在创建容器时设置 docker 卷权限
[英]Set docker volume permissions at container creation
问题描述
I have a PHP app in docker that has an empty logs folder, that I added to the docker container as a volume:
我在 docker 中有一个 PHP 应用程序,它有一个空的日志文件夹,我将它作为卷添加到 docker 容器中:
app:
volumes:
- ./app/logs:/var/log/app
But when the app tries to write it raises an error because it has no permission.但是当应用程序尝试写入时,它会引发错误,因为它没有权限。
I need a way to set permissions for it everytime the container gets created, so no manual process is needed, I also need the logs to persist even when the container is destroyed.每次创建容器时,我都需要一种为其设置权限的方法,因此不需要手动过程,即使容器被销毁,我也需要保留日志。
How can I do it?我该怎么做? What would be a good practice for this scenario?对于这种情况,什么是好的做法?
1 个解决方案
解决方案1
1 2019-10-10 01:41:11
Your web server or the writer to the logs doesn't have permissions to write to /var/log/app.您的 web 服务器或日志写入者无权写入 /var/log/app。 Here you are bind-mounting a directory from the host in a container and in such case files and directories maintain the permissions they have on the host.在这里,您从容器中的主机绑定挂载目录,在这种情况下,文件和目录维护它们在主机上的权限。 Setting permissions on your host would solve the problem.在您的主机上设置权限将解决问题。
Refer to the following to do the same - write in shared volumes docker请参考以下内容进行相同操作 - 写入共享卷 docker
Alternatively, I would suggest creating a docker volume for logs which would also solve your requirement of making them persistent .或者,我建议为日志创建一个 docker 卷,这也可以解决您使它们持久化的要求。
For creating the volume use - docker create volume app-logs对于创建卷使用 - docker create volume app-logs
services:
app:
volumes:
- app-logs:/var/log/app
volumes:
app-logs:
external: true
You may then use a docker instruction either CMD or ENTRYPOINT to set right permissions on the mounted volume.然后,您可以使用 docker 指令CMD或ENTRYPOINT来设置已安装卷的正确权限。 It would be like - CMD chown -R apache:apache /var/log/app就像 - CMD chown -R apache:apache /var/log/app
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.