I’m trying to setup cyberark’s conjur solution using docker containers and a local volume to maintain persistent data. I followed the instructions in the following link: https://github.com/cyberark/conjur-quickstart
What I’m experiencing is that when I perform a "docker-compose down" and then bring it back up it starts off with a blank system with nothing saved.
Here is the docker-compose.yml file I’m working with:
version: '3'
services:
openssl:
image: cyberark/conjur
container_name: openssl
entrypoint:
- openssl
- req
- -newkey
- rsa:2048
- -days
- "365"
- -nodes
- -x509
- -config
- /tmp/conf/tls.conf
- -extensions
- v3_ca
- -keyout
- /tmp/conf/nginx.key
- -out
- /tmp/conf/nginx.crt
volumes:
- ./conf/tls/:/tmp/conf
bot_app:
image: cfmanteiga/alpine-bash-curl-jq
privileged: true
container_name: bot_app
command: tail -F anything
volumes:
- ./program.sh:/tmp/program.sh
restart: on-failure
database:
image: postgres:10.16
container_name: postgres_database
environment:
POSTGRES_HOST_AUTH_METHOD: trust
ports:
- 8432:5432
volumes:
- /share/Container/docker/conjur:/var/lib/postgresql/data
pgadmin:
# [https]://www.pgadmin.org/docs/pgadmin4/latest/container_deployment.html
image: dpage/pgadmin4
environment:
PGADMIN_DEFAULT_EMAIL: [email protected]
PGADMIN_DEFAULT_PASSWORD: SuperSecret
ports:
- 18081:80
conjur:
image: cyberark/conjur
container_name: conjur_server
command: server
environment:
DATABASE_URL: postgres://postgres@database/postgres
CONJUR_DATA_KEY:
CONJUR_AUTHENTICATORS:
depends_on:
- database
restart: on-failure
ports:
- 18080:80
proxy:
image: nginx:1.13.6-alpine
container_name: nginx_proxy
ports:
- "8443:443"
volumes:
- ./conf/:/etc/nginx/conf.d/:ro
- ./conf/tls/:/etc/nginx/tls/:ro
depends_on:
- conjur
- openssl
restart: on-failure
client:
image: cyberark/conjur-cli:5
container_name: conjur_client
depends_on: [ proxy ]
entrypoint: sleep
command: infinity
volumes:
- ./conf/policy:/policy
I can confirm that the data is being written to the local host volume /share/Container/docker/conjur. I tested by logging into the docker container via "docker exec -it bash" and go to the /var/lib/postgresql/data directory and touch a test.txt file. I then confirmed that on the local host volume that test.txt file is there.
But when I login to the pgadmin web interface and look at the databases I had created in the previous steps they don’t exist anymore and also the admin password has been set to default instead of what I had changed it to.
Any thoughts?
Thanks.
2
Answers
There does not seem to be any issues with your database. It seems your connection to the database is not done properly. Could you try this ?
If you would like the database data to persist, you need to utilize a volume in Docker. This would require you to reference the volume in your
docker-compose.yml
file and use it in thedatabase
definition: