stackoom
  简体   繁体   中英

Is it possible to have a mount and volume in the same container using docker-compose?

 原文  2021-11-15 20:28:26       docker/ docker-compose/ docker-volume

Question

Is it possible to have a mount and a volume in the same container? I have been trying to setup a mount and a volume using different paths but I am having trouble with getting the correct permission sets.

My docker file:

FROM node:16-alpine
RUN apk add dumb-init

RUN addgroup appgroup && adduser -S appuser -G appgroup

RUN mkdir -p /app/logs

WORKDIR /app/


COPY package*.json ./
RUN npm install


COPY . /app
RUN chown -R appuser:appgroup /app/

USER appuser

docker-compose.yml 

version: "3.8"
services:
  my-service:
    user: "1000"
    container_name: demou 
    build:
      context: . 
    image: "my-service" 

    working_dir: /app/ 

    ports:
      - 80:80 
    environment:
      - NODE_VERSION=16 
    volumes:
       - ~/logs:/app/logs/:rw
       - other:/app/other/:rw
    command: sh -c "dumb-init node src/server.js"

    networks:
      - Snet
volumes:
  other:
    name: "other"
networks:
  Snet:
    name: "Snetwork"

If I keep user: "1000" in the docker-compose file, the mount works and I can see the files but the volume fails and I get permission denied when attempting to write to app/other as specified in the volume declaration. Removing user: "1000" resolves the volume permission but causes the mount to fail with permission denied.

using docker exec, I can see the following permissions with the user: "1000"

drwxr-xr-x    1 appuser  appgroup      4096 Nov 15 15:08 .
drwxr-xr-x    1 root     root          4096 Nov 15 15:08 ..
drwxrwxr-x    2 node     node          4096 Nov 15 15:08 logs
drwxr-xr-x    1 appuser  appgroup      4096 Nov 15 15:08 node_modules
drwxr-xr-x    2 root     root          4096 Nov 15 15:08 other
-rw-rw-r--    1 appuser  appgroup     31394 Nov 15 11:55 package-lock.json
-rw-rw-r--    1 appuser  appgroup       274 Nov 15 11:55 package.json
drwxrwxr-x    1 appuser  appgroup      4096 Nov 13 13:56 src

Also, why is logs directory owned by node:node? I haven't setup any node user or group.

My OS/docker host details:

Distributor ID: Ubuntu Description: Ubuntu 20.04.3 LTS Release: 20.04 Codename: focal

Thanks

1 answers

solution1
 0  2021-11-16 04:08:40

~/logs:/app/logs/:rw

The directory ~/logs must be granted rw to 1000:1000 (appuser:appgroup) because this is an existing directory on the host.

other:/app/other/:rw

Named volume is created by docker on the host which is owned by root (except rootless mode). Add the following instruction to your Dockerfile to retain the permission after docker created the named volume and mount to your container:

RUN mkdir -p /app/other
...
VOLUME /app/other

why is logs directory owned by node:node?

This user:group was created in the base image node:16-alpine.

Other method to resolve similar issue like this if it suits your need.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question how to mount localhost volume to a docker container using docker-compose Mount WordPress named volume in subdirectory of NGINX container with docker-compose Docker-compose: Mount a volume only in the first container How to mount Azure File Share as Volume for Container Group using docker-compose? Mount single file from volume using docker-compose Error when mount a volume using docker-compose Cannot mount volume with docker-compose Docker-compose volume mount before run Mount a volume in docker-compose conditionally Docker-compose trouble to mount local volume
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM