I'a trying to set a mongodb user password whend makeing a docker-compose file for graylog.
But i can't set up the user and the password correctly.
here is my docker-compose.yml :
version: '2'
services:
# MongoDB: https://hub.docker.com/_/mongo/
mongodb:
image: mongo:4.2
volumes:
- mongo_data:/data/db
environment:
- MONGO_INITDB_ROOT_USERNAME=user
- MONGO_INITDB_ROOT_PASSWORD=password
- MONGO_INITDB_DATABASE=graylog
ports:
# mongodb
- 27017:27017
# Elasticsearch: https://www.elastic.co/guide/en/elasticsearch/reference/7.10/docker.html
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch-oss:7.10.2
volumes:
- es_data:/usr/share/elasticsearch/data
environment:
- http.host=0.0.0.0
- transport.host=localhost
- network.host=0.0.0.0
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
ulimits:
memlock:
soft: -1
hard: -1
mem_limit: 1g
# Graylog: https://hub.docker.com/r/graylog/graylog/
graylog:
image: graylog/graylog:4.1
volumes:
- graylog_data:/usr/share/graylog/data
environment:
# CHANGE ME (must be at least 16 characters)!
- GRAYLOG_PASSWORD_SECRET=somepasswordpepper
# Password: admin
- GRAYLOG_ROOT_PASSWORD_SHA2=8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918
- GRAYLOG_HTTP_EXTERNAL_URI=http://127.0.0.1:9000/
- MONGODB_URI=mongodb://user:password@localhost:27017/graylog
- GRAYLOG_MONGODB_URI=mongodb://user:password@localhost:27017/graylog
- MONGO_INITDB_ROOT_USERNAME=user
- MONGO_INITDB_ROOT_PASSWORD=password
- GRAYLOG_MONGO_INITDB_ROOT_USERNAME=user
- GRAYLOG_MONGO_INITDB_ROOT_PASSWORD=password
entrypoint: /usr/bin/tini -- wait-for-it elasticsearch:9200 -- /docker-entrypoint.sh
links:
- mongodb:mongo
- elasticsearch
restart: always
depends_on:
- mongodb
- elasticsearch
ports:
# Graylog web interface and REST API
- 9000:9000
# Syslog TCP
- 1514:1514
# Syslog UDP
- 1514:1514/udp
# GELF TCP
- 12201:12201
# GELF UDP
- 12201:12201/udp
# Volumes for persisting data, see https://docs.docker.com/engine/admin/volumes/volumes/
volumes:
mongo_data:
driver: local
es_data:
driver: local
graylog_data:
driver: local
but i still have a :
graylog_1 | 2021-06-30 07:00:32,022 INFO : org.mongodb.driver.cluster - Cluster description not yet available. Waiting for 30000 ms before timing out graylog_1 | 2021-06-30 07:00:32,022 INFO : org.mongodb.driver.cluster - Exception in monitor thread while connecting to server localhost:27017 graylog_1 | com.mongodb.MongoSocketOpenException: Exception opening socket graylog_1 | at com.mongodb.internal.connection.SocketStream.open(SocketStream.java:70) ~[graylog.jar:?] graylog_1 | at com.mongodb.internal.connection.InternalStreamConnection.open(InternalStreamConnection.java:128) ~[graylog.jar:?] graylog_1 | at com.mongodb.internal.connection.DefaultServerMonitor$ServerMonitorRunnable.run(DefaultServerMonitor.java:117) [graylog.jar:?] graylog_1 | at java.lang.Thread.run(Thread.java:748) [?:1.8.0_292] graylog_1 | Caused by: java.net.ConnectException: Connection refused (Connection refused)
So any idea how to specify the user / password in the docker compose file ?
The error message says that the connection is refused (=the port is closed). This is because you have used localhost as the database address here:
- GRAYLOG_MONGODB_URI=mongodb://user:password@localhost:27017/graylog
Change localhost for mongodb:
- GRAYLOG_MONGODB_URI=mongodb://user:password@mongodb:27017/graylog
Under normal circumstances localhost inside a container refers to the container itself. Since graylog container does not have a mongodb instance inside it, it tells you that there is nothing listening on localhost:27017 in graylog container.
After this change graylog may tell you that it cannot connect due to bad credentials. This is because user created by MONGO_INITDB_ROOT_USERNAME is added to the admin database (not 'graylog'). I guess you need to create a user manually if you haven't already.
Also, these:
- MONGODB_URI=mongodb://user:password@localhost:27017/graylog
- MONGO_INITDB_ROOT_USERNAME=user
- MONGO_INITDB_ROOT_PASSWORD=password
- GRAYLOG_MONGO_INITDB_ROOT_USERNAME=user
- GRAYLOG_MONGO_INITDB_ROOT_PASSWORD=password
have no effect on graylog.