docker-compose postgres卷将所有权更改为gitlab-runner
[英]docker-compose postgres volume changes ownership to gitlab-runner
问题描述
I have a very strange problem, and cannot find why this happens. 
我有一个非常奇怪的问题,无法找到原因。 I installed gitlab-runner on my computer a several months ago, maybe a year and didn't use it anymore . 我几个月前(大概一年前)在计算机上安装了gitlab-runner,并且不再使用它。
I have a docker-composer.yml: 我有一个docker-composer.yml:
version: '2'
services:
db:
image: postgres:9.5
#restart: always
environment:
POSTGRES_PASSWORD: password
volumes:
- ./storage:/var/lib/postgresql/data
I create ./storage, a ls gives me: 我创建./storage,一个ls给我:
drwxrwxr-x 2 pierre-emmanuel pierre-emmanuel 4096 jui 31 23:33 storage
When I run docker-compose up -d , the user is changed to gitlab-runner ... I don't understand this AT ALL. 当我运行docker-compose up -d ,用户更改为gitlab-runner ...我一点都不明白。 It should have never happened. 它应该永远不会发生。
Here is the ls I have: 这是我的ls :
drwx------ 19 gitlab-runner pierre-emmanuel 4096 jui 31 23:35 storage
Now I repeated this and with ps -aux | grep gitlab 现在,我用ps -aux | grep gitlab重复此ps -aux | grep gitlab ps -aux | grep gitlab was able to see this: ps -aux | grep gitlab能够看到以下内容:
gitlab-+ 2404 11.5 0.0 19704 3456 ? Ss 23:34 0:00 bash /usr/local/bin/docker-entrypoint.sh postgres
gitlab-+ 2514 6.0 0.0 19904 3912 ? S 23:35 0:00 initdb --username=postgres --pwfile=/dev/fd/63
gitlab-+ 2536 0.0 0.0 4280 712 ? S 23:35 0:00 sh -c "/usr/lib/postgresql/9.5/bin/postgres" --single -F -O -c search_path=pg_catalog -c exit_on_error=true template1 >/dev/null
gitlab-+ 2537 0.0 0.3 281888 28572 ? R 23:35 0:00 /usr/lib/postgresql/9.5/bin/postgres --single -F -O -c search_path=pg_catalog -c exit_on_error=true template1
Then after it stays like this until I call docker-composer stop : 然后一直保持这样直到我调用docker-composer stop为止:
gitlab-+ 2404 0.0 0.2 274528 23304 ? Ss 23:34 0:00 postgres
gitlab-+ 2618 0.0 0.0 274528 3780 ? Ss 23:35 0:00 postgres: checkpointer process
gitlab-+ 2619 0.0 0.0 274528 5400 ? Ss 23:35 0:00 postgres: writer process
gitlab-+ 2620 0.0 0.0 274528 3780 ? Ss 23:35 0:00 postgres: wal writer process
gitlab-+ 2621 0.0 0.0 274956 6252 ? Ss 23:35 0:00 postgres: autovacuum launcher process
gitlab-+ 2622 0.0 0.0 129512 2828 ? Ss 23:35 0:00 postgres: stats collector process
My own user and gitlab-runner do have the docker group, but I can't figure out why this is producing. 我自己的用户和gitlab-runner确实有docker组,但我想不通这是为什么产生。 Do you have any idea ? 你有什么主意吗 ?
EDIT: when I remove the app, remove the volume from docker-compose.yml and re-create the app, the user gitlab-runner is still used to run the container which contains postgres. 编辑:当我删除应用程序时,从docker-compose.yml中删除卷并重新创建应用程序,用户gitlab-runner仍用于运行包含postgres的容器。
1 个解决方案
解决方案1
1 已采纳 2019-07-31 23:30:06
Processes and files are owned by numeric user and group IDs. 进程和文件归数字用户和组ID拥有。 There's a file, /etc/passwd , that maps between user names and user IDs; 有一个文件/etc/passwd ,它在用户名和用户ID之间进行映射。 but the nature of Docker is that each container has its own isolated filesystem space, which means it has its own /etc/passwd file. 但是Docker的本质是每个容器都有自己的隔离文件系统空间,这意味着它具有自己的/etc/passwd文件。
If you look at the Docker Hub postgresql page there is a link to the image's Dockerfile and you can see that includes a command 如果您查看Docker Hub postgresql页面 ,则有指向该映像的Dockerfile的链接,您可以看到其中包含一个命令
RUN useradd ... --uid=999 ... postgres
You should be able to verify that the user IDs on your local system and inside the container match up 您应该能够验证本地系统上和容器内的用户ID是否匹配
grep gitlab-runner /etc/passwd
docker run --rm postgres:9.5 grep postgres /etc/passwd
I would expect both of these to show a uid of 999 in the third field. 我希望它们在第三个字段中显示的uid为999。 The files are owned by that uid, but it happens to translate to a different name inside and outside the container. 该文件由该uid拥有,但是恰好在容器内部和外部转换为其他名称。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.