Docker Elasticsearch 容器的卷权限错误
[英]Docker Elasticsearch container with volume wrong permissions
问题描述
I have a problem with my elasticsearch container, when I let docker create elasticsearch volume, it has been created with wrong permissions so I got a problem and the container goes down.
我的 elasticsearch 容器有问题,当我让 docker 创建 elasticsearch 卷时,它是使用错误的权限创建的,所以我遇到了问题并且容器出现故障。 Is there a way to add a sh command to my machine to set permissions before start this container or something like that?有没有办法在启动这个容器或类似的东西之前向我的机器添加一个 sh 命令来设置权限? Or another solution to my problem?或者我的问题的另一种解决方案?
version: '3.1'
services:
db:
container_name: app_mysql
image: mysql:5.7
command: --default-authentication-plugin=mysql_native_password
volumes:
- ./volumes/mysql:/var/lib/mysql
environment:
MYSQL_ROOT_PASSWORD: root
MYSQL_USER: app
MYSQL_PASSWORD: app
MYSQL_DATABASE: app
ports:
- 33066:3306
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:7.6.0
container_name: app_elasticsearch
environment:
- xpack.security.enabled=false
- discovery.type=single-node
# - ELASTIC_PASSWORD=app
ulimits:
memlock:
soft: -1
hard: -1
nofile:
soft: 65536
hard: 65536
cap_add:
- IPC_LOCK
volumes:
- ./volumes/elasticsearch:/usr/share/elasticsearch/data
ports:
- 9200:9200
- 9300:9300
My log:我的日志:
docker-compose up
Starting app_elasticsearch ... done
Attaching to app_elasticsearch
app_elasticsearch | OpenJDK 64-Bit Server VM warning: Option UseConcMarkSweepGC was deprecated in version 9.0 and will likely be removed in a future release.
app_elasticsearch | uncaught exception in thread [main]
app_elasticsearch | {"type": "server", "timestamp": "2021-03-14T02:18:26,157Z", "level": "ERROR", "component": "o.e.b.ElasticsearchUncaughtExceptionHandler", "cluster.name": "docker-cluster", "node.name": "3879d18f5b22", "message": "uncaught exception in thread [main]",
app_elasticsearch | "stacktrace": ["org.elasticsearch.bootstrap.StartupException: ElasticsearchException[failed to bind service]; nested: AccessDeniedException[/usr/share/elasticsearch/data/nodes];",
app_elasticsearch | "at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:174) ~[elasticsearch-7.6.0.jar:7.6.0]",
app_elasticsearch | "at org.elasticsearch.bootstrap.Elasticsearch.execute(Elasticsearch.java:161) ~[elasticsearch-7.6.0.jar:7.6.0]",
app_elasticsearch | "at org.elasticsearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:86) ~[elasticsearch-7.6.0.jar:7.6.0]",
app_elasticsearch | "at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:125) ~[elasticsearch-cli-7.6.0.jar:7.6.0]",
app_elasticsearch | "at org.elasticsearch.cli.Command.main(Command.java:90) ~[elasticsearch-cli-7.6.0.jar:7.6.0]",
app_elasticsearch | "at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:126) ~[elasticsearch-7.6.0.jar:7.6.0]",
app_elasticsearch | "at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:92) ~[elasticsearch-7.6.0.jar:7.6.0]",
app_elasticsearch | "Caused by: org.elasticsearch.ElasticsearchException: failed to bind service",
app_elasticsearch | "at org.elasticsearch.node.Node.<init>(Node.java:615) ~[elasticsearch-7.6.0.jar:7.6.0]",
app_elasticsearch | "at org.elasticsearch.node.Node.<init>(Node.java:257) ~[elasticsearch-7.6.0.jar:7.6.0]",
app_elasticsearch | "at org.elasticsearch.bootstrap.Bootstrap$5.<init>(Bootstrap.java:221) ~[elasticsearch-7.6.0.jar:7.6.0]",
app_elasticsearch | "at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:221) ~[elasticsearch-7.6.0.jar:7.6.0]",
app_elasticsearch | "at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:349) ~[elasticsearch-7.6.0.jar:7.6.0]",
app_elasticsearch | "at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:170) ~[elasticsearch-7.6.0.jar:7.6.0]",
app_elasticsearch | "... 6 more",
app_elasticsearch | "Caused by: java.nio.file.AccessDeniedException: /usr/share/elasticsearch/data/nodes",
app_elasticsearch | "at sun.nio.fs.UnixException.translateToIOException(UnixException.java:90) ~[?:?]",
app_elasticsearch | "at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:111) ~[?:?]",
app_elasticsearch | "at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:116) ~[?:?]",
app_elasticsearch | "at sun.nio.fs.UnixFileSystemProvider.createDirectory(UnixFileSystemProvider.java:389) ~[?:?]",
app_elasticsearch | "at java.nio.file.Files.createDirectory(Files.java:693) ~[?:?]",
app_elasticsearch | "at java.nio.file.Files.createAndCheckIsDirectory(Files.java:800) ~[?:?]",
app_elasticsearch | "at java.nio.file.Files.createDirectories(Files.java:786) ~[?:?]",
app_elasticsearch | "at org.elasticsearch.env.NodeEnvironment.lambda$new$0(NodeEnvironment.java:274) ~[elasticsearch-7.6.0.jar:7.6.0]",
app_elasticsearch | "at org.elasticsearch.env.NodeEnvironment$NodeLock.<init>(NodeEnvironment.java:211) ~[elasticsearch-7.6.0.jar:7.6.0]",
app_elasticsearch | "at org.elasticsearch.env.NodeEnvironment.<init>(NodeEnvironment.java:271) ~[elasticsearch-7.6.0.jar:7.6.0]",
app_elasticsearch | "at org.elasticsearch.node.Node.<init>(Node.java:277) ~[elasticsearch-7.6.0.jar:7.6.0]",
app_elasticsearch | "at org.elasticsearch.node.Node.<init>(Node.java:257) ~[elasticsearch-7.6.0.jar:7.6.0]",
app_elasticsearch | "at org.elasticsearch.bootstrap.Bootstrap$5.<init>(Bootstrap.java:221) ~[elasticsearch-7.6.0.jar:7.6.0]",
app_elasticsearch | "at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:221) ~[elasticsearch-7.6.0.jar:7.6.0]",
app_elasticsearch | "at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:349) ~[elasticsearch-7.6.0.jar:7.6.0]",
app_elasticsearch | "at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:170) ~[elasticsearch-7.6.0.jar:7.6.0]",
app_elasticsearch | "... 6 more"] }
app_elasticsearch | ElasticsearchException[failed to bind service]; nested: AccessDeniedException[/usr/share/elasticsearch/data/nodes];
app_elasticsearch | Likely root cause: java.nio.file.AccessDeniedException: /usr/share/elasticsearch/data/nodes
app_elasticsearch | at java.base/sun.nio.fs.UnixException.translateToIOException(UnixException.java:90)
app_elasticsearch | at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:111)
app_elasticsearch | at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:116)
app_elasticsearch | at java.base/sun.nio.fs.UnixFileSystemProvider.createDirectory(UnixFileSystemProvider.java:389)
app_elasticsearch | at java.base/java.nio.file.Files.createDirectory(Files.java:693)
app_elasticsearch | at java.base/java.nio.file.Files.createAndCheckIsDirectory(Files.java:800)
app_elasticsearch | at java.base/java.nio.file.Files.createDirectories(Files.java:786)
app_elasticsearch | at org.elasticsearch.env.NodeEnvironment.lambda$new$0(NodeEnvironment.java:274)
app_elasticsearch | at org.elasticsearch.env.NodeEnvironment$NodeLock.<init>(NodeEnvironment.java:211)
app_elasticsearch | at org.elasticsearch.env.NodeEnvironment.<init>(NodeEnvironment.java:271)
app_elasticsearch | at org.elasticsearch.node.Node.<init>(Node.java:277)
app_elasticsearch | at org.elasticsearch.node.Node.<init>(Node.java:257)
app_elasticsearch | at org.elasticsearch.bootstrap.Bootstrap$5.<init>(Bootstrap.java:221)
app_elasticsearch | at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:221)
app_elasticsearch | at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:349)
app_elasticsearch | at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:170)
app_elasticsearch | at org.elasticsearch.bootstrap.Elasticsearch.execute(Elasticsearch.java:161)
app_elasticsearch | at org.elasticsearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:86)
app_elasticsearch | at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:125)
app_elasticsearch | at org.elasticsearch.cli.Command.main(Command.java:90)
app_elasticsearch | at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:126)
app_elasticsearch | at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:92)
app_elasticsearch | For complete error details, refer to the log at /usr/share/elasticsearch/logs/docker-cluster.log
app_elasticsearch exited with code 1
I know that my problem is elasticsearch ownership, because if I comment volume line, it works fine.我知道我的问题是 elasticsearch 所有权,因为如果我评论音量线,它工作正常。
I also do not have problem with mysql container... mysql 容器我也没有问题...
here is my permissions:这是我的权限:
ls -la volumes
total 16
drwxr-xr-x 4 root root 4096 mar 13 23:23 .
drwxrwxr-x 13 pedro pedro 4096 mar 13 23:18 ..
drwxr-xr-x 2 root root 4096 mar 13 23:18 elasticsearch
drwxr-xr-x 6 999 root 4096 mar 13 23:23 mysql
If I run something like:如果我运行类似:
sudo chown $user:$user volumes/elasticsearch -R
Then works, so I believe that docker is creating this dir with root:root instead $user:$user.然后工作,所以我相信 docker 正在使用 root:root 而不是 $user:$user 创建这个目录。 Is there a way to fix this without setting manually these permissions?有没有办法在不手动设置这些权限的情况下解决这个问题? Thanks谢谢
1 个解决方案
解决方案1
0 2021-03-14 07:33:47
You can define user: root while you build.您可以在构建时定义user: root 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
Docker 容器中的卷权限错误 - Wrong permissions in volume in Docker container
码头工人; 卷权限错误? - Docker ; Wrong volume permissions?
如何管理安装到 docker 容器中的卷的权限? - How to manage permissions for a volume mounted into a docker container?
在创建容器时设置 docker 卷权限 - Set docker volume permissions at container creation
如何为 Docker 容器内的附加卷设置权限? - How can I set permissions on an attached Volume within a Docker container?
Jenkins 卷权限错误 - Jenkins wrong volume permissions
Docker卷和主机权限 - Docker volume and host permissions
共享卷Docker权限 - Shared Volume Docker Permissions
Docker 卷中的权限 - Permissions in Docker volume
Docker 卷文件权限 - Docker volume file permissions
相关标签