docker-compose 卷安装的只读文件系统错误
[英]Read only filesystem error with docker-compose volume mounts
问题描述
I am working with docker-compose as part of a sentry on-premise install.
我正在使用 docker-compose 作为哨兵内部安装的一部分。
Below is a snippet of the nginx portion of my docker-compose.yml.下面是我的 docker-compose.yml 的 nginx 部分的片段。 This is the nginx container configuration as provided to me.这是提供给我的 nginx 容器配置。 You'll notice it has an existing volume mount.您会注意到它有一个现有的卷安装。
nginx:
<< : *restart_policy
ports:
- '$SENTRY_BIND:80/tcp'
image: 'nginx'
volumes:
- type: bind
read_only: true
source: ./nginx
target: /etc/nginx
depends_on:
- web
- relay
The problem is that I need additional mounts in order for my nginx configuration to work correctly.问题是我需要额外的安装才能让我的 nginx 配置正常工作。 I need to be able to mount certs for SSL.我需要能够为 SSL 安装证书。 When I make the following modification to the nginx portion...当我对 nginx 部分进行以下修改时......
nginx:
<< : *restart_policy
ports:
- '$SENTRY_BIND:80/tcp'
image: 'nginx'
volumes:
- type: bind
read_only: true
source: ./nginx
target: /etc/nginx
- type: bind
read_only: true
source: ./certs
target: /etc/nginx/certs
depends_on:
- web
- relay
relay:
... I get the following error when using docker-compose up -d: ... 使用 docker-compose up -d 时出现以下错误:
Creating sentry_onpremise_nginx_1 ... error
Creating sentry_onpremise_ingest-consumer_1 ... done
Creating sentry_onpremise_subscription-consumer-events_1 ... done
me/brad/repo/onpremise/certs" to rootfs at "/var/lib/docker/overlay2/357f60b96e866d8dd84d657f7cad55fad76420a61cc8cb35a10ebcb13bcf4060/merged/etc/nginx/certs" caused: mkdir /var/lib/docker/overlay2/357f60b96e866d8dd84d657f7cad55fad76420a61cc8cb35a10ebcb13bcf4060/merged/etc/nginx/certs: read-only file system: unknown
ERROR: for nginx Cannot start service nginx: OCI runtime create failed: container_linux.go:367: starting container process caused: process_linux.go:495: container init caused: rootfs_linux.go:60: mounting "/home/brad/repo/onpremise/certs" to rootfs at "/var/lib/docker/overlay2/357f60b96e866d8dd84d657f7cad55fad76420a61cc8cb35a10ebcb13bcf4060/merged/etc/nginx/certs" caused: mkdir /var/lib/docker/overlay2/357f60b96e866d8dd84d657f7cad55fad76420a61cc8cb35a10ebcb13bcf4060/merged/etc/nginx/certs: read-only file system: unknown
ERROR: Encountered errors while bringing up the project.
Any help would be greatly appreciated.任何帮助将不胜感激。 I'm not very experienced with docker/compose.我对 docker/compose 不是很有经验。
EDIT: For what it's worth, when I run docker exec -it sentry_onpremise_nginx_1 /bin/bash and attempt to create a directory inside the container, I am presented with a similar error:编辑:对于它的价值,当我运行docker exec -it sentry_onpremise_nginx_1 /bin/bash并尝试在容器内创建一个目录时,我遇到了类似的错误:
root@83afd0c563de:/etc/nginx# mkdir certs
mkdir: cannot create directory 'certs': Read-only file system
2 个解决方案
解决方案1
3 2021-04-30 13:39:40
This was resolved by placing the certs directory underneath the nginx directory.通过将 certs 目录放在 nginx 目录下解决了这个问题。 The mounts were conflicting with one another.坐骑相互冲突。 Mounting to /etc/nginx first with RO was then blocking the mount to /etc/nginx/certs because it was trying to attach to a portion that was read only.首先使用 RO 挂载到 /etc/nginx 会阻止挂载到 /etc/nginx/certs,因为它试图附加到只读部分。
解决方案2
-1 2022-07-02 07:08:02
To solve this, you need create/run your container with --privileged parameter.要解决这个问题,您需要使用--privileged参数创建/运行您的容器。
like this:像这样:
docker run --privileged -i --name master --hostname k8s-master -d ubuntu:20.04
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.