猿问

无法在 Docker Compose 中连接到 Mongo Atlas Cloud

我有一个执行基本 CRUD 操作并使用 MongoDB 进行数据持久性的 Go 应用程序。


我正在使用 Mongo Atlas 连接字符串将应用程序连接到 MongoDB,当我在本地开发机器上运行应用程序时一切正常。但是,当我在 docker-compose 工作流程中将所有内容推送到 docker 容器时,我开始收到此错误:


server selection error: server selection timeout, current topology: { Type: ReplicaSetNoPrimary, Servers: [{ Addr: app-test-shard-00-00-zfzs6.mongodb.net:27017, Type: Unknown, State: Connected, Average RTT: 0, Last error: connection() : x509: certificate signed by unknown authority }, { Addr: app-test-shard-00-01-zfzs6.mongodb.net:27017, Type: Unknown, State: Connected, Average RTT: 0, Last error: connection() : x509: certificate signed by unknown authority }, { Addr: app-test-shard-00-02-zfzs6.mongodb.net:27017, Type: Unknown, State: Connected, Average RTT: 0, Last error: connection() : x509: certificate signed by unknown authority }, ] }

这就是我的 docker-compose.yml 的样子:


services: 

redis:

    image: redis

    restart: always

app:

    image: docker.pkg.github.com/<user>/<project>/<image>:latest

    ports: 

        - 80:8080

    environment: 

        - APP_ENV=docker

        - GIN_MODE=release

    depends_on: 

        - redis

    restart: on-failure

这是我的连接字符串的外观: mongodb://user:password@app-test-shard-00-00-zfzs6.mongodb.net:27017,app-test-shard-00-01-zfzs6.mongodb.net:27017,app-test-shard-00-02-zfzs6.mongodb.net:27017/test?ssl=true&replicaSet=app-test-shard-0&authSource=admin&retryWrites=true&w=majority


我已经检查了这个问题和其他几个问题,但似乎没有一个可以解决这个问题。


我还检查了 docker 的网络配置,我使用的是网桥驱动程序,它应该允许访问外部应用程序(即 Mongo Atlas)


去版本:1.13


Mongo 驱动程序:mongodb/mongo-go-driver v1.2.0


Dockerfile:


FROM golang:alpine as builder

WORKDIR /build

COPY . .

RUN apk add git openssh build-base

RUN git config --global url."git@github.com:".insteadOf "https://github.com/"

COPY keys/id_rsa /root/.ssh/id_rsa

RUN chmod 600 /root/.ssh/id_rsa

RUN ssh-keyscan -t rsa github.com >> /root/.ssh/known_hosts

ENV GOPRIVATE=github.com/contributor-org

RUN go build


FROM alpine

WORKDIR /org

COPY --from=builder /build/app .

COPY config/*.yml config/

RUN mkdir -p /var/log

CMD ["./app"]


素胚勾勒不出你
浏览 159回答 2
2回答

忽然笑

我通过添加&tlsInsecure=true到 MongoDB URI 快速解决了这个问题。仍在寻找正确的方法来解决它。编辑:也解决了它添加ca-certificates到 Docker 图像:# Builder step...FROM alpine:3RUN apk update \&nbsp; &nbsp; && apk upgrade \&nbsp; &nbsp; && apk add --no-cache \&nbsp; &nbsp; ca-certificates \&nbsp; &nbsp; && update-ca-certificates 2>/dev/null || trueCOPY --from=builder /build/main ./CMD ["/main"]较小图像的另一种选择:# Builder step...FROM alpine:3 as certsRUN apk --no-cache add ca-certificatesFROM scratch as appCOPY --from=builder /build/main ./COPY --from=certs /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crtENTRYPOINT ["/main"]

哈士奇WWW

该问题似乎与证书验证有关。您有两个选择:- 将自签名证书添加到 CA。- 跳过验证。如果要跳过自签名证书验证,则必须将ClientOptions结构设置修改true为ClientOptions.SSLInsecure变量。
随时随地看视频慕课网APP

相关分类

Go
我要回答