mongodb 的本地卷在 运行 docker-撰写时获得拒绝权限
My local volume for mongodb gets permission denied when running docker-compose up
这是我的docker-compose.yml
version: "3.5"
services:
api:
container_name: upvotocracy-api
restart: always
build: .
env_file: .env
ports:
- "127.0.0.1:8537:8537"
- "127.0.0.1:9228:9229"
links:
- mongo
volumes:
- ./index.js:/usr/src/app/index.js
- ./.env:/usr/src/app/.env
networks:
- upvotocracy-network
mongo:
container_name: upvotocracy-mongo
restart: always
image: mongo:latest
env_file: .env
volumes:
- ./mongo_data:/data/db
ports:
- "127.0.0.1:28016:27017"
networks:
- upvotocracy-network
redis:
image: redis
restart: always
container_name: upvotocracy-cache
ports:
- "127.0.0.1:6381:6379"
networks:
- upvotocracy-network
es01:
image: docker.elastic.co/elasticsearch/elasticsearch:7.6.2
container_name: upvotocracy-es01
restart: always
environment:
- node.name=es01
- cluster.name=es-docker-cluster
- cluster.initial_master_nodes=es01
- bootstrap.memory_lock=true
- action.auto_create_index=+*
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
ulimits:
memlock:
soft: -1
hard: -1
volumes:
- ./data01:/usr/share/elasticsearch/data
ports:
- 127.0.0.1:9201:9200
networks:
- upvotocracy-network
networks:
upvotocracy-network:
name: upvotocracy-network
volumes:
mongo_data: {}
data01:
driver: local
它仅在我 运行 docker 以 root 身份组合时有效,否则我在 999:ubuntu 拥有的 ./mongo_data 目录上收到权限被拒绝的错误
Pulling mongo ... done
Pulling api ... done
Pulling redis ... done
Pulling es01 ... done
mongo uses an image, skipping
redis uses an image, skipping
es01 uses an image, skipping
Building api
Traceback (most recent call last):
File "bin/docker-compose", line 6, in <module>
File "compose/cli/main.py", line 72, in main
File "compose/cli/main.py", line 128, in perform_command
File "compose/cli/main.py", line 303, in build
File "compose/project.py", line 403, in build
File "compose/project.py", line 385, in build_service
File "compose/service.py", line 1106, in build
File "site-packages/docker/api/build.py", line 160, in build
File "site-packages/docker/utils/build.py", line 30, in tar
File "site-packages/docker/utils/build.py", line 49, in exclude_paths
File "site-packages/docker/utils/build.py", line 214, in rec_walk
File "site-packages/docker/utils/build.py", line 214, in rec_walk
File "site-packages/docker/utils/build.py", line 184, in rec_walk
PermissionError: [Errno 13] Permission denied: '/home/ubuntu/data/www/coupondealsavings.com/api/mongo_data/diagnostic.data'
[10551] Failed to execute script docker-compose
Starting coupondeals-mongo ... done
Starting coupondeals-cache ... done
Starting coupondeals-es01 ... done
Starting coupondeals-api ... done
Connection to xxx closed.
我遇到了同样的问题。
我假设您在第一次 docker-compose up 时没有出现此权限错误。
这
文件 "mongo_data/diagnostic.data" 也不存在。 mongo 容器将在启动时创建文件,该文件属于用户,在我的例子中是 999:root (postgres)。
drwx------ 19 999 root 4096 Jun 4 12:19 postgres-data/
您的 api 容器将当前目录作为构建上下文。构建 docker 的用户是您的主机用户,它不能是 999。因此,当您 docker-compose up 时,权限将被拒绝。
可以在context文件夹中新建一个.dockerignore文件,内容为:
mongo_data
您必须在其他容器的卷中添加此文件中的其他文件夹。
对我来说,我只需将 ./mongo_data 添加到 .dockerignore,Dockerfile 会在构建 api.
时忽略此目录
我对我所有的卷都这样做了,现在一切正常,没有权限错误。
这是我的docker-compose.yml
version: "3.5"
services:
api:
container_name: upvotocracy-api
restart: always
build: .
env_file: .env
ports:
- "127.0.0.1:8537:8537"
- "127.0.0.1:9228:9229"
links:
- mongo
volumes:
- ./index.js:/usr/src/app/index.js
- ./.env:/usr/src/app/.env
networks:
- upvotocracy-network
mongo:
container_name: upvotocracy-mongo
restart: always
image: mongo:latest
env_file: .env
volumes:
- ./mongo_data:/data/db
ports:
- "127.0.0.1:28016:27017"
networks:
- upvotocracy-network
redis:
image: redis
restart: always
container_name: upvotocracy-cache
ports:
- "127.0.0.1:6381:6379"
networks:
- upvotocracy-network
es01:
image: docker.elastic.co/elasticsearch/elasticsearch:7.6.2
container_name: upvotocracy-es01
restart: always
environment:
- node.name=es01
- cluster.name=es-docker-cluster
- cluster.initial_master_nodes=es01
- bootstrap.memory_lock=true
- action.auto_create_index=+*
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
ulimits:
memlock:
soft: -1
hard: -1
volumes:
- ./data01:/usr/share/elasticsearch/data
ports:
- 127.0.0.1:9201:9200
networks:
- upvotocracy-network
networks:
upvotocracy-network:
name: upvotocracy-network
volumes:
mongo_data: {}
data01:
driver: local
它仅在我 运行 docker 以 root 身份组合时有效,否则我在 999:ubuntu 拥有的 ./mongo_data 目录上收到权限被拒绝的错误
Pulling mongo ... done
Pulling api ... done
Pulling redis ... done
Pulling es01 ... done
mongo uses an image, skipping
redis uses an image, skipping
es01 uses an image, skipping
Building api
Traceback (most recent call last):
File "bin/docker-compose", line 6, in <module>
File "compose/cli/main.py", line 72, in main
File "compose/cli/main.py", line 128, in perform_command
File "compose/cli/main.py", line 303, in build
File "compose/project.py", line 403, in build
File "compose/project.py", line 385, in build_service
File "compose/service.py", line 1106, in build
File "site-packages/docker/api/build.py", line 160, in build
File "site-packages/docker/utils/build.py", line 30, in tar
File "site-packages/docker/utils/build.py", line 49, in exclude_paths
File "site-packages/docker/utils/build.py", line 214, in rec_walk
File "site-packages/docker/utils/build.py", line 214, in rec_walk
File "site-packages/docker/utils/build.py", line 184, in rec_walk
PermissionError: [Errno 13] Permission denied: '/home/ubuntu/data/www/coupondealsavings.com/api/mongo_data/diagnostic.data'
[10551] Failed to execute script docker-compose
Starting coupondeals-mongo ... done
Starting coupondeals-cache ... done
Starting coupondeals-es01 ... done
Starting coupondeals-api ... done
Connection to xxx closed.
我遇到了同样的问题。 我假设您在第一次 docker-compose up 时没有出现此权限错误。 这 文件 "mongo_data/diagnostic.data" 也不存在。 mongo 容器将在启动时创建文件,该文件属于用户,在我的例子中是 999:root (postgres)。
drwx------ 19 999 root 4096 Jun 4 12:19 postgres-data/
您的 api 容器将当前目录作为构建上下文。构建 docker 的用户是您的主机用户,它不能是 999。因此,当您 docker-compose up 时,权限将被拒绝。 可以在context文件夹中新建一个.dockerignore文件,内容为:
mongo_data
您必须在其他容器的卷中添加此文件中的其他文件夹。
对我来说,我只需将 ./mongo_data 添加到 .dockerignore,Dockerfile 会在构建 api.
我对我所有的卷都这样做了,现在一切正常,没有权限错误。