我想在 docker swarm secrets 中使用。 我初始化了 docker swarm。
我用以下方法创建秘密:
echo "password1" | docker secret create my_mysql_wordpress_password -
echo "password2" | docker secret create my_mysql_root_password -
然后我使用以下命令部署堆栈:
docker stack deploy -c mysql.yml mysql
mysql.yml 文件:
version: "3.7"
services:
mysql:
image: mariadb:latest
ports:
- "0.0.0.0:3306:3306"
deploy:
replicas: 1
labels:
- "traefik.enable=false"
environment:
- MYSQL_USER=wordpress_admin
- MYSQL_PASSWORD=/run/secrets/my_mysql_wordpress_password
- MYSQL_ROOT_PASSWORD=/run/secrets/my_mysql_root_password
secrets:
- my_mysql_wordpress_password
- my_mysql_root_password
volumes:
- mysql_data:/var/lib/mysql
networks:
- traefik-backend
secrets:
my_mysql_wordpress_password:
external: true
my_mysql_root_password:
external: true
volumes:
mysql_data:
driver: local
driver_opts:
o: bind
type: none
device: /data/mysql_data
networks:
traefik-backend:
external: true
现在数据库服务器启动。 当我现在尝试连接到服务器时,root 的密码不是“password2”(来自秘密的值),密码是“/run/secrets/my_mysql_root_password”
怎么了?为什么密码是 run-String 而不是来自 secret 的值?
答案 0 :(得分:0)
查看不同的文档后,似乎解决方案不清楚。我也不明白它是如何/为什么工作的,但这是对我有用的:
version: "3.7"
services:
mysql:
image: mariadb:latest
ports:
- "0.0.0.0:3306:3306"
deploy:
replicas: 1
labels:
- "traefik.enable=false"
environment:
- MYSQL_USER=wordpress_admin
- MYSQL_PASSWORD_FILE=/run/secrets/my_mysql_wordpress_password
- MYSQL_ROOT_PASSWORD_FILE=/run/secrets/my_mysql_root_password
secrets:
- my_mysql_wordpress_password
- my_mysql_root_password
volumes:
- mysql_data:/var/lib/mysql
networks:
- traefik-backend
secrets:
my_mysql_wordpress_password:
external: true
my_mysql_root_password:
external: true
...
将“_FILE”添加到环境变量即可。