![](/img/trans.png)
[英]Postgres volume mounting on WSL2 and Docker desktop: Permission Denied on PGDATA folder
[英]Postgres mounting volume in docker. Permission denied
我尝试将主机上的文件夹映射到 postgres 容器,以便即使容器销毁也能保存我的数据。
首先我创建了新目录 pg-data
其次我在 docker-compose.yml 中描述了容器
version: '3.7'
networks:
backend-network:
driver: bridge
frontend-network:
driver: bridge
volumes:
redis-data:
pg-data:
services:
&app-service app: &app-service-template
container_name: k4fntr_app
build:
context: ./docker/php-fpm
args:
UID: ${UID?Use your user ID}
GID: ${GID?Use your group ID}
USER: ${USER?Use your user name}
user: "${UID}:${GID}"
hostname: *app-service
volumes:
- /etc/passwd/:/etc/passwd:ro
- /etc/group/:/etc/group:ro
- ./:/var/www/k4fntr
environment:
APP_ENV: "${APP_ENV}"
CONTAINER_ROLE: app
FPM_PORT: &php-fpm-port 9000
FPM_USER: "${UID:-1000}"
FPM_GROUP: "${GID:-1000}"
depends_on:
- redis
- database
networks:
- backend-network
&queue-service queue:
<<: *app-service-template
container_name: k4fntr_queue
restart: always
hostname: *queue-service
depends_on:
- app
environment:
CONTAINER_ROLE: queue
&schedule-service schedule:
<<: *app-service-template
container_name: k4fntr_schedule
restart: always
hostname: *schedule-service
depends_on:
- app
environment:
CONTAINER_ROLE: scheduler
&php-fpm-service php-fpm:
<<: *app-service-template
container_name: k4fntr_php-fpm
user: 'root:root'
restart: always
hostname: *php-fpm-service
ports: [*php-fpm-port]
entrypoint: /fpm-entrypoint.sh
command: php-fpm --nodaemonize -d "opcache.enable=0" -d "display_startup_errors=On" -d "display_errors=On" -d "error_reporting=E_ALL"
networks:
- backend-network
- frontend-network
mail:
container_name: k4fntr_mail
image: mailhog/mailhog
ports:
- "1025:1025"
- "8025:8025"
- backend-network
database:
container_name: k4fntr_database
build: ./docker/postgres
restart: always
environment:
ENV: ${APP_ENV}
TESTING_DB: ${DB_DATABASE_TESTING}
POSTGRES_DB: ${DB_DATABASE}
POSTGRES_USER: ${DB_USERNAME}
POSTGRES_PASSWORD: ${DB_PASSWORD}
ports:
- "15432:5432"
volumes:
- ./docker/postgres/prod/:/prod
- ./docker/postgres/pg-data:/var/lib/postgresql/data:Z
networks:
- backend-network
- backend-network
database:
container_name: k4fntr_database
build: ./docker/postgres
restart: always
environment:
ENV: ${APP_ENV}
TESTING_DB: ${DB_DATABASE_TESTING}
POSTGRES_DB: ${DB_DATABASE}
POSTGRES_USER: ${DB_USERNAME}
POSTGRES_PASSWORD: ${DB_PASSWORD}
ports:
- "15432:5432"
volumes:
- ./docker/postgres/prod/:/prod
- ./docker/postgres/pg-data:/var/lib/postgresql/data:rw
networks:
- backend-network
- backend-network
nginx:
container_name: k4fntr_nginx
image: nginx
volumes:
- ./docker/nginx/config:/etc/nginx/conf.d
- ./:/var/www/k4fntr
depends_on:
- *php-fpm-service
ports:
- "8084:80"
networks:
- frontend-network
redis:
container_name: k4fntr_redis
image: redis
restart: always
command: redis-server
volumes:
- ./docker/redis/config/redis.conf:/usr/local/etc/redis/redis.conf
- ./docker/redis/redis-data:/data:rw
ports:
- "16379:6379"
networks:
- backend-network
database:
container_name: k4fntr_database
build: ./docker/postgres
restart: always
environment:
ENV: ${APP_ENV}
TESTING_DB: ${DB_DATABASE_TESTING}
POSTGRES_DB: ${DB_DATABASE}
POSTGRES_USER: ${DB_USERNAME}
POSTGRES_PASSWORD: ${DB_PASSWORD}
ports:
- "15432:5432"
volumes:
- ./docker/postgres/prod/:/prod
- ./docker/postgres/pg-data:/var/lib/postgresql/data:Z
networks:
- backend-network
我在 docker/postgres/ 中也有 Dockerfile,它包含下一个代码
FROM postgres:10.5-alpine
COPY /docker-entrypoint-initdb.d/ /docker-entrypoint-initdb.d/
RUN apk add openssh-client
RUN chmod a+r /docker-entrypoint-initdb.d/*
RUN mkdir /prod
RUN chmod a+r /prod
然后我用 docker-compose exec -d --build 构建我的图像
之后我的用户在 70:root 上更改
没有 sudo,我无法对这个文件夹做任何事情。 此外,当我尝试重建容器时,出现错误
/usr/local/bin/docker-compose up -d --build
Building database
Traceback (most recent call last):
File "bin/docker-compose", line 6, in <module>
File "compose/cli/main.py", line 72, in main
File "compose/cli/main.py", line 128, in perform_command
File "compose/cli/main.py", line 1077, in up
File "compose/cli/main.py", line 1073, in up
File "compose/project.py", line 548, in up
File "compose/service.py", line 351, in ensure_image_exists
File "compose/service.py", line 1106, in build
File "site-packages/docker/api/build.py", line 160, in build
File "site-packages/docker/utils/build.py", line 30, in tar
File "site-packages/docker/utils/build.py", line 49, in exclude_paths
File "site-packages/docker/utils/build.py", line 214, in rec_walk
File "site-packages/docker/utils/build.py", line 184, in rec_walk
PermissionError: [Errno 13] Permission denied: '/home/ubuntu/PhpstormProjects/fntr/docker/postgres/pg-data'
[16332] Failed to execute script docker-compose
我需要删除这个文件夹(使用 sudo)然后重建。
我试过的:
1 - 我已阅读https://hub.docker.com/_/postgres (任意 --user 注释)中的说明,并尝试在容器和用户内卷 /etc/passwd:“${UID}:${ GID}”,但出现错误
initdb: could not access directory "/var/lib/postgresql/data": permission denied
2 - 将 PGDATA 使用到另一个地方并在重建时遇到相同的错误
3 - 使用 777 权限在 Dockerfile 中创建 /var/lib/postgresql/data,但图像中的 postgres 入口点刚刚删除了此文件夹并重新创建了它
我真的需要帮助解决这个问题,因为我花了 3 天没有效果
以下对我有用,也许您需要从一个更简单的设置开始,并找出导致问题的原因,因为您朝着完整的配置前进:
version: '3.7'
volumes:
pg-data:
services:
database:
image: postgres:latest
restart: always
environment:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
PGDATA: /pg-data
ports:
- "5432:5432"
volumes:
- pg-data:/pg-data
所以 ...
########################################
# start db
########################################
▶ docker-compose up -d
Creating docker-compose-pg_database_1 ... done
########################################
# note pg-data is created
########################################
▶ ls
docker-compose.yml pg-data
########################################
# create some data
########################################
▶ docker-compose exec database psql -U postgres
psql (12.2 (Debian 12.2-2.pgdg100+1))
Type "help" for help.
postgres=# create database foo;
CREATE DATABASE
postgres=# \q
########################################
# remove the container and any non-mounted data
########################################
▶ docker-compose rm -sf
Stopping docker-compose-pg_database_1 ... done
Going to remove docker-compose-pg_database_1
Removing docker-compose-pg_database_1 ... done
########################################
# start the container again
########################################
▶ docker-compose up -d
Creating docker-compose-pg_database_1 ... done
########################################
# see data from before
########################################
▶ docker-compose exec database psql -U postgres
psql (12.2 (Debian 12.2-2.pgdg100+1))
Type "help" for help.
postgres=# \l
List of databases
Name | Owner | Encoding | Collate | Ctype | Access privileges
-----------+----------+----------+------------+------------+-----------------------
foo | postgres | UTF8 | en_US.utf8 | en_US.utf8 |
postgres | postgres | UTF8 | en_US.utf8 | en_US.utf8 |
template0 | postgres | UTF8 | en_US.utf8 | en_US.utf8 | =c/postgres +
| | | | | postgres=CTc/postgres
template1 | postgres | UTF8 | en_US.utf8 | en_US.utf8 | =c/postgres +
| | | | | postgres=CTc/postgres
(4 rows)
这就是在 manjaro linux 上对我有用的方法。
首先我需要手动创建 pgdata 文件夹。 如果我省略这一步,docker 将使用错误的权限创建 pgdata。
mkdir -p /some/path/pddata
接下来,我创建 docker 容器并使用 --user 参数映射我的用户:
docker container run -d --name=pg -p 5432:5432 --user $(id -u):$(id -g) -e POSTGRES_PASSWORD=postgres -e PGDATA=/pgdata -v /host/path/to/pgdata:/pgdata postgres:latest
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.