Open ch40s opened 4 years ago
Going to address #256 in this as well because they are similar issues.
When Walkoff is built for the first time, the Bootloader will generate Docker secrets that are used as credentials for the resources like Mongo, Redis, Minio, etc.
These secrets are mounted as files in their respective containers under /run/secrets/walkoff_<resourcename>_key
. If you are changing the image used by the resources, the new images should also be able to accept files as credential sources by setting them in environment variables like the images currently used. This why we use Bitnami images instead of official images for some resources, as they all support this pattern, though it doesn't look like they support ARM.
If your alternate images can't do this, for example they only accept the password directly in the environment variable itself (I think the webhippie/mongodb image falls into this category), or the password is inside a larger file (like the redis.conf in official Redis images), you can work around this albeit not in an ideal manner.
For testing purposes, when you use ./walkoff.sh up
you can also specify the -d
debug flag, which sets all credentials to walkoff123456
. You can then hardcode that into the appropriate environment variable in base-compose.yml for webhippie/mongodb and into a redis.conf that you bind mount into the Redis service.
I think the real solution may be to support templating in the compose file, but roadmap is unclear at this point in time.
Thanks @adpham95 for taking the time to comment on this. That makes sense and being able to easily support other architectures and images via the compose file sounds like a great feature request. I'll try to resolve this following your recommendation above and will provide an update here.
@adpham95 :
resource_mongo:
image: webhippie/mongodb:latest
networks:
- walkoff_network
ports:
- 27016:27016
environment:
#Reference: https://hub.docker.com/r/webhippie/mongodb
- MONGODB_ROOT_USERNAME=walkoff
- MONGODB_ROOT_PASSWORD=walkoff123456
volumes:
- walkoff_resource_mongo_volume:/data/db
command: mongod --port 27016
Error:
$ docker service logs -f walkoff_resource_mongo
authenticate db: admin { authenticate: 1, user: "walkoff", nonce: "xxx", key: "xxx" }
Failed to authenticate walkoff@admin with mechanism MONGODB-CR: AuthenticationFailed UserNotFound Could not find user walkoff@admin
Can you see if that image has the MONGO_INITDB_ROOT_USERNAME
and MONGO_INITDB_ROOT_PASSWORD
environment variables or variations thereof? They're not on the dockerhub page so I'm not sure, but in the official Mongo image, the INITDB
variant of those environment variables actually creates said user w/ password.
Hmm.
https://github.com/dockhippie/mongodb/blob/master/latest/overlay/etc/s6/mongodb/run#L92
If this is the correct source code, then at least it seems like that MONGODB_ROOT_USERNAME
should create the user. Maybe check the logs of the Mongo container to see if there's anything going wrong with that.
Nothing interesting in the Mongo container logs.
$ docker container logs -f f41494f.....
warning: 32-bit servers don't have journaling enabled by default. Please use --journal if you want durability.
[initandlisten] MongoDB starting : pid=1 port=27016 dbpath=/data/db 32-bit host=f41494f8a4c7
[initandlisten]
[initandlisten] ** NOTE: This is a 32 bit MongoDB binary.
[initandlisten] ** 32 bit builds are limited to less than 2GB of data (or less with --journal).
[initandlisten] ** Note that journaling defaults to off for 32 bit and is currently off.
[initandlisten] ** See http://dochub.mongodb.org/core/32bit
[initandlisten]
[initandlisten] db version v2.6.10
[initandlisten] git version: nogitversion
[initandlisten] OpenSSL version: OpenSSL 1.0.2g 1 Mar 2016
[initandlisten] build info: Linux kishi10 3.2.0-84-highbank #121-Ubuntu SMP PREEMPT Tue May 5 19:44:15 UTC 2015 armv7l BOOST_LIB_VERSION=1_58
[initandlisten] allocator: tcmalloc
[initandlisten] options: { net: { port: 27016 } }
[initandlisten] allocating new ns file /data/db/local.ns, filling with zeroes...
[FileAllocator] allocating new datafile /data/db/local.0, filling with zeroes...
[FileAllocator] creating directory /data/db/_tmp
[FileAllocator] done allocating datafile /data/db/local.0, size: 64MB, took 0.002 secs
[initandlisten] build index on: local.startup_log properties: { v: 1, key: { _id: 1 }, name: "_id_", ns: "local.startup_log" }
[initandlisten] added index to empty collection
[initandlisten] command local.$cmd command: create { create: "startup_log", size: 10485760, capped: true } ntoreturn:1 keyUpdates:0 numYields:0 reslen:37 1192ms
[initandlisten] waiting for connections on port 27016
[clientcursormon] mem (MB) res:39 virt:208
[clientcursormon] mapped:80
[clientcursormon] connections:0
[initandlisten] connection accepted from 10.0.12.89:32868 #1 (1 connection now open)
[initandlisten] connection accepted from 10.0.12.89:32870 #2 (2 connections now open)
[conn2] authenticate db: admin { authenticate: 1, user: "walkoff", nonce: "xxx", key: "xxx" }
[conn2] Failed to authenticate walkoff@admin with mechanism MONGODB-CR: AuthenticationFailed UserNotFound Could not find user walkoff@admin
[conn2] end connection 10.0.12.89:32870 (1 connection now open)
[conn1] end connection 10.0.12.89:32868 (1 connection now open)
Hey all, I'm using the arm image "webhippie/mongodb:latest" and I get the following error, any idea how to troubleshoot and solve this?