Mongo crash when I use --user
damienmillet opened this issue · 2 comments
maybe should you update the image with docker's new feature.
How can I save my database if I can't persist this directory...
Not sure what do you mean but to persist your database, you just need to mount data path to docker volume.
docker run -d --name mongodb --restart=unless-stopped \
-e MONGO_INITDB_ROOT_USERNAME=username \
-e MONGO_INITDB_ROOT_PASSWORD=password \
-v /var/lib/docker/volumes/mongo-data/_data:/data/db \
-p 27017:27017 \
mongo --wiredTigerCacheSizeGB 3
The image has supported running as an arbitrary user since #81. The caveat is that the operator running the container must supply a data directory that the chosen --user can write to (since the entrypoint script can't chown it as a non-root user).
I am unable to reproduce any crash:
$ ls -lna data
total 8
drwxrwsr-x 2 1000 1000 4096 Jan 24 15:53 .
drwxrwsr-x 4 1000 1000 4096 Jan 4 2023 ..
$ docker run -it --rm --user "$(id -u):$(id -g)" --mount "type=bind,src=$PWD/data/,dst=/data/db" --name mgo mongo
...
{"t":{"$date":"2023-07-20T23:11:18.031+00:00"},"s":"I", "c":"NETWORK", "id":23015, "ctx":"listener","msg":"Listening on","attr":{"address":"/tmp/mongodb-27017.sock"}}
{"t":{"$date":"2023-07-20T23:11:18.031+00:00"},"s":"I", "c":"NETWORK", "id":23015, "ctx":"listener","msg":"Listening on","attr":{"address":"0.0.0.0"}}
{"t":{"$date":"2023-07-20T23:11:18.032+00:00"},"s":"I", "c":"NETWORK", "id":23016, "ctx":"listener","msg":"Waiting for connections","attr":{"port":27017,"ssl":"off"}}
$ docker top mgo
UID PID PPID C STIME TTY TIME CMD
1000 687807 687786 14 23:09 ? 00:00:00 mongod --bind_ip_all
$ ls -lna data/
total 216
drwxrwsr-x 4 1000 1000 4096 Jul 20 16:12 .
drwxrwsr-x 4 1000 1000 4096 Jan 4 2023 ..
-rw------- 1 1000 1000 50 Jul 20 16:12 WiredTiger
-rw------- 1 1000 1000 21 Jul 20 16:12 WiredTiger.lock
-rw------- 1 1000 1000 1464 Jul 20 16:12 WiredTiger.turtle
-rw------- 1 1000 1000 49152 Jul 20 16:12 WiredTiger.wt
-rw------- 1 1000 1000 4096 Jul 20 16:12 WiredTigerHS.wt
-rw------- 1 1000 1000 20480 Jul 20 16:12 _mdb_catalog.wt
-rw------- 1 1000 1000 20480 Jul 20 16:12 collection-0-2226854324434403819.wt
-rw------- 1 1000 1000 20480 Jul 20 16:12 collection-2-2226854324434403819.wt
-rw------- 1 1000 1000 4096 Jul 20 16:12 collection-4-2226854324434403819.wt
drwx--S--- 2 1000 1000 4096 Jul 20 16:12 diagnostic.data
-rw------- 1 1000 1000 20480 Jul 20 16:12 index-1-2226854324434403819.wt
-rw------- 1 1000 1000 20480 Jul 20 16:12 index-3-2226854324434403819.wt
-rw------- 1 1000 1000 4096 Jul 20 16:12 index-5-2226854324434403819.wt
-rw------- 1 1000 1000 4096 Jul 20 16:12 index-6-2226854324434403819.wt
drwx--S--- 2 1000 1000 4096 Jul 20 16:12 journal
-rw------- 1 1000 1000 0 Jul 20 16:12 mongod.lock
-rw------- 1 1000 1000 20480 Jul 20 16:12 sizeStorer.wt
-rw------- 1 1000 1000 114 Jul 20 16:12 storage.bsonAlternatively, you can just use a named volume and let Docker manage the data directory (but then, you'd have to let the image start as root so that it can chown it to the mongo user, or you have to prep the permissions of the volume).