是否可以使用 docker-compose 在同一个容器中安装一个安装和卷?
[英]Is it possible to have a mount and volume in the same container using docker-compose?
问题描述
Is it possible to have a mount and a volume in the same container?
是否可以在同一个容器中安装一个安装和一个卷? I have been trying to setup a mount and a volume using different paths but I am having trouble with getting the correct permission sets.我一直在尝试使用不同的路径设置安装和卷,但在获取正确的权限集时遇到了麻烦。
My docker file:我的码头文件:
FROM node:16-alpine
RUN apk add dumb-init
RUN addgroup appgroup && adduser -S appuser -G appgroup
RUN mkdir -p /app/logs
WORKDIR /app/
COPY package*.json ./
RUN npm install
COPY . /app
RUN chown -R appuser:appgroup /app/
USER appuser
docker-compose.yml docker-compose.yml
version: "3.8"
services:
my-service:
user: "1000"
container_name: demou
build:
context: .
image: "my-service"
working_dir: /app/
ports:
- 80:80
environment:
- NODE_VERSION=16
volumes:
- ~/logs:/app/logs/:rw
- other:/app/other/:rw
command: sh -c "dumb-init node src/server.js"
networks:
- Snet
volumes:
other:
name: "other"
networks:
Snet:
name: "Snetwork"
If I keep user: "1000" in the docker-compose file, the mount works and I can see the files but the volume fails and I get permission denied when attempting to write to app/other as specified in the volume declaration.如果我在 docker-compose 文件中保留user: "1000" ,则挂载工作,我可以看到文件,但卷失败,并且在尝试写入卷声明中指定的应用程序/其他时,我的权限被拒绝。 Removing user: "1000" resolves the volume permission but causes the mount to fail with permission denied.删除user: "1000"解析卷权限,但导致挂载失败,权限被拒绝。
using docker exec, I can see the following permissions with the user: "1000"使用 docker exec,我可以看到user: "1000"的以下权限user: "1000"
drwxr-xr-x 1 appuser appgroup 4096 Nov 15 15:08 .
drwxr-xr-x 1 root root 4096 Nov 15 15:08 ..
drwxrwxr-x 2 node node 4096 Nov 15 15:08 logs
drwxr-xr-x 1 appuser appgroup 4096 Nov 15 15:08 node_modules
drwxr-xr-x 2 root root 4096 Nov 15 15:08 other
-rw-rw-r-- 1 appuser appgroup 31394 Nov 15 11:55 package-lock.json
-rw-rw-r-- 1 appuser appgroup 274 Nov 15 11:55 package.json
drwxrwxr-x 1 appuser appgroup 4096 Nov 13 13:56 src
Also, why is logs directory owned by node:node?另外,为什么日志目录归节点:节点所有? I haven't setup any node user or group.我还没有设置任何节点用户或组。
My OS/docker host details:我的操作系统/docker 主机详细信息:
Distributor ID: Ubuntu Description: Ubuntu 20.04.3 LTS Release: 20.04 Codename: focal发行商 ID:Ubuntu 描述:Ubuntu 20.04.3 LTS 版本:20.04 代号:focus
Thanks谢谢
1 个解决方案
解决方案1
0 2021-11-16 04:08:40
~/logs:/app/logs/:rw
The directory ~/logs must be granted rw to 1000:1000 (appuser:appgroup) because this is an existing directory on the host.目录~/logs必须被授予 rw 到 1000:1000 (appuser:appgroup),因为这是主机上的现有目录。
other:/app/other/:rw
Named volume is created by docker on the host which is owned by root (except rootless mode).命名卷由 docker 在root拥有的主机上创建(无root模式除外)。 Add the following instruction to your Dockerfile to retain the permission after docker created the named volume and mount to your container:将以下指令添加到您的 Dockerfile 以在 docker 创建命名卷并挂载到您的容器后保留权限:
RUN mkdir -p /app/other
...
VOLUME /app/other
why is logs directory owned by node:node?
This user:group was created in the base image node:16-alpine.这个 user:group 是在基础镜像 node:16-alpine 中创建的。
Other method to resolve similar issue like this if it suits your need.其他的方法来解决类似的问题,像这样,如果它适合你的需要。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.