATABASE" "$f"; echo ;;
                    *)    echo "$0: ignoring $f" ;;
                esac
                echo
            done
    
            "${mongodHackedArgs[@]}" --shutdown
            rm -f "$pidfile"
    
            echo
            echo 'MongoDB init process complete; ready for start up.'
            echo
        fi
    
        unset "${!MONGO_INITDB_@}"
    fi
    
    rm -f "$jsonConfigFile" "$tempConfigFile"
    
    exec "$@"

    构建镜像

    docker build -t mongo3.4

     创建容器:

    docker build -t -d mongo3.4 .

    官方 githup 参考:

    docker-library/mongo
    https://github.com/docker-library/mongo/tree/6932ac255d29759af9a74c6931faeb02de0fe53e

  • 相关阅读:
    线段树、树状数组
    贪心算法(Fatmouse’Trade、今年暑假不AC)
    搜索+DP专题(背包问题、N个数选K个使平方和最大且和为X、divide by three, multiple by two、全排列、组合、N皇后、jugs、掉石头迷宫、斐波那契、最大连续子序列和、最长上升子序列、非常可乐、导弹拦截系统:最长不降子序列)
    计算机考研机试指南(九)——搜索(百鸡问题、ABC、胜利大逃亡、迷宫问题、C翻转、旋转矩阵、字符串匹配、)
    计算机考研机试指南(八)——图论(畅通工程、还是畅通工程、最短路、more is better、Freckles、legal or not、确定比赛名次、产生冠军、最短路径问题)
    String与StringBuffer与StringBuilder
    replace into
    eclipse迅速新建main函数
    数据库视图什么时候需要用到
    springboot实现拦截器
  • 原文地址:https://www.cnblogs.com/sharesdk/p/10114374.html
Copyright © 2011-2022 走看看