侧边栏壁纸
博主头像
WinJay博主等级

博观而约取 厚积而薄发

  • 累计撰写 307 篇文章
  • 累计创建 165 个标签
  • 累计收到 1 条评论
隐藏侧边栏

Docker容器MongoDB的授权_备份_还原

WinJay
2021-08-24 / 0 评论 / 0 点赞 / 82 阅读 / 8,016 字 / 正在检测是否收录...
温馨提示:
本文最后更新于 2021-12-15,若内容或图片失效,请留言反馈。部分素材来自网络,若不小心影响到您的利益,请联系我们删除。

参考网址:https://www.cnblogs.com/haiquan/p/13072525.html

https://www.runoob.com/mongodb/mongodb-mongodump-mongorestore.html

一、MongoDB授权

1,docker 安装mongodb

#!/bin/bash
# author:WinJayX
# date:2020-05-07
# Maintainer WinJayX <WinJayX@Gmail.com>
# func:MongoDB Docker Container 
# !!! -p 参数说明 -p :前的为宿主机的端口,后的为容器业务所需的端口!!!
docker rm -f MongoTest
docker run -d --name MongoTest \
    -u root \
    -h MongoDB \
    -p 27017:27017 \
    --restart always \
    --volume `pwd`/MongoData:/data/db \
    --volume /etc/localtime:/etc/localtime:ro \
    -e MONGO_INITDB_ROOT_USERNAME=admin \
    -e MONGO_INITDB_ROOT_PASSWORD=nerc.nerc/1 \
    mongo --auth

2,进入容器

docker exec -it MongoTest /bin/bash

3,输入mongo进入mongo shell

[root@Container 001.MSSQL]# docker exec -it MongoTest bash
root@MongoDB:/# mongo
MongoDB shell version v5.0.2
connecting to: mongodb://127.0.0.1:27017/?compressors=disabled&gssapiServiceName=mongodb
Implicit session: session { "id" : UUID("15a12b60-022e-4ddf-ade0-9e82a761ceac") }
MongoDB server version: 5.0.2
================
Warning: the "mongo" shell has been superseded by "mongosh",
which delivers improved usability and compatibility.The "mongo" shell has been deprecated and will be removed in
an upcoming release.
We recommend you begin using "mongosh".
For installation instructions, see
https://docs.mongodb.com/mongodb-shell/install/
================
Welcome to the MongoDB shell.
For interactive help, type "help".
For more comprehensive documentation, see
	https://docs.mongodb.com/
Questions? Try the MongoDB Developer Community Forums
	https://community.mongodb.com
>

4, use admin 选择admin库创建管理员账号

db.createUser({ user: 'admin', pwd: 'nerc.nerc/1', roles: [ { role: "userAdminAnyDatabase", db: "admin" } ] });


#如果容器启动时已指定用户名及密码则需要先登录,输入:
db.auth('admin','nerc.nerc/1')

5, db.auth("admin","admin")返回1,则认证成功

image.png

6, db.system.users.find().pretty() 查看全局所有账户

> db.auth('admin','nerc.nerc/1')
1
> db.system.users.find().pretty()		#查看全局所有账户 
{
	"_id" : "admin.admin",
	"userId" : UUID("160ca492-85d7-4ac6-9f58-97761c086ae7"),
	"user" : "admin",
	"db" : "admin",
	"credentials" : {
		"SCRAM-SHA-1" : {
			"iterationCount" : 10000,
			"salt" : "OBHgBIZV8Vj9naESL0ogoA==",
			"storedKey" : "l1ess/gxgtSOITHf5lVFwQhlHi8=",
			"serverKey" : "xwKL4T+hWeuLFEpTIBNYA5fX/KU="
		},
		"SCRAM-SHA-256" : {
			"iterationCount" : 15000,
			"salt" : "bI3BRSb77OWmEwB006Hzb2sj7BOli55BoEgiDg==",
			"storedKey" : "TlRcUileHPG1bPeAu+9kWS56Def7Vsepp+gZhIjuFs8=",
			"serverKey" : "E1bZt1/rv07Kq1l1sUH8mQ5bEh147JkwR1SBPRvL58Q="
		}
	},
	"roles" : [
		{
			"role" : "root",
			"db" : "admin"
		}
	]
}
{
	"_id" : "wechatdev.wechat",
	"userId" : UUID("357eab8b-245b-442e-84b0-53ef9936012f"),
	"user" : "wechat",
	"db" : "wechatdev",
	"credentials" : {
		"SCRAM-SHA-1" : {
			"iterationCount" : 10000,
			"salt" : "9nMRplh+zAJDusJyvqekQA==",
			"storedKey" : "yR1OqqRJK8n9xYp+GxZ5Oc/dXP0=",
			"serverKey" : "O/CL/aSHBl3I7SnAWWZnibHZ0NQ="
		},
		"SCRAM-SHA-256" : {
			"iterationCount" : 15000,
			"salt" : "p9LWUfmDNOK+Nny7EzTb8prptx81FUcAXC6Wpg==",
			"storedKey" : "eN3f0n7FVk1cGx7LRbHfyfK/7ldig4xjAg48kOA4i28=",
			"serverKey" : "ZSQiIIezDUM/rlUeMDX/cpe2ENnZ/wmeJSH0suZmQFU="
		}
	},
	"roles" : [
		{
			"role" : "readWrite",
			"db" : "wechatdev"
		}
	]
}
{
	"_id" : "wechat-0518.admin",
	"userId" : UUID("35f57feb-e040-4fc7-9d86-842d87f9237b"),
	"user" : "admin",
	"db" : "wechat-0518",
	"credentials" : {
		"SCRAM-SHA-1" : {
			"iterationCount" : 10000,
			"salt" : "GlUmK/TOSLdLAk/1/pUyRw==",
			"storedKey" : "bzHzjYYtYbYSEIhUDqEtONTOxnU=",
			"serverKey" : "/1Le+s+ryiJrg2RQ2ik0DTbDE+Q="
		},
		"SCRAM-SHA-256" : {
			"iterationCount" : 15000,
			"salt" : "HmPO3nB8lBg75OjeS8N/pbY1tZtKCkfDIpbiZA==",
			"storedKey" : "t2R8NKvZ2s5x2d2FRw6cNeBGSATE0k3AWLMpvQ8Io+A=",
			"serverKey" : "nWmzfyhQXSYfYly1O3BaxsleEu2z6Pf3zzu8LF8JbRo="
		}
	},
	"roles" : [
		{
			"role" : "readWrite",
			"db" : "wechat-0518"
		}
	]
}
{
	"_id" : "wechat-0520.admin",
	"userId" : UUID("ba7de9a8-aa1b-4747-9a07-39b3181a66a6"),
	"user" : "admin",
	"db" : "wechat-0520",
	"credentials" : {
		"SCRAM-SHA-1" : {
			"iterationCount" : 10000,
			"salt" : "rLxHEU98WeCYDjQJOHvCog==",
			"storedKey" : "Vp4d85H40M1//N6yIgvKF3XWVHg=",
			"serverKey" : "VgDivDUJ4EIT0wrxhMfpTg4dfj4="
		},
		"SCRAM-SHA-256" : {
			"iterationCount" : 15000,
			"salt" : "GReA69+KzI4i3nEoIORiLI9whJ7Sne50u0XoBw==",
			"storedKey" : "TbrGJHwO50t8lgaqm2Y8zWpnwWK2lhgIl33hTw7vszo=",
			"serverKey" : "Hwf+r/XyjMmcihXDpaM3MZOgVaNrfROZSdyjgi9WuFU="
		}
	},
	"roles" : [
		{
			"role" : "readWrite",
			"db" : "wechat-0518"
		}
	]
}
{
	"_id" : "test.admin",
	"userId" : UUID("0e88e062-4409-4ae4-a348-45b86b60e5a3"),
	"user" : "admin",
	"db" : "test",
	"credentials" : {
		"SCRAM-SHA-1" : {
			"iterationCount" : 10000,
			"salt" : "xUCAx1Gt75b/vpA4jxKO1w==",
			"storedKey" : "sJULlwapTHKsCjqcRdz27jX3nJs=",
			"serverKey" : "9GDmmxfbEvb6bwcwYRVf4LQ7nBM="
		},
		"SCRAM-SHA-256" : {
			"iterationCount" : 15000,
			"salt" : "h6X6jACYid01VEncs+Xi4xupNVuLSXKv+k4p+A==",
			"storedKey" : "p/ek07fB5aPWpx1cCTdzRrx0Sltv0gXQ98YrXKyuC+0=",
			"serverKey" : "SMZpVw9ayetzfEc816z07kXxendzsUzQ5tg64KN709w="
		}
	},
	"roles" : [
		{
			"role" : "readWrite",
			"db" : "wechat-0520"
		}
	]
}
{
	"_id" : "wechat-test.admin",
	"userId" : UUID("ea9c0a00-ca44-4c04-9667-fc8907340aff"),
	"user" : "admin",
	"db" : "wechat-test",
	"credentials" : {
		"SCRAM-SHA-1" : {
			"iterationCount" : 10000,
			"salt" : "4zLj0yEXz8/zc8jObxLNww==",
			"storedKey" : "zYFx/UvdQwrOr70xtE3N9/m/7xw=",
			"serverKey" : "YTEshFatzoB5BlPBe2gTikOKmTc="
		},
		"SCRAM-SHA-256" : {
			"iterationCount" : 15000,
			"salt" : "5cgJDieWexoA0SYFE6GaGgkXZhvGTKJU31mh7w==",
			"storedKey" : "NHQpuAIZYHMh6MXGlPOJVYn5aam3sZjWS9r6KJTuVqM=",
			"serverKey" : "Ch5IaGR46rGT3gULNlphyHcZUsqwV1OMOKHRcGOdSF0="
		}
	},
	"roles" : [
		{
			"role" : "readWrite",
			"db" : "wechat-test"
		}
	]
}

####7,切换到想要加密的数据库
如 use app
db.createUser({user: "user", pwd: "user", roles: [{ role: "readWrite", db: "app"}]}); 其中readWrite可以替换为dbOwner(拥护最高权限)

8.登录测试

db.auth("user","user")返回1,则认证成功

二、MongoDB备份还原

1.进入容器

docker exec -it <你的MongodDB容器名> /bin/bash

2.容器中执行

mongodump -h 127.0.0.1 --port 27017 -u=用户名 -p=密码 -d test -o /dump

参数作用
-hhost
--port端口
-d指定数据库
-o指定备份到哪个目录,不指定直接备份到根目录的/dump文件夹
-u用户名
-p密码

系统备份成功会在/home/dump目录下自动生成一个数据库名的文件夹/test,里面是全部Collection备份的json文件.

3,容器中执行 tar -czvf test.tar.gz /dump/test

4,从容器复制到宿主

docker cp <你的MongodDB容器名>:/dump/test.tar.gz /home

5,从宿主机到容器

  • 进入docker mongodb容器:docker exec -it mymongo /bin/sh

  • 在docker容器新建mongodb数据要导入的目录,mkdir -p /opt/mongodbBack/

  • docker cp linux备份mongodb的数据文件(不是文件夹) mymongo(容器名称或id):/opt/mongodbBack/

6,还原备份

亦可参考MongoDB的备份与恢复

进入docker mongodb容器:docker exec -it mymongo /bin/sh

mongorestore -h IP:port 端口 -u 用户名 -p 密码 -d 数据库 --drop 文件存在路径

​ --drop:先删除所有的记录,然后恢复.【drop慎用】

docker exec -it <containerName>/<containerId> mongorestore -h IP:port 端口 -u 用户名 -p 密码 -d 数据库 --drop 文件存在路径

​ # 执行命令恢复
docker exec -it mymongo mongorestore -h 127.0.0.1:27017 -u admin -p admin123456 -d admin --dir /data/backup/admin

0

评论区