管理员不支持无密码访问数据库,使用 mongodb
Adminer does not support accessing a database without a password, using mongodb
这是我给管理员的 yaml:
kind: Service
metadata:
name: adminer-1598029219
labels:
app.kubernetes.io/name: adminer
helm.sh/chart: adminer-0.1.5
app.kubernetes.io/instance: adminer-1598029219
app.kubernetes.io/managed-by: Helm
spec:
type: NodePort
ports:
- port: 8000
targetPort: http
protocol: TCP
name: http
selector:
app.kubernetes.io/name: adminer
app.kubernetes.io/instance: adminer-1598029219
---
# Source: adminer/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: adminer-1598029219
labels:
app.kubernetes.io/name: adminer
helm.sh/chart: adminer-0.1.5
app.kubernetes.io/instance: adminer-1598029219
app.kubernetes.io/managed-by: Helm
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: adminer
app.kubernetes.io/instance: adminer-1598029219
template:
metadata:
labels:
app.kubernetes.io/name: adminer
app.kubernetes.io/instance: adminer-1598029219
spec:
containers:
- name: adminer
image: "dockette/adminer:full"
imagePullPolicy: IfNotPresent
ports:
- name: http
containerPort: 80
protocol: TCP
env:
- name: ADMINER_PLUGINS
value:
- name: ADMINER_DESIGN
value: pepa-linha
- name: ADMINER_DEFAULT_SERVER
value:
resources:
{}
livenessProbe:
null
readinessProbe:
null
这是我的 yaml mongoDB
kind: Service
metadata:
name: mongo
labels:
name: mongo
app: mongo
spec:
ports:
- port: 27017
targetPort: 27017
name: web
clusterIP: None
selector:
role: mongo
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: web
spec:
selector:
matchLabels:
app: mongo # has to match .spec.template.metadata.labels
serviceName: "mongo"
replicas: 3
template:
metadata:
labels:
app: mongo
spec:
terminationGracePeriodSeconds: 10
containers:
- name: mongo
image: mongo
command:
- mongod
- "--replSet"
- rs0
- "--smallfiles"
- "--noprealloc"
ports:
- containerPort: 27017
name: web
volumeMounts:
- name: mongo-persistent-storage
mountPath: /data/db
volumeClaimTemplates:
- metadata:
name: mongo-persistent-storage
annotations:
volume.beta.kubernetes.io/storage-class: "fast"
spec:
accessModes: [ "ReadWriteOnce" ]
resources:
requests:
storage: 1Gi
所以我的问题是我无法登录到 mongod,因为我从管理员那里得到了这个:
管理员不支持在没有密码的情况下访问数据库。这个问题有什么简单的解决方案可以登录我的 mongod 吗?
P.S 我 运行 kubernetes
您的问题的答案可以在 Adminer's documentation:
中找到
Accessing a database without a password
Adminer 4.6.3 and newer does not support accessing a database without
a password. The reason is that a forgotten Adminer uploaded on a place
accessible by an attacker could have been used to access a database.
There are these options:
- Set up the database server to require a password. This is possible with all databases except SQLite and SimpleDB.
- Use the login-password-less
plugin to set up a password
required by Adminer but not passed to the database
(example).
- Use the login-ip
plugin to check the IP address
and allow an empty password.
- Implement the
login method to add your custom
authentication.
您可能会发现 this answer 也很有帮助。把整个过程描述的很详细。
这是我给管理员的 yaml:
kind: Service
metadata:
name: adminer-1598029219
labels:
app.kubernetes.io/name: adminer
helm.sh/chart: adminer-0.1.5
app.kubernetes.io/instance: adminer-1598029219
app.kubernetes.io/managed-by: Helm
spec:
type: NodePort
ports:
- port: 8000
targetPort: http
protocol: TCP
name: http
selector:
app.kubernetes.io/name: adminer
app.kubernetes.io/instance: adminer-1598029219
---
# Source: adminer/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: adminer-1598029219
labels:
app.kubernetes.io/name: adminer
helm.sh/chart: adminer-0.1.5
app.kubernetes.io/instance: adminer-1598029219
app.kubernetes.io/managed-by: Helm
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: adminer
app.kubernetes.io/instance: adminer-1598029219
template:
metadata:
labels:
app.kubernetes.io/name: adminer
app.kubernetes.io/instance: adminer-1598029219
spec:
containers:
- name: adminer
image: "dockette/adminer:full"
imagePullPolicy: IfNotPresent
ports:
- name: http
containerPort: 80
protocol: TCP
env:
- name: ADMINER_PLUGINS
value:
- name: ADMINER_DESIGN
value: pepa-linha
- name: ADMINER_DEFAULT_SERVER
value:
resources:
{}
livenessProbe:
null
readinessProbe:
null
这是我的 yaml mongoDB
kind: Service
metadata:
name: mongo
labels:
name: mongo
app: mongo
spec:
ports:
- port: 27017
targetPort: 27017
name: web
clusterIP: None
selector:
role: mongo
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: web
spec:
selector:
matchLabels:
app: mongo # has to match .spec.template.metadata.labels
serviceName: "mongo"
replicas: 3
template:
metadata:
labels:
app: mongo
spec:
terminationGracePeriodSeconds: 10
containers:
- name: mongo
image: mongo
command:
- mongod
- "--replSet"
- rs0
- "--smallfiles"
- "--noprealloc"
ports:
- containerPort: 27017
name: web
volumeMounts:
- name: mongo-persistent-storage
mountPath: /data/db
volumeClaimTemplates:
- metadata:
name: mongo-persistent-storage
annotations:
volume.beta.kubernetes.io/storage-class: "fast"
spec:
accessModes: [ "ReadWriteOnce" ]
resources:
requests:
storage: 1Gi
所以我的问题是我无法登录到 mongod,因为我从管理员那里得到了这个: 管理员不支持在没有密码的情况下访问数据库。这个问题有什么简单的解决方案可以登录我的 mongod 吗? P.S 我 运行 kubernetes
您的问题的答案可以在 Adminer's documentation:
中找到Accessing a database without a password
Adminer 4.6.3 and newer does not support accessing a database without a password. The reason is that a forgotten Adminer uploaded on a place accessible by an attacker could have been used to access a database. There are these options:
- Set up the database server to require a password. This is possible with all databases except SQLite and SimpleDB.
- Use the login-password-less plugin to set up a password required by Adminer but not passed to the database (example).
- Use the login-ip plugin to check the IP address and allow an empty password.
- Implement the
loginmethod to add your custom authentication.
您可能会发现 this answer 也很有帮助。把整个过程描述的很详细。