docker 带有 spring 引导应用程序的秘密在 docker 群模式下无法工作 /run/secrets
docker secret with spring boot application is not working in docker swarm mode /run/secrets
我正在尝试为 MySQL 容器和 spring 启动应用程序的数据库密码设置环境变量,这通常在 docker 机密中声明。
echo "db_secured_password" | docker secret create secret -
配置文件如下:
spring boot application's -> application.yml
db:
name: my-db
host: localhost
port: 3306
username: root
password: /run/secrets/db-root-password
spring:
application:
name: core-backend
datasource:
url: jdbc:mysql://${db.host}:${db.port}/${db.name}
username: ${db.username}
password: ${db.password}
used for docker stack in docker swarm mode -> docker-compose.yml
version: '3.1'
services:
mysql-db:
container_name: mysql-db
image: mysql:8.0.12
deploy:
restart_policy:
condition: on-failure
volumes:
- ./data/mysql:/var/lib/mysql
- ./conf/mysql/my.cnf:/etc/mysql/conf.d/my.cnf
environment:
- MYSQL_ROOT_PASSWORD=/run/secrets/db-root-password
- MYSQL_DATABASE=my_db
ports:
- "3306:3306"
secrets:
- db-root-password
spring-boot-app:
container_name: spring-boot-app
image: spring-boot-app:local
environment:
- DB_PASSWORD=/run/secrets/db-root-password
# Also tried adding with the file as property name
# - DB_PASSWORD_FILE=/run/secrets/db-root-password
ports:
- "8080:8080"
environment:
HOST_NAME: localhost
secrets:
- db-root-password
depends_on:
- mysql-db
secrets:
db-root-password:
external: true
I 运行 docker 堆栈使用以下命令:
docker stack deploy --with-auth-registry -c docker-compose.yml test-stack
I'm unable to get the value of the db-root-password property exactly
in spring boot app. When I inspect the value of db-root-password I
get the value as /run/secrets/db-root-password.
是不是少了什么?
如果我想以不同方式覆盖环境变量的值?
我认为您需要从机密文件装载密码,请参阅示例 "Use secrets in Compose" 此处 https://docs.docker.com/engine/swarm/secrets/#build-support-for-docker-secrets-into-your-images
我们通过使用 "printf" 而不是 "echo" 解决了同样的问题,echo 的问题是它会在 docker 秘密中留下一个换行符。您可以参考docker secret create => https://docs.docker.com/engine/reference/commandline/secret_create/
中的示例
我还有一个示例,将 docker 秘密直接加载到 spring 属性中,例如 "spring.datasource.password" => https://github.com/kwonghung-YIP/spring-boot-docker-secret
我正在尝试为 MySQL 容器和 spring 启动应用程序的数据库密码设置环境变量,这通常在 docker 机密中声明。
echo "db_secured_password" | docker secret create secret -
配置文件如下:
spring boot application's -> application.yml
db:
name: my-db
host: localhost
port: 3306
username: root
password: /run/secrets/db-root-password
spring:
application:
name: core-backend
datasource:
url: jdbc:mysql://${db.host}:${db.port}/${db.name}
username: ${db.username}
password: ${db.password}
used for docker stack in docker swarm mode -> docker-compose.yml
version: '3.1'
services:
mysql-db:
container_name: mysql-db
image: mysql:8.0.12
deploy:
restart_policy:
condition: on-failure
volumes:
- ./data/mysql:/var/lib/mysql
- ./conf/mysql/my.cnf:/etc/mysql/conf.d/my.cnf
environment:
- MYSQL_ROOT_PASSWORD=/run/secrets/db-root-password
- MYSQL_DATABASE=my_db
ports:
- "3306:3306"
secrets:
- db-root-password
spring-boot-app:
container_name: spring-boot-app
image: spring-boot-app:local
environment:
- DB_PASSWORD=/run/secrets/db-root-password
# Also tried adding with the file as property name
# - DB_PASSWORD_FILE=/run/secrets/db-root-password
ports:
- "8080:8080"
environment:
HOST_NAME: localhost
secrets:
- db-root-password
depends_on:
- mysql-db
secrets:
db-root-password:
external: true
I 运行 docker 堆栈使用以下命令:
docker stack deploy --with-auth-registry -c docker-compose.yml test-stack
I'm unable to get the value of the
db-root-passwordproperty exactly in spring boot app. When I inspect the value ofdb-root-passwordI get the value as/run/secrets/db-root-password.
是不是少了什么? 如果我想以不同方式覆盖环境变量的值?
我认为您需要从机密文件装载密码,请参阅示例 "Use secrets in Compose" 此处 https://docs.docker.com/engine/swarm/secrets/#build-support-for-docker-secrets-into-your-images
我们通过使用 "printf" 而不是 "echo" 解决了同样的问题,echo 的问题是它会在 docker 秘密中留下一个换行符。您可以参考docker secret create => https://docs.docker.com/engine/reference/commandline/secret_create/
中的示例我还有一个示例,将 docker 秘密直接加载到 spring 属性中,例如 "spring.datasource.password" => https://github.com/kwonghung-YIP/spring-boot-docker-secret