Not the answer you need?
Register and ask your own question!

Use authorization for www panel at percona server

cofee_drip_for_admincofee_drip_for_admin EntrantCurrent User Role Beginner
Hello, I try to enable password to www interface at percona monitoring server installed on docker. sudo docker run -d -p 80 \-e SERVER_PASSWORD=mypassword \percona/pmm-server:latest but it is not working. What should be the correct command syntax. Many thanks for fast feedback ;) Next steps will be enabled 443 and install certificate. How can I additionally secure the interface against attacks?

Comments

  • lorraine.pocklingtonlorraine.pocklington Percona Community Manager Legacy User Role Patron
  • cofee_drip_for_admincofee_drip_for_admin Entrant Current User Role Beginner
    Yes but some information about password shows up for a very short moment and interface loaded without password. I have latest server version on ubuntu 18.04
  • cofee_drip_for_admincofee_drip_for_admin Entrant Current User Role Beginner
    Additionally have error response from daemon: conflikt the container name "/pmm-server" is already in use by container "fuyf32939...." You have to remove (or rename) that container to be able to reuse that name. after all, I am trying to change data for an existing konetner.. what i am doing wrong??
  • lorraine.pocklingtonlorraine.pocklington Percona Community Manager Legacy User Role Patron
    Hello again, could you read this thread through until my first post there, and see if it helps?
    https://www.percona.com/forums/quest...ect-the-config

    If it leaves you in doubt, though, please come back and I will see if I can get further help for you. In that instance, if you could provide the information that Mykola asks for in that post that I provide the link for, above, then we should be able to help you out more quickly.
  • cofee_drip_for_admincofee_drip_for_admin Entrant Current User Role Beginner
    I'm sorry but I do not see at this topic the connection with my problem. OK from the beginning. I used your PDF manual and install fresh copy of percona server (automatic installation). I connect to my server from internet first time and I saw surprised that dashboard not login required. Second step - check your documentation why it is not required password (and there is no default password). Third steps tried to use the commands contained in the pdf and also posted on the website to enable login credentials. I have not yet made connections to monitoring client.
  • lorraine.pocklingtonlorraine.pocklington Percona Community Manager Legacy User Role Patron
    OK I will see if someone from the tech team can help.
  • IMPIMP Percona Percona Staff Role
    Hello,

    it looks you firstly set up an unprotected container, and then you tried to recreate it with
    # docker run -e SERVER_USER=user -e SERVER_PASSWORD=pass --name pmm-server [...]
    

    It is expected, that docker will refuse to run that, as pmm-server container already exists.

    Please delete it with the following command:
    # docker stop pmm-server && docker rm pmm-server
    

    and then recreate it including SERVER_USER and SERVER_PASSWORD env variables:
    # docker run -d -p 80:80 --volumes-from pmm-data --name pmm-server -e SERVER_USER=user -e SERVER_PASSWORD=pass  --restart always  percona/pmm-server:latest
    

    Note, that this operation is procedure is safe to run if you have pmm deployed with data stored on an additional container (pmm-data). You can verify that by running:
    # docker inspect pmm-server | jq .'[0].HostConfig.VolumesFrom'
    # docker inspect pmm-server | jq .'[0].Mounts'
    

    For SSL encryption, you need to modify the above procedure. Please see this guide: https://www.percona.com/doc/percona-monitoring-and-management/security.html#pmm-security-ssl-encryption-enabling

    Best,
    IMP
  • cofee_drip_for_admincofee_drip_for_admin Entrant Current User Role Beginner
    Now login credentials work, many thanks.
    Sorry but I am new in container technology. One questions. Whether both commands should give pmm-data? First output is pmm-data - that is ok. Second give me output:
    "Source": "/var/lib/docker/volumes/67ghdh86876.../_data" and "Destination": "/var/lib/mysql" . is it correct that it refers to an object outside the container? Do I understand it correctly?
  • IMPIMP Percona Percona Staff Role
    Hi,

    the first command
     # docker inspect pmm-server | jq .'[0].HostConfig.VolumesFrom'
    

    should return the name of the PMM's container (usually it is named pmm-data).

    The second command:
     # docker inspect pmm-server | jq .'[0].Mounts'
    
    should return all mount points used, like the one for Prometheus' data, etc. This is just additional check, because it's better safe than sorry. Best, IMP.
Sign In or Register to comment.

MySQL, InnoDB, MariaDB and MongoDB are trademarks of their respective owners.
Copyright ©2005 - 2020 Percona LLC. All rights reserved.