Docker学习(六) Mongodb安装

2019独角兽企业重金招聘Python工程师标准>>> hot3.png

一、用命令安装

1、环境已安装好docker,网络配置好了,启动docker

[root@localhost ~]# systemctl start docker.service

2、创建目录,用于容器映射本地目录

[root@localhost ~]# mkdir -p ~/mongo ~/mongo/db

[root@localhost ~]# cd mongo

3、安装mongodb

[root@localhost mongo]# docker pull mongo
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
redis 4.0.11 43da2e0979d8 2 days ago 83.44 MB
mongo latest a41c82c0998a 8 days ago 380.2 MB

4、运行容器,不加权限

[root@localhost mongo]# docker run --name mongodb-server0 -p 27017:27017 -v $PWD/db:/data/db -d mongo:latest

89daef5129332b2d60aa0cc2394e170dc74e1b347af71729289a534e98d55c4f

使用mongo镜像执行mongo 命令连接到刚启动的容器,主机IP为:192.168.22.151,这个一定要,不然外部连接不上

5、[root@localhost mongo]# docker run -it mongo:latest mongo --host 192.168.22.151
MongoDB shell version v4.0.1
connecting to: mongodb://192.168.22.151:27017/
MongoDB server version: 4.0.1
Welcome to the MongoDB shell.
For interactive help, type "help".
For more comprehensive documentation, see
http://docs.mongodb.org/
------------------------------------------------------------------------------------

1、运行容器,加权限

[root@localhost mongo]# docker run --name mongodb-server0 -p 27017:27017 -v $PWD/db:/data/db -d mongo:latest --auth
129bcad7e5f5bc37c4888ce31ed7a1438db2f58d82be8b515aec74b521114d49

--auth 是加权限,加权限就需要创建用户

--name mongodb-server0 容器名称

-v $PWD/db:/data/db 将主机中当前目录下的db挂载到容器的/data/db,作为mongo数据存储目录

2、[root@localhost mongo]# docker run -it mongo:latest mongo --host 192.168.22.151

3、进入容器,登录amdin集合,mongodb-server0是容器名称

[root@localhost mongo]# docker exec -it mongodb-server0 mongo admin
MongoDB shell version v4.0.1
connecting to: mongodb://127.0.0.1:27017/admin
MongoDB server version: 4.0.1

>

或:

[root@localhost db]# docker exec -it mongodb-server0 /bin/bash
root@89daef512933:/# mongo 192.168.22.151:27017/hr

MongoDB shell version v4.0.1
connecting to: mongodb://192.168.22.151:27017/hr
MongoDB server version: 4.0.1
Server has startup warnings:

*mongodb相关使用:

MongoDB用户权限
内建的角色:

数据库用户角色:read、readWrite;
数据库管理角色:dbAdmin、dbOwner、userAdmin;
集群管理角色:clusterAdmin、clusterManager、clusterMonitor、hostManager;
备份恢复角色:backup、restore;
所有数据库角色:readAnyDatabase、readWriteAnyDatabase、userAdminAnyDatabase、dbAdminAnyDatabase
超级用户角色:root // 这里还有几个角色间接或直接提供了系统超级用户的访问(dbOwner 、userAdmin、userAdminAnyDatabase)
内部角色:__system

角色说明:
Read:允许用户读取指定数据库
readWrite:允许用户读写指定数据库
dbAdmin:允许用户在指定数据库中执行管理函数,如索引创建、删除,查看统计或访问system.profile
userAdmin:允许用户向system.users集合写入,可以找指定数据库里创建、删除和管理用户
clusterAdmin:只在admin数据库中可用,赋予用户所有分片和复制集相关函数的管理权限。
readAnyDatabase:只在admin数据库中可用,赋予用户所有数据库的读权限
readWriteAnyDatabase:只在admin数据库中可用,赋予用户所有数据库的读写权限
userAdminAnyDatabase:只在admin数据库中可用,赋予用户所有数据库的userAdmin权限
dbAdminAnyDatabase:只在admin数据库中可用,赋予用户所有数据库的dbAdmin权限。
root:只在admin数据库中可用。超级账号,超级权限

[root@localhost mongo]# docker exec -it mongodb-server0 /bin/bash

root@129bcad7e5f5:/# mongo 192.168.22.151:27017/admin

创建admin用户

> db.createUser({ user: 'admin', pwd: '1234', roles: [ { role: "userAdminAnyDatabase", db: "admin" },{ role: "readWriteAnyDatabase", db: "admin" } ] });
Successfully added user: {
"user" : "admin",
"roles" : [
    {
        "role" : "userAdminAnyDatabase",
        "db" : "admin"
    }
]
}

> db.auth("admin","1234") //进入后要认证用户

创建新集合:

> use hr //创建数据库
> db.createUser({ user: 'test', pwd: 'test', roles: [ { role: "readWrite", db: "hr" },{ role: "dbAdmin", db: "hr" },{ role: "userAdmin", db: "hr" } ] });
> db.auth("test","test")

> db //查看当前数据库
> show dbs

创建成功后,可以以认证方式登录:

root@129bcad7e5f5:/# mongo --port 27017 -u "test" -p "test" --authenticationDatabase "hr"

创建集合:

db.createCollection("ramuser",{capped:true,size:6142800,max:10000}) //创建集合方法一(表) db.ramrole.insertOne( { x: 1 } ) //创建集合方法二
{
"acknowledged" : true,
"insertedId" : ObjectId("5b8a275f7ad79b48cb46aaf0")
}

新增文档:

db.ram_role.insert({_id: 2,role_code:"cn001", role_name: "admin",validation:1,remark:"test"})
db.ramrole.find() { "id" : ObjectId("5b8a275f7ad79b48cb46aaf0"), "x" : 1 }

show collections //显示所有集合

db.roleEntity.insert({_id: "2",role_code:"cn002", role_name: "admin2",validation:1,remark:"test"});

db.roleEntity.find(); //查询roleEntity集合的所有文档

db.roleEntity.update({'roleCode':'cn002'},{$set:{'roleCode':'CN003'}})

//删除roleEntity集合中文档(记录)

db.roleEntity.remove({ "_id" : ObjectId("5b8a7e3e399b861b281af574")})

db.roleEntity.remove({ "_id" : "2"})

db.roleEntity.find({validation : {$gte : 1}}) //条件查询validation 等于1的记录

二、Dockerfile安装

[root@localhost ~]# mkdir -p ~/mongo  ~/mongo/db
编辑Dockerfile,放入~/mongo目录

FROM debian:jessie-slim

# add our user and group first to make sure their IDs get assigned consistently, regardless of whatever dependencies get added
RUN groupadd -r mongodb && useradd -r -g mongodb mongodb

RUN apt-get update \
    && apt-get install -y --no-install-recommends \
        ca-certificates \
        jq \
        numactl \
    && rm -rf /var/lib/apt/lists/*

# grab gosu for easy step-down from root (https://github.com/tianon/gosu/releases)
ENV GOSU_VERSION 1.10
# grab "js-yaml" for parsing mongod's YAML config files (https://github.com/nodeca/js-yaml/releases)
ENV JSYAML_VERSION 3.10.0

RUN set -ex; \
    \
    apt-get update; \
    apt-get install -y --no-install-recommends \
        wget \
    ; \
    rm -rf /var/lib/apt/lists/*; \
    \
    dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
    wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
    wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
    export GNUPGHOME="$(mktemp -d)"; \
    gpg --keyserver ha.pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
    gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
    command -v gpgconf && gpgconf --kill all || :; \
    rm -r "$GNUPGHOME" /usr/local/bin/gosu.asc; \
    chmod +x /usr/local/bin/gosu; \
    gosu nobody true; \
    \
    wget -O /js-yaml.js "https://github.com/nodeca/js-yaml/raw/${JSYAML_VERSION}/dist/js-yaml.js"; \
# TODO some sort of download verification here
    \
    apt-get purge -y --auto-remove wget

RUN mkdir /docker-entrypoint-initdb.d

ENV GPG_KEYS \
# pub   4096R/AAB2461C 2014-02-25 [expires: 2016-02-25]
#       Key fingerprint = DFFA 3DCF 326E 302C 4787  673A 01C4 E7FA AAB2 461C
# uid                  MongoDB 2.6 Release Signing Key <packaging@mongodb.com>
    DFFA3DCF326E302C4787673A01C4E7FAAAB2461C \
# pub   4096R/EA312927 2015-10-09 [expires: 2017-10-08]
#       Key fingerprint = 42F3 E95A 2C4F 0827 9C49  60AD D68F A50F EA31 2927
# uid                  MongoDB 3.2 Release Signing Key <packaging@mongodb.com>
    42F3E95A2C4F08279C4960ADD68FA50FEA312927
# https://docs.mongodb.com/manual/tutorial/verify-mongodb-packages/#download-then-import-the-key-file
RUN set -ex; \
    export GNUPGHOME="$(mktemp -d)"; \
    for key in $GPG_KEYS; do \
        gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$key"; \
    done; \
    gpg --export $GPG_KEYS > /etc/apt/trusted.gpg.d/mongodb.gpg; \
    command -v gpgconf && gpgconf --kill all || :; \
    rm -r "$GNUPGHOME"; \
    apt-key list

# Allow build-time overrides (eg. to build image with MongoDB Enterprise version)
# Options for MONGO_PACKAGE: mongodb-org OR mongodb-enterprise
# Options for MONGO_REPO: repo.mongodb.org OR repo.mongodb.com
# Example: docker build --build-arg MONGO_PACKAGE=mongodb-enterprise --build-arg MONGO_REPO=repo.mongodb.com .
ARG MONGO_PACKAGE=mongodb-org
ARG MONGO_REPO=repo.mongodb.org
ENV MONGO_PACKAGE=${MONGO_PACKAGE} MONGO_REPO=${MONGO_REPO}

ENV MONGO_MAJOR 3.2
ENV MONGO_VERSION 3.2.20

RUN echo "deb http://$MONGO_REPO/apt/debian jessie/${MONGO_PACKAGE%-unstable}/$MONGO_MAJOR main" | tee "/etc/apt/sources.list.d/${MONGO_PACKAGE%-unstable}.list"

RUN set -x \
    && apt-get update \
    && apt-get install -y \
        ${MONGO_PACKAGE}=$MONGO_VERSION \
        ${MONGO_PACKAGE}-server=$MONGO_VERSION \
        ${MONGO_PACKAGE}-shell=$MONGO_VERSION \
        ${MONGO_PACKAGE}-mongos=$MONGO_VERSION \
        ${MONGO_PACKAGE}-tools=$MONGO_VERSION \
    && rm -rf /var/lib/apt/lists/* \
    && rm -rf /var/lib/mongodb \
    && mv /etc/mongod.conf /etc/mongod.conf.orig

RUN mkdir -p /data/db /data/configdb \
    && chown -R mongodb:mongodb /data/db /data/configdb
VOLUME /data/db /data/configdb

COPY docker-entrypoint.sh /usr/local/bin/
RUN ln -s usr/local/bin/docker-entrypoint.sh /entrypoint.sh # backwards compat
ENTRYPOINT ["docker-entrypoint.sh"]

EXPOSE 27017
CMD ["mongod"]

[root@localhost mongo]# docker build -t mongo:4.0 .  //安装过程出错,要使用 PGP 签名或者 SHA-256 校验和来验证软件包

可参考:https://segmentfault.com/a/1190000007285023

https://docs.mongodb.com/manual/tutorial/verify-mongodb-packages/

Reading package lists...
W: GPG error: http://repo.mongodb.org jessie/mongodb-org/4.0 Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 68818C72E52529D4
+ apt-get install -y mongodb-org=4.0.1 mongodb-org-server=4.0.1 mongodb-org-shell=4.0.1 mongodb-org-mongos=4.0.1 mongodb-org-tools=4.0.1
Reading package lists...
Building dependency tree...
Reading state information...
The following extra packages will be installed:


0 upgraded, 26 newly installed, 0 to remove and 0 not upgraded.
Need to get 61.7 MB of archives.
After this operation, 253 MB of additional disk space will be used.
WARNING: The following packages cannot be authenticated!
  mongodb-org-shell mongodb-org-server mongodb-org-mongos mongodb-org-tools
  mongodb-org
The command '/bin/sh -c set -x     && apt-get update     && apt-get install -y         ${MONGO_PACKAGE}=$MONGO_VERSION         ${MONGO_PACKAGE}-server=$MONGO_VERSION         ${MONGO_PACKAGE}-shell=$MONGO_VERSION         ${MONGO_PACKAGE}-mongos=$MONGO_VERSION         ${MONGO_PACKAGE}-tools=$MONGO_VERSION     && rm -rf /var/lib/apt/lists/*     && rm -rf /var/lib/mongodb     && mv /etc/mongod.conf /etc/mongod.conf.orig' returned a non-zero code: 100

[root@localhost mongo]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
<none>              <none>              6012cd999f9c        4 minutes ago       87.4 MB
debian              jessie-slim         bcdc1307bd3b        6 weeks ago         79.1 MB
centos              latest              67591570dd29        20 months ago       192 MB
[root@localhost mongo]# docker tag 6012cd999f9c mongo:4.0    //可能没有名称,修改image名称与tag
[root@localhost mongo]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
mongo               4.0                 6012cd999f9c        7 minutes ago       87.4 MB

[root@localhost mongo]# docker run --name mongodb-server0 -itd mongo:4.0
430d2867e6175f0fc730c18d71fc9b0a3478b7a33cf1e065af315170b9457879
[root@localhost mongo]# docker ps
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
430d2867e617        mongo:4.0           "bash"              5 seconds ago       Up 4 seconds                            mongodb-server0
[root@localhost mongo]# docker exec -it 430d2867e617 /bin/bash
进行安装包签名(过程太长,未执行)

[root@localhost mongo]# docker run --name mongodb-server0 -p 27017:27017 -v $PWD/db:/data/db -d mongo:4.0
aaf74150d3bb812ccf4e60a77f5bde6b7d63313619712d288ecfc977cef6a824
[root@localhost mongo]# docker run -it mongo:latest mongo --host 192.168.22.151

转载于:https://my.oschina.net/u/1253780/blog/1940991