[英]Is it possible to have a mount and volume in the same container using docker-compose?
Is it possible to have a mount and a volume in the same container?是否可以在同一个容器中安装一个安装和一个卷? I have been trying to setup a mount and a volume using different paths but I am having trouble with getting the correct permission sets.
我一直在尝试使用不同的路径设置安装和卷,但在获取正确的权限集时遇到了麻烦。
My docker file:我的码头文件:
FROM node:16-alpine
RUN apk add dumb-init
RUN addgroup appgroup && adduser -S appuser -G appgroup
RUN mkdir -p /app/logs
WORKDIR /app/
COPY package*.json ./
RUN npm install
COPY . /app
RUN chown -R appuser:appgroup /app/
USER appuser
docker-compose.yml docker-compose.yml
version: "3.8"
services:
my-service:
user: "1000"
container_name: demou
build:
context: .
image: "my-service"
working_dir: /app/
ports:
- 80:80
environment:
- NODE_VERSION=16
volumes:
- ~/logs:/app/logs/:rw
- other:/app/other/:rw
command: sh -c "dumb-init node src/server.js"
networks:
- Snet
volumes:
other:
name: "other"
networks:
Snet:
name: "Snetwork"
If I keep user: "1000"
in the docker-compose file, the mount works and I can see the files but the volume fails and I get permission denied when attempting to write to app/other as specified in the volume declaration.如果我在 docker-compose 文件中保留
user: "1000"
,则挂载工作,我可以看到文件,但卷失败,并且在尝试写入卷声明中指定的应用程序/其他时,我的权限被拒绝。 Removing user: "1000"
resolves the volume permission but causes the mount to fail with permission denied.删除
user: "1000"
解析卷权限,但导致挂载失败,权限被拒绝。
using docker exec, I can see the following permissions with the user: "1000"
使用 docker exec,我可以看到
user: "1000"
的以下权限user: "1000"
drwxr-xr-x 1 appuser appgroup 4096 Nov 15 15:08 .
drwxr-xr-x 1 root root 4096 Nov 15 15:08 ..
drwxrwxr-x 2 node node 4096 Nov 15 15:08 logs
drwxr-xr-x 1 appuser appgroup 4096 Nov 15 15:08 node_modules
drwxr-xr-x 2 root root 4096 Nov 15 15:08 other
-rw-rw-r-- 1 appuser appgroup 31394 Nov 15 11:55 package-lock.json
-rw-rw-r-- 1 appuser appgroup 274 Nov 15 11:55 package.json
drwxrwxr-x 1 appuser appgroup 4096 Nov 13 13:56 src
Also, why is logs directory owned by node:node?另外,为什么日志目录归节点:节点所有? I haven't setup any node user or group.
我还没有设置任何节点用户或组。
My OS/docker host details:我的操作系统/docker 主机详细信息:
Distributor ID: Ubuntu Description: Ubuntu 20.04.3 LTS Release: 20.04 Codename: focal发行商 ID:Ubuntu 描述:Ubuntu 20.04.3 LTS 版本:20.04 代号:focus
Thanks谢谢
~/logs:/app/logs/:rw
The directory ~/logs
must be granted rw to 1000:1000 (appuser:appgroup) because this is an existing directory on the host.目录
~/logs
必须被授予 rw 到 1000:1000 (appuser:appgroup),因为这是主机上的现有目录。
other:/app/other/:rw
Named volume is created by docker on the host which is owned by root
(except rootless mode).命名卷由 docker 在
root
拥有的主机上创建(无root
模式除外)。 Add the following instruction to your Dockerfile to retain the permission after docker created the named volume and mount to your container:将以下指令添加到您的 Dockerfile 以在 docker 创建命名卷并挂载到您的容器后保留权限:
RUN mkdir -p /app/other
...
VOLUME /app/other
why is logs directory owned by node:node?
This user:group was created in the base image node:16-alpine.这个 user:group 是在基础镜像 node:16-alpine 中创建的。
Other method to resolve similar issue like this if it suits your need.其他的方法来解决类似的问题,像这样,如果它适合你的需要。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.