[英]docker-compose postgres volume changes ownership to gitlab-runner
I have a very strange problem, and cannot find why this happens. 我有一个非常奇怪的问题,无法找到原因。 I installed gitlab-runner on my computer a several months ago, maybe a year and didn't use it anymore . 我几个月前(大概一年前)在计算机上安装了gitlab-runner,并且不再使用它。
I have a docker-composer.yml: 我有一个docker-composer.yml:
version: '2'
services:
db:
image: postgres:9.5
#restart: always
environment:
POSTGRES_PASSWORD: password
volumes:
- ./storage:/var/lib/postgresql/data
I create ./storage, a ls
gives me: 我创建./storage,一个ls
给我:
drwxrwxr-x 2 pierre-emmanuel pierre-emmanuel 4096 jui 31 23:33 storage
When I run docker-compose up -d
, the user is changed to gitlab-runner
... I don't understand this AT ALL. 当我运行docker-compose up -d
,用户更改为gitlab-runner
...我一点都不明白。 It should have never happened. 它应该永远不会发生。
Here is the ls
I have: 这是我的ls
:
drwx------ 19 gitlab-runner pierre-emmanuel 4096 jui 31 23:35 storage
Now I repeated this and with ps -aux | grep gitlab
现在,我用ps -aux | grep gitlab
重复此ps -aux | grep gitlab
ps -aux | grep gitlab
was able to see this: ps -aux | grep gitlab
能够看到以下内容:
gitlab-+ 2404 11.5 0.0 19704 3456 ? Ss 23:34 0:00 bash /usr/local/bin/docker-entrypoint.sh postgres
gitlab-+ 2514 6.0 0.0 19904 3912 ? S 23:35 0:00 initdb --username=postgres --pwfile=/dev/fd/63
gitlab-+ 2536 0.0 0.0 4280 712 ? S 23:35 0:00 sh -c "/usr/lib/postgresql/9.5/bin/postgres" --single -F -O -c search_path=pg_catalog -c exit_on_error=true template1 >/dev/null
gitlab-+ 2537 0.0 0.3 281888 28572 ? R 23:35 0:00 /usr/lib/postgresql/9.5/bin/postgres --single -F -O -c search_path=pg_catalog -c exit_on_error=true template1
Then after it stays like this until I call docker-composer stop
: 然后一直保持这样直到我调用docker-composer stop
为止:
gitlab-+ 2404 0.0 0.2 274528 23304 ? Ss 23:34 0:00 postgres
gitlab-+ 2618 0.0 0.0 274528 3780 ? Ss 23:35 0:00 postgres: checkpointer process
gitlab-+ 2619 0.0 0.0 274528 5400 ? Ss 23:35 0:00 postgres: writer process
gitlab-+ 2620 0.0 0.0 274528 3780 ? Ss 23:35 0:00 postgres: wal writer process
gitlab-+ 2621 0.0 0.0 274956 6252 ? Ss 23:35 0:00 postgres: autovacuum launcher process
gitlab-+ 2622 0.0 0.0 129512 2828 ? Ss 23:35 0:00 postgres: stats collector process
My own user and gitlab-runner
do have the docker
group, but I can't figure out why this is producing. 我自己的用户和gitlab-runner
确实有docker
组,但我想不通这是为什么产生。 Do you have any idea ? 你有什么主意吗 ?
EDIT: when I remove the app, remove the volume from docker-compose.yml and re-create the app, the user gitlab-runner is still used to run the container which contains postgres. 编辑:当我删除应用程序时,从docker-compose.yml中删除卷并重新创建应用程序,用户gitlab-runner仍用于运行包含postgres的容器。
Processes and files are owned by numeric user and group IDs. 进程和文件归数字用户和组ID拥有。 There's a file, /etc/passwd
, that maps between user names and user IDs; 有一个文件/etc/passwd
,它在用户名和用户ID之间进行映射。 but the nature of Docker is that each container has its own isolated filesystem space, which means it has its own /etc/passwd
file. 但是Docker的本质是每个容器都有自己的隔离文件系统空间,这意味着它具有自己的/etc/passwd
文件。
If you look at the Docker Hub postgresql
page there is a link to the image's Dockerfile and you can see that includes a command 如果您查看Docker Hub postgresql
页面 ,则有指向该映像的Dockerfile的链接,您可以看到其中包含一个命令
RUN useradd ... --uid=999 ... postgres
You should be able to verify that the user IDs on your local system and inside the container match up 您应该能够验证本地系统上和容器内的用户ID是否匹配
grep gitlab-runner /etc/passwd
docker run --rm postgres:9.5 grep postgres /etc/passwd
I would expect both of these to show a uid of 999 in the third field. 我希望它们在第三个字段中显示的uid为999。 The files are owned by that uid, but it happens to translate to a different name inside and outside the container. 该文件由该uid拥有,但是恰好在容器内部和外部转换为其他名称。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.