如何允许具有只读根文件系统的容器写入 tmpfs-volume?
[英]How to allow Container with read only root filesystem writing to tmpfs-volume?
问题描述
i have the following problem:
我有以下问题:
my nginx container is starting with read only root-filesystem and i have configured two tmpfs-mounts: /var/run and /var/cache/nginx like it's described there: https://hub.docker.com/_/nginx我的 nginx 容器以只读根文件系统开始,我已经配置了两个 tmpfs-mounts:/var/run 和 /var/cache/nginx 就像那里描述的那样: https://hub.docker.com/_/nginx
At startup nginx throws this error and the container stops: 2021/08/26 06:31:16 [emerg] 1#1: mkdir() "/var/cache/nginx/client_temp" failed (30: Read-only file system)在启动时 nginx 抛出此错误并且容器停止: 2021/08/26 06:31:16 [emerg] 1#1: mkdir() "/var/cache/nginx/client_temp" failed (30: Read-only file system )
This is my ecs task-config:这是我的 ecs 任务配置:
{
"name": "nginx",
"essential": false,
"readonlyRootFilesystem": true,
"healthCheck": {
"command": [
"CMD-SHELL",
"curl --fail 127.0.0.1 || exit 1"
],
"interval": 30,
"timeout": 2,
"retries": 3
},
"memory": 256,
"image": "###########.dkr.ecr.eu-central-1.amazonaws.com/nginx:${NGINX_VER}",
"dockerLabels":
{
"Name": "nginx",
"Component": "sidecar-prometheus",
"App-Version": "${NGINX_VER}"
},
"logConfiguration": {
"logDriver": "awslogs",
"options": {
"awslogs-group": "${LOG_GROUP_NAME}",
"awslogs-region": "eu-central-1",
"awslogs-stream-prefix": "${LOG_GROUP_NAME}"
}
},
"portMappings": [
{
"containerPort": 10000,
"hostPort": 10000,
"protocol": "tcp"
}
],
"mountPoints": [
{
"readOnly": false,
"containerPath": "/config",
"sourceVolume": "VolumeConfig"
}
],
"tmpfs": {
"containerPath": "/var/run",
"size": "50",
"mountOptions": "rw"
},
"tmpfs": {
"containerPath": "/var/cache/nginx",
"size": "50",
"mountOptions": "rw"
},
How can i make the /var/cache/nginx mount rw?我怎样才能让 /var/cache/nginx 挂载 rw?
Many thanks for helping !非常感谢您的帮助!
2 个解决方案
解决方案1
2 已采纳 2021-10-07 10:52:16
The answer is that the config was wrong !答案是配置错误!
Here is the right way, tmpfs must include in linuxParameters:这是正确的方法,tmpfs 必须包含在 linuxParameters 中:
"linuxParameters": {
"tmpfs": [
{
"containerPath": "/var/log/nginx",
"mountOptions": [ "rw" ],
"size": 50
},
{
"mountOptions": [ "rw" ],
"containerPath": "/run",
"size": 10
},
{
"mountOptions": [ "rw"],
"containerPath": "/var/cache/nginx",
"size": 10
},
{
"mountOptions": [ "rw"],
"containerPath": "/tmp",
"size": 10
}
]
}
解决方案2
0 2021-08-30 14:03:21
Looking at the documentation , tmpfs accepts Array of Tmpfs objects .查看文档, tmpfs接受Array of Tmpfs objects 。
You seem to be passing tmpfs twice, instead of passing an array.您似乎两次传递tmpfs ,而不是传递一个数组。 Passing an array properly should work:正确传递数组应该有效:
"tmpfs": [
{
"containerPath": "/var/run",
"size": "50",
"mountOptions": "rw"
},
{
"containerPath": "/var/cache/nginx",
"size": "50",
"mountOptions": "rw"
}
]
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.