Cygnus和mongodb:身份验证失败

时间:2018-04-26 15:18:59

标签: mongodb docker fiware fiware-cygnus

我正在尝试将cygnus和mongdb与docker一起使用。

我的码头组成:

cygnus:
    image: fiware/cygnus-ngsi:1.7.1
    hostname: cygnus
    container_name: cygnus
    volumes:
      - ./config/cygnus/agent.conf:/opt/apache-flume/conf/agent.conf
    links:
      - mysql-cygnus:mysql-cygnus
    external_links:
      - mongodb:mongodb
    expose:
      - "5050"
    ports:
      - "5050:5050"
    environment:
      - CYGNUS_MONGO_HOSTS=mongodb:27017
      - CYGNUS_MONGO_USER=cygnus
      - CYGNUS_MONGO_PASS=f10t_Mongo
      - CYGNUS_LOG_LEVEL=INFO

...

mongodb:
    image: mongo:3.4.7
    hostname: mongodb
    image: aashreys/mongo-auth:latest
    expose: 
      - "27017"
    ports:
      - "27017:27017"
    environment:
      - AUTH=yes
      - MONGODB_ADMIN_USER=admin_cygnus
      - MONGODB_ADMIN_PASS=admin_cygnus 
    expose:
      - "27017"
    ports:
      - "27017:27017"

我的agent.conf 

cygnus-ngsi.sinks.mongo-sink.mongo_hosts = mongodb:27017
cygnus-ngsi.sinks.mongo-sink.mongo_username = cygnus
cygnus-ngsi.sinks.mongo-sink.mongo_password = f10t_Mongo

但我参加了天鹅座日志:

msg=com.telefonica.iot.cygnus.sinks.NGSISink[533] : Persistence error.     
Message: -, Timed out after 30000 ms while waiting for a server that matches PrimaryServerSelector. 
Client view of cluster state is {type=UNKNOWN, servers=[{address=mongodb:27017, type=UNKNOWN, state=CONNECTING, exception={com.mongodb.MongoSecurityException: Exception authenticating MongoCredential{mechanism=null, userName='cygnus', source='cygnus_imd', password=<hidden>, mechanismProperties={}}}, caused by {com.mongodb.MongoCommandException:
Command failed with error 18: 'Authentication failed.' on server mongodb:27017. The full response is { "ok" : 0.0, "errmsg" : "Authentication failed.", "code" : 18, "codeName" : "AuthenticationFailed" }}}]

和mongo log:

2018-04-25T20:59:19.684+0000 I ACCESS   [conn136] SCRAM-SHA-1 authentication failed for cygnus on cygnus_imd from client 172.18.0.4:37250 ; UserNotFound: Could not find user cygnus@cygnus_imd

我解决了在数据库cygnus_imd中创建用户的问题:

use cygnus_imd
db.createUser(
   {
     user: "cygnus",
     pwd: "f10t_Mongo",
     roles: [ "readWrite", "dbAdmin" ]
   }
);

但我不认为这是一个很好的解决方案,因为我不能为我的天鹅座的每个数据集创建一个用户,它应该自动完成。我认为身份验证不适用于数据库为空。但在开始时,所有数据库都是空的。所以我不知道如何解决它。

1 个答案:

答案 0 :(得分:1)

我认为在处理身份验证时你无法避免这种情况。由于认证机制的目的是确保实体的识别,因此您可以对一组数据集使用唯一标识(用户)。如果没有安全问题,可能会使用admin用户,因为您将dbAdmin指定为用户的一个角色。

相关问题
最新问题