Docker image for MongoDB

Hi Guys,
I am currently looking at percona and mongodb enterprise. I am wanting to test the docker image supplied at dockerhub and test the encryption at rest functionality as well as some other functions.

I am trying to find all the options I can pass the image at runtime I can see the examples in the dockerhub page like
–storageEngine=RocksDB so this looks like I can simply pass mongo.conf parameters to the image is this correct.

so would enabling encryption be as simple as --enableEncryption=True etc. has anyone set this up via the docker image I cant see a list of all options so if you can point me to the documentation that would be great.

Hi sqrl,

You could pass the arguments for mongod in docker while setting up the container like you pass arguments to mongod in command prompt usually. For example, to run the mongodb with encryption, you need PSMDB 3.6.8 or more. So you can do the following:

docker pull percona/percona-server-mongodb:3.6.10
docker run -it --rm percona/percona-server-mongodb:3.6.10 mongod --help

The above command will show you the list of arguments available for you to pass in mongod. If you want encryption, then you need to pass the key file as well for the mongod and also the key idea here for encryption is to keep the data encrypted and in separate partition. So you can map the local partition with docker partition as well. I have shown you a simple example below to start a database:

docker run -d -v /Users/vinodhkrish/docker/key/:/mongodb/key -v /Users/vinodhkrish/docker/data:/mongodb/data --name psmdb36 -p 27020:27020 percona/percona-server-mongodb:3.6.10 mongod --port 27020 --enableEncryption --encryptionKeyFile /mongodb/key/mongodb.key --logpath /var/log/mongodb.log --logappend --dbpath /mongodb/data

And check the instance started:

$ docker exec -it psmdb36 mongo localhost:27020 --eval "db.adminCommand( { getCmdLineOpts: 1 } )"
Percona Server for MongoDB shell version v3.6.10-3.0
connecting to: mongodb://localhost:27020/test?gssapiServiceName=mongodb
Implicit session: session { "id" : UUID("0475753c-6c21-40fd-820f-cbcb4dc82fdc") }
Percona Server for MongoDB server version: v3.6.10-3.0
{
"argv" : [
"mongod",
"--port",
"27020",
"--enableEncryption",
"--encryptionKeyFile",
"/mongodb/key/mongodb.key",
"--logpath",
"/var/log/mongodb.log",
"--logappend",
"--dbpath",
"/mongodb/data",
"--bind_ip_all"
],
"parsed" : {
"net" : {
"bindIpAll" : true,
"port" : 27020
},
"security" : {
"enableEncryption" : true,
"encryptionKeyFile" : "/mongodb/key/mongodb.key"
},
"storage" : {
"dbPath" : "/mongodb/data"
},
"systemLog" : {
"destination" : "file",
"logAppend" : true,
"path" : "/var/log/mongodb.log"
}
},
"ok" : 1
}

Hope this helps you!

Regards,
Vinodh Krish

I m not able to set permissions on the key, because if I set something less 600 I receive the error too open when I run the container. If I set 600 I receive an error it can’t read the file…

Would you help me? it seems I should start the container with the proper user