[英]How to keep node_modules inside container while using docker-compose and a non-root user?
I'm looking for a way to achieve these goals at the same time: 我正在寻找一种同时实现这些目标的方法:
node_modules
inside container (to not to "pollute" the working directory on the host) node_modules
保留在容器内(以免“污染”主机上的工作目录) Dockerfile
Dockerfile
I'm not sure if these goals are considered "best practice". 我不确定这些目标是否被视为“最佳实践”。 For example, keeping
node_modules
inside the container has its disadvantages . 例如,将
node_modules
保留在容器内有其缺点 。
Currently my compose file is like this: 目前我的撰写文件是这样的:
services:
# ...
node:
image: "node:9"
user: "node"
working_dir: /home/node/app
environment:
# - NODE_ENV=production
- NPM_CONFIG_PREFIX=/home/node/.npm-global
- PATH=$PATH:/home/node/.npm-global/bin
volumes:
- ./proj/:/home/node/app
- /home/node/app/node_modules # mark1
ports:
- "3001:3001"
command: >
bash -c "echo hello
&& ls -lh /home/node/app/
&& npm install
&& npm i -g babel-cli
&& npm i -g flow-bin
&& npm start"
depends_on:
- redis
but there's 但是有
"Error: EACCES: permission denied, access
'/home/node/app/node_modules'".
"Error: EACCES: permission denied, access
'/home/node/app/node_modules'".
If I comment out the #mark1
line, the container runs, however node_modules
will be written onto the host (since ./proj
is mounted ) 如果我注释掉
#mark1
行,则容器会运行,但是node_modules
会被写入主机(因为./proj
已经安装 )
I have read these two articles on the topic: 我已经阅读了关于这个主题的这两篇文章:
but neither meets my goal. 但都达不到我的目标。
I added a line of ls -lh /home/node/app/
and found node_modules
is owned by root
. 我添加了一行
ls -lh /home/node/app/
,发现node_modules
由root
拥有。 This could be the problem. 这可能是问题所在。
I ended up using a Dockerfile
. 我最终使用了
Dockerfile
。 It's minimum. 这是最低限度的。 (I keep some commented out lines for anyone may find them useful.)
(我保留一些注释掉的行,任何人都可能觉得它们很有用。)
We need to change the owner of node_modules
inside the container. 我们需要更改容器内
node_modules
的所有者。 It seems the ( update : Sorry. I forgot to remove the built container with node:9
image doesn't require this. 似乎
node:9
图像不需要这个。 So this is only for node:9-alpine
. 所以这只适用于
node:9-alpine
。 docker system prune
. Both images need this. Here is a discussion on permissions/ownership of named volumes` ) ( 更新 :对不起。我忘了删除带有
docker system prune
的构建容器。两个映像都需要这个。这是关于命名卷的权限/所有权的讨论。 )
FROM node:9-alpine
#ENV NPM_CONFIG_PREFIX=/home/node/.npm-global
#ENV PATH=$PATH:/home/node/.npm-global/bin
RUN mkdir -p /home/node/app/node_modules
RUN chown -R node:node /home/node/app
#USER node
#WORKDIR /home/node/app
#RUN npm install --silent --progress=false ; \
# npm i -g babel-cli --silent --progress=false ;\
# npm i -g flow-bin --silent --progress=false
The docker-compose.yml
ended up being like: docker-compose.yml
最终如下:
services:
# ...
node:
# image: "node:9-alpine"
build: ./proj
user: "node"
working_dir: /home/node/app
environment:
# - NODE_ENV=production
- NPM_CONFIG_PREFIX=/home/node/.npm-global
- PATH=$PATH:/home/node/.npm-global/bin
volumes:
- ./proj/:/home/node/app
- /home/node/app/node_modules/
ports:
- "3006:3001"
command: >
/bin/sh -c "echo hello
&& ls -lh /home/node/app/
&& npm install
&& npm i -g babel-cli
&& npm i -g flow-bin
&& npm start"
depends_on:
- redis
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.