Building an Arm64 Docker image for Mongo BI Connector
Due to the increase in Arm64 architecture many existing docker images and applications are unable to run. Here's how to build your own.
Due to the increase in Arm64 architecture many existing docker images and applications are unable to run and give compilation errors. In order to solve this issue we must create our own image.
Creating the Dockerfile
Firstly lets generate the Docker file:
# Use an ARM-compatible base image
FROM ubuntu:latest
# Set the working directory
WORKDIR /app
# Install necessary dependencies
RUN apt-get update && \
apt-get install -y wget rsyslog && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*
# Download and install MongoBI Connector (Replace the URL with the most up to date version)
RUN wget -O /app/mongodb-bi-linux-arm64-ubuntu2204-v2.14.12.tgz https://info-mongodb-com.s3.amazonaws.com/mongodb-bi/v2/mongodb-bi-linux-arm64-ubuntu2204-v2.14.12.tgz && \
tar -xzf /app/mongodb-bi-linux-arm64-ubuntu2204-v2.14.12.tgz && \
chmod +x /app/mongodb-bi-linux-arm64-ubuntu2204-v2.14.12/bin/* && \
mv /app/mongodb-bi-linux-arm64-ubuntu2204-v2.14.12 /app/mongo-bi-connector
# Expose any ports required by MongoBI Connector
EXPOSE 3307
# Copy the entrypoint script
COPY entrypoint.sh .
# Pass over the config file
COPY config.yml /app/mongo-bi-connector/example-mongosqld-config.yml
# Allow the entrypoint script to be executed
RUN chmod +x /app/entrypoint.sh
Important Notes
There’s a couple of things to keep note of:
-
SSL Handshake - The connector uses SSL to create a handshake. This means we have to generate a key for the connector. This will be done in the
entrypoint.sh. -
Certificate Signing - Any application that wants to communicate with the connector will also have to have its certificate signed and appended to:
/etc/ssl/mongokeyfile/mongoconnect.pem
The Entrypoint Script
Now lets generate the entrypoint.sh:
#!/bin/sh
# Generate the key file and append to ssl_key volume
openssl req -newkey rsa:2048 -new -x509 -days 365 -nodes -out /etc/ssl/mongokeyfile/mongoconnect.pem -keyout /etc/ssl/mongokeyfile/mongoconnect.pem -subj '/CN=localhost'
# Run the application with specified variables
/app/mongo-bi-connector/bin/mongosqld --mongo-uri $MONGO_URI --mongo-username $MONGO_USERNAME --mongo-password $MONGO_PASSWORD --auth --sslMode requireSSL --sslPEMKeyFile /etc/ssl/mongokeyfile/mongoconnect.pem --mongo-authenticationSource $MONGO_AUTH_SOURCE --config /app/mongo-bi-connector/example-mongosqld-config.yml
By running it as an executable file we ensure the environment variables passed are the ones specified in the docker-compose.
Configuration File
Now we must create a config file stating which IP’s the connector can take connections from. This can be an array or a singular IP. For this I just left it as 0.0.0.0 meaning anyone can connect to it. Obviously this is not advisable for production.
config.yml:
## This is a example configuration file for mongosqld.
## The full documentation is available at:
## https://docs.mongodb.com/bi-connector/master/reference/mongosqld/#configuration-file
## Network options - configure how mongosqld should accept connections.
## https://docs.mongodb.com/bi-connector/master/reference/mongosqld/#network-options
net:
bindIp: "0.0.0.0" # To bind to multiple IP addresses, enter a list of comma separated values.
port: 3307
ssl:
mode: "disabled"
## MongoDB options - configure how mongosqld should connect to your MongoDB cluster.
## https://docs.mongodb.com/bi-connector/master/reference/mongosqld/#mongodb-host-options
mongodb:
net:
ssl:
enabled: false
# Security options - configure mongosqld's authentication (disabled by default).
## Enable security options if your MongoDB cluster requires authentication.
## https://docs.mongodb.com/bi-connector/master/reference/mongosqld/#security-options
security:
defaultMechanism: "SCRAM-SHA-256"
defaultSource: "admin"
## Logging options
## https://docs.mongodb.com/bi-connector/master/reference/mongosqld/#logging-options
systemLog:
quiet: false
verbosity: 1
logRotate: "rename"
## Process management options
## https://docs.mongodb.com/bi-connector/master/reference/mongosqld/#process-management-options
processManagement:
service:
name: "mongosql"
displayName: "MongoSQL Service"
description: "MongoSQL accesses MongoDB data with SQL"
This config is just an example of what can be implemented. Ensure defaultSource specifies the location you are trying to authenticate. If this wasn’t set it normally defaults to admin.
Building the Image
Now you should be able to build the image using:
docker build -t mongo-bi-connector .
Docker Compose
Lastly, here is an example docker compose file that can be used to deploy as a container. It also includes a volume where the generated keys are stored. This enables you to add the generated certificates from your application to the mongoconnect.pem file specified above.
docker-compose.yml:
version: '3.7'
services:
mongo-bi-connector:
image: mongo-bi-connector:latest
build: .
ports:
- "3307:3307"
environment:
- MONGO_URI= # Replace with your MongoDB URI
- MONGO_USERNAME= # Replace with your MongoDB username
- MONGO_PASSWORD= # Replace With your MongoDB password
- MONGO_AUTH_SOURCE= # Replace with your MongoDB authentication source
volumes:
- ssl_keys:/etc/ssl/mongokeyfile
restart: always
command: sh -c "/app/entrypoint.sh"
volumes:
ssl_keys:
Environment Variables
The container takes in 4 environment variables:
| Variable | Example |
|---|---|
MONGO_URI | mongodb://localhost:27017/ |
MONGO_USERNAME | admin |
MONGO_PASSWORD | admin |
MONGO_AUTH_SOURCE | admin |
Disclaimer
As a reminder this should only be used for development testing - this docker file doesn’t ensure any degree of security. This is more of an exploration of how you could build it.
Source Code
The full source code is available on GitHub: starmunchies/docker-mongo-bi-connector