Menu
i have a MongoDB cluster on my MacBook m1 with the following docker-compose :
version: "3.5"
services:
mongodb1:
image: mongo
container_name: auths_mongodb1
restart: always
healthcheck:
test: echo 'db.runCommand("ping").ok; exit()' | mongosh --host localhost:27017 -u root -p root --quiet
interval: 5s
timeout: 5s
retries: 5
start_period: 30s
ulimits:
nofile:
soft: 65536
hard: 65536
expose:
- 27017
ports:
- "10100:27017"
command: mongod --replSet rs0 --config /etc/mongod.conf
volumes:
- ./docker/mongodb/r1/data/db:/data/db
- ./docker/mongodb/r1/data/configdb:/data/configdb
- ./docker/mongodb/r1/keys:/keys
- ./docker/mongodb/r1/mongod.conf:/etc/mongod.conf
environment:
MONGO_INITDB_ROOT_USERNAME: root
MONGO_INITDB_ROOT_PASSWORD: root
mongodb2:
image: mongo
container_name: auths_mongodb2
restart: always
healthcheck:
test: echo 'db.runCommand("ping").ok; exit()' | mongosh --host localhost:27017 -u root -p root --quiet
interval: 5s
timeout: 5s
retries: 5
start_period: 30s
ulimits:
nofile:
soft: 65536
hard: 65536
ports:
- "10101:27017"
command: mongod --replSet rs0 --config /etc/mongod.conf
volumes:
- ./docker/mongodb/r2/data/db:/data/db
- ./docker/mongodb/r2/data/configdb:/data/configdb
- ./docker/mongodb/r2/keys:/keys
- ./docker/mongodb/r2/mongod.conf:/etc/mongod.conf
environment:
MONGO_INITDB_ROOT_USERNAME: root
MONGO_INITDB_ROOT_PASSWORD: root
mongodb3:
image: mongo
container_name: auths_mongodb3
restart: always
healthcheck:
test: echo 'db.runCommand("ping").ok; exit()' | mongosh --host localhost:27017 -u root -p root --quiet
interval: 5s
timeout: 5s
retries: 5
start_period: 30s
ulimits:
nofile:
soft: 65536
hard: 65536
ports:
- "10102:27017"
command: mongod --replSet rs0 --config /etc/mongod.conf
volumes:
- ./docker/mongodb/r3/data/db:/data/db
- ./docker/mongodb/r3/data/configdb:/data/configdb
- ./docker/mongodb/r3/keys:/keys
- ./docker/mongodb/r3/mongod.conf:/etc/mongod.conf
environment:
MONGO_INITDB_ROOT_USERNAME: root
MONGO_INITDB_ROOT_PASSWORD: root
# this container will exit after executing the command
mongodb:
image: mongo:5.0
container_name: auths_mongodb
restart: 'no'
command: >
mongosh --host auths_mongodb1:27017 -u root -p root --eval
'
config = {
"_id" : "rs0",
"members" : [
{
"_id" : 0,
"host" : "auths_mongodb1:27017"
},
{
"_id" : 1,
"host" : "auths_mongodb2:27017"
},
{
"_id" : 2,
"host" : "auths_mongodb3:27017"
}
]
};
rs.initiate(config);
'
depends_on:
- mongodb1
- mongodb2
- mongodb3
and I created KeyFile with the following command :
openssl rand -base64 756
but after i start the docker compose it throws error with do not run the cluster. error is following below :
{"t":{"$date":"2023-07-07T07:39:30.505+00:00"},"s":"I", "c":"NETWORK", "id":4915701, "ctx":"-","msg":"Initialized wire specification","attr":{"spec":{"incomingExternalClient":{"minWireVersion":0,"maxWireVersion":17},"incomingInternalClient":{"minWireVersion":0,"maxWireVersion":17},"outgoing":{"minWireVersion":6,"maxWireVersion":17},"isInternalClient":true}}}
{"t":{"$date":"2023-07-07T07:39:30.507+00:00"},"s":"I", "c":"CONTROL", "id":23285, "ctx":"-","msg":"Automatically disabling TLS 1.0, to force-enable TLS 1.0 specify --sslDisabledProtocols 'none'"}
{"t":{"$date":"2023-07-07T07:39:30.508+00:00"},"s":"I", "c":"NETWORK", "id":4648601, "ctx":"main","msg":"Implicit TCP FastOpen unavailable. If TCP FastOpen is required, set tcpFastOpenServer, tcpFastOpenClient, and tcpFastOpenQueueSize."}
{"t":{"$date":"2023-07-07T07:39:30.513+00:00"},"s":"I", "c":"ACCESS", "id":20254, "ctx":"main","msg":"Read security file failed","attr":{"error":{"code":30,"codeName":"InvalidPath","errmsg":"error opening file: /keys/keyFile: bad file"}}}
{"t":{"$date":"2023-07-07T07:39:30.514+00:00"},"s":"I", "c":"SHARDING", "id":5847201, "ctx":"main","msg":"Balancer command scheduler stop requested"}
{"t":{"$date":"2023-07-07T07:39:30.514+00:00"},"s":"I", "c":"ASIO", "id":22582, "ctx":"main","msg":"Killing all outstanding egress activity."}
{"t":{"$date":"2023-07-07T07:39:30.514+00:00"},"s":"F", "c":"CONTROL", "id":20575, "ctx":"main","msg":"Error creating service context","attr":{"error":"Location5579201: Unable to acquire security key[s]"}}
i permitted keyfile with the 600 and 400 but stills get this error . how i can fix this issue ?
261
asked Oct 21 '25 03:10
The container application sees the key file differently of the host.
You must grant the same permissions for the key file on the container folder, even you have granted it on host.
After create the key file using:
openssl rand -base64 756 > /path/to/key/file
Grant, on the host, permission for the file:
chmod 400 /path/to/key/file
So, before you run the mongod command on the docker-compose.yml file, assure that the key file has the same permissions of the host file on the container volume, running the chmod and chown commands.
Here is an example (mongodb-key is the key file):
version: "3.8"
services:
mongodb:
image: mongo:6.0.13-jammy
command:
- /bin/sh
- -c
- |
chmod 400 /keys/mongodb-key
chown 999:999 /keys/mongodb-key
mongod --replSet rs0 --keyFile /keys/mongodb-key --bind_ip_all
container_name: mongodb
environment:
MONGO_INITDB_ROOT_USERNAME: "YOUR_USER"
MONGO_INITDB_ROOT_PASSWORD: "YOUR_PASSWORD"
restart: on-failure
ports:
- "27017:27017"
volumes:
- /path/to/key/dir:/keys
- /path/to/data/dir:/data/db
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With