How to create a DB for MongoDB container on start up

Question

I am working with Docker and I have a stack with PHP  MySQL  Apache and Redis  I need to add MongoDB now so I was checking the Dockerfile for the latest version and also the docker-entrypoint sh file from the MongoDB Dockerhub but I couldn t find a way to setup a default DB  admin user password and possibly auth method for the container from a docker-compose yml file   In MySQL you can setup some ENV variables as for example   db      image  mysql 5 7     env file   env     environment        MYSQL ROOT PASSWORD    MYSQL ROOT PASSWORD        MYSQL DATABASE    MYSQL DATABASE        MYSQL USER    MYSQL USER        MYSQL PASSWORD    MYSQL PASSWORD    And this will setup the DB and the user password as the root password    Is there any way to achieve the same with MongoDB  Anyone has some experience or workaround

User · Answer

Here another cleaner solution by using docker-compose and a js script  This example assumes that both files  docker-compose yml and mongo-init js  lay in the same folder  docker-compose yml version   3 7   services      mongodb          image  mongo latest         container name  mongodb         restart  always         environment              MONGO INITDB ROOT USERNAME   lt admin-user gt              MONGO INITDB ROOT PASSWORD   lt admin-password gt              MONGO INITDB DATABASE   lt database to create gt          ports              - 27017 27017         volumes              -   mongo-init js  docker-entrypoint-initdb d mongo-init js ro  mongo-init js db createUser                        user   quot  lt user for database which shall be created gt  quot               pwd   quot  lt password of user gt  quot               roles                                          role   quot readWrite quot                       db   quot  lt database to create gt  quot                                                Then simply start the service by running the following docker-compose command docker-compose up --build -d mongodb   Note  The code in the docker-entrypoint-init d folder is only executed if the database has never been initialized before

User · Answer

Given this  env file   DB NAME foo DB USER bar DB PASSWORD baz   And this mongo-init sh file   mongo --eval  db auth   MONGO INITDB ROOT USERNAME     MONGO INITDB ROOT PASSWORD    db   db getSiblingDB   DB NAME    db createUser   user    DB USER   pwd    DB PASSWORD   roles     role   readWrite   db    DB NAME            This docker-compose yml will create the admin database and admin user  authenticate as the admin user  then create the real database and add the real user   version   3   services     app       build         env file   env      environment         DB HOST   mongodb   mongodb     mongodb      image  mongo 4     environment        MONGO INITDB ROOT USERNAME  admin-user       MONGO INITDB ROOT PASSWORD  admin-password       DB NAME   DB NAME       DB USER   DB USER       DB PASSWORD   DB PASSWORD     ports        - 27017 27017     volumes        - db-data  data db       -   mongo-init sh  docker-entrypoint-initdb d mongo-init sh  volumes    db-data

User · Answer

In case someone is looking for how to configure MongoDB with authentication using docker-compose  here is a sample configuration using environment variables   version   3 3   services     db        image  mongo       environment          - MONGO INITDB ROOT USERNAME admin         - MONGO INITDB ROOT PASSWORD  lt YOUR PASSWORD gt        ports          -  27017 27017    When running docker-compose up your mongo instance is run automatically with auth enabled  You will have a admin database with the given password

User · Answer

Here s a working solution that creates admin-user user with a password  additional database  test-database   and test-user in that database  Dockerfile  FROM mongo 4 0 3  ENV MONGO INITDB ROOT USERNAME admin-user ENV MONGO INITDB ROOT PASSWORD admin-password ENV MONGO INITDB DATABASE admin  ADD mongo-init js  docker-entrypoint-initdb d   mongo-init js  db auth  admin-user    admin-password    db   db getSiblingDB  test-database    db createUser     user   test-user     pwd   test-password     roles                role   root         db   test-database                    The tricky part was to understand that   js files were run unauthenticated  The solution authenticates the script as the admin-user in the admin database  MONGO INITDB DATABASE admin is essential  otherwise the script would be executed against the test db  Check the source code of docker-entrypoint sh

User · Answer

If you are looking to remove usernames and passwords from your docker-compose yml you can use Docker Secrets  here is how I have approached it   version   3 6   services    db      image  mongo 3     container name  mycontainer   secrets      - MONGO INITDB ROOT USERNAME     - MONGO INITDB ROOT PASSWORD   environment      - MONGO INITDB ROOT USERNAME FILE  var run secrets MONGO INITDB ROOT USERNAME     - MONGO INITDB ROOT PASSWORD FILE  var run secrets MONGO INITDB ROOT PASSWORD secrets    MONGO INITDB ROOT USERNAME      file   secrets   NODE ENV  mongo root username txt   MONGO INITDB ROOT PASSWORD      file   secrets   NODE ENV  mongo root password txt   I have use the file  option for my secrets however  you can also use external  and use the secrets in a swarm     The secrets are available to any script in the container at  var run secrets  The Docker documentation has this to say about storing sensitive data     https   docs docker com engine swarm secrets   You can use secrets to manage any sensitive data which a container needs at runtime but you don   t want to store in the image or in source control  such as   Usernames and passwords TLS certificates and keys SSH keys Other important data such as the name of a database or internal server Generic strings or binary content  up to 500 kb in size

User · Answer

UPD Today I avoid Docker Swarm  secrets  and configs  I d run it with docker-compose and the  env file  As long as I don t need autoscaling  If I do  I d probably choose k8s  And database passwords  root account or not    Do they really matter when you re running a single database in a container not connected to the outside world    I d like to know what you think about it  but Stack Overflow is probably not well suited for this sort of communication  Mongo image can be affected by MONGO INITDB DATABASE variable  but it won t create the database  This variable determines current database when running  docker-entrypoint-initdb d   scripts  Since you can t use environment variables in scripts executed by Mongo  I went with a shell script  docker-swarm yml  version   3 1   secrets    mongo-root-passwd      file  mongo-root-passwd   mongo-user-passwd      file  mongo-user-passwd  services    mongo      image  mongo 3 2     environment        MONGO INITDB ROOT USERNAME   MONGO ROOT USER       MONGO INITDB ROOT PASSWORD FILE   run secrets mongo-root-passwd       MONGO INITDB USERNAME   MONGO USER       MONGO INITDB PASSWORD FILE   run secrets mongo-user-passwd       MONGO INITDB DATABASE   MONGO DB     volumes        -   init-mongo sh  docker-entrypoint-initdb d init-mongo sh     secrets        - mongo-root-passwd       - mongo-user-passwd  init-mongo sh  mongo --  quot  MONGO INITDB DATABASE quot   lt  lt EOF     var rootUser     MONGO INITDB ROOT USERNAME       var rootPassword     MONGO INITDB ROOT PASSWORD       var admin   db getSiblingDB  admin        admin auth rootUser  rootPassword        var user     MONGO INITDB USERNAME       var passwd      cat  quot  MONGO INITDB PASSWORD FILE quot         db createUser  user  user  pwd  passwd  roles    quot readWrite quot      EOF  Alternatively  you can store init-mongo sh in configs  docker config create  and mount it with  configs      init-mongo sh          external  true     services      mongo                      configs              - source  init-mongo sh               target   docker-entrypoint-initdb d init-mongo sh  And secrets can be not stored in a file  A couple of gists on the matter

User · Answer

My answer is based on the one provided by  x-yuri  but my scenario it s a little bit different  I wanted an image containing the script  not bind without needing to bind-mount it  mongo-init sh -- don t know whether or not is need but but I ran chmod  x mongo-init sh also     bin bash   https   stackoverflow com a 53522699   https   stackoverflow com a 37811764 mongo --  quot  MONGO INITDB DATABASE quot   lt  lt EOF   var rootUser     MONGO INITDB ROOT USERNAME     var rootPassword     MONGO INITDB ROOT PASSWORD     var user     MONGO INITDB USERNAME     var passwd     MONGO INITDB PASSWORD      var admin   db getSiblingDB  admin       admin auth rootUser  rootPassword     db createUser       user  user      pwd  passwd      roles                    role   quot root quot           db   quot admin quot                      EOF  Dockerfile  FROM mongo 3 6  COPY mongo-init sh  docker-entrypoint-initdb d mongo-init sh  CMD    quot  docker-entrypoint-initdb d mongo-init sh quot     docker-compose yml  version   3   services      mongodb          build            container name  mongodb-test         environment              - MONGO INITDB ROOT USERNAME root             - MONGO INITDB ROOT PASSWORD example             - MONGO INITDB USERNAME myproject             - MONGO INITDB PASSWORD myproject             - MONGO INITDB DATABASE myproject      myproject          image  myuser myimage         restart  on-failure         container name  myproject         environment              - DB URI mongodb             - DB HOST mongodb-test             - DB NAME myproject             - DB USERNAME myproject             - DB PASSWORD myproject             - DB OPTIONS              - DB PORT 27017                     ports              -  quot 80 80 quot   After that  I went ahead and publish this Dockefile as an image to use in other projects  note  without adding the CMD it mongo throws  unbound variable error

User · Answer

The official mongo image has merged a PR to include the functionality to databases and admin users at startup  The database initialisation will run scripts in  docker-entrypoint-initdb d  when there is nothing populated in the  data db directory  Database Initialisation The mongo container image provides the  docker-entrypoint-initdb d  path to deploy custom  js or  sh setup scripts that will be run once on database initialisation   js scripts will be run against test by default or MONGO INITDB DATABASE if defined in the environment  COPY mysetup sh  docker-entrypoint-initdb d   or COPY mysetup js  docker-entrypoint-initdb d   A simple initialisation mongo shell javascript file that demonstrates setting up the container collection with data  logging and how to exit with an error  for result checking   let error   true  let res       db container drop      db container createIndex   myfield  1      unique  true       db container createIndex   thatfield  1       db container createIndex   thatfield  1       db container insert   myfield   hello   thatfield   testing        db container insert   myfield   hello2   thatfield   testing        db container insert   myfield   hello3   thatfield   testing        db container insert   myfield   hello3   thatfield   testing        printjson res   if  error      print  Error  exiting     quit 1     Admin User Setup The environment variables to control  quot root quot  user setup are  MONGO INITDB ROOT USERNAME MONGO INITDB ROOT PASSWORD  Example docker run -d     -e MONGO INITDB ROOT USERNAME admin     -e MONGO INITDB ROOT PASSWORD password     mongod  or Dockerfile FROM docker io mongo ENV MONGO INITDB ROOT USERNAME admin ENV MONGO INITDB ROOT PASSWORD password  You don t need to use --auth on the command line as the docker entrypoint sh script adds this in when it detects the environment variables exist

[mongodb] How to create a DB for MongoDB container on start up?

docker-compose.yml

mongo-init.js

Examples related to mongodb

Examples related to docker

Examples related to docker-compose