![](/img/trans.png)
[英]how to add certificate to POD/Container 's cert store when root filesystem is read-only
[英]How to allow Container with read only root filesystem writing to tmpfs-volume?
我有以下問題:
我的 nginx 容器以只讀根文件系統開始,我已經配置了兩個 tmpfs-mounts:/var/run 和 /var/cache/nginx 就像那里描述的那樣: https://hub.docker.com/_/nginx
在啟動時 nginx 拋出此錯誤並且容器停止: 2021/08/26 06:31:16 [emerg] 1#1: mkdir() "/var/cache/nginx/client_temp" failed (30: Read-only file system )
這是我的 ecs 任務配置:
{
"name": "nginx",
"essential": false,
"readonlyRootFilesystem": true,
"healthCheck": {
"command": [
"CMD-SHELL",
"curl --fail 127.0.0.1 || exit 1"
],
"interval": 30,
"timeout": 2,
"retries": 3
},
"memory": 256,
"image": "###########.dkr.ecr.eu-central-1.amazonaws.com/nginx:${NGINX_VER}",
"dockerLabels":
{
"Name": "nginx",
"Component": "sidecar-prometheus",
"App-Version": "${NGINX_VER}"
},
"logConfiguration": {
"logDriver": "awslogs",
"options": {
"awslogs-group": "${LOG_GROUP_NAME}",
"awslogs-region": "eu-central-1",
"awslogs-stream-prefix": "${LOG_GROUP_NAME}"
}
},
"portMappings": [
{
"containerPort": 10000,
"hostPort": 10000,
"protocol": "tcp"
}
],
"mountPoints": [
{
"readOnly": false,
"containerPath": "/config",
"sourceVolume": "VolumeConfig"
}
],
"tmpfs": {
"containerPath": "/var/run",
"size": "50",
"mountOptions": "rw"
},
"tmpfs": {
"containerPath": "/var/cache/nginx",
"size": "50",
"mountOptions": "rw"
},
我怎樣才能讓 /var/cache/nginx 掛載 rw?
非常感謝您的幫助!
答案是配置錯誤!
這是正確的方法,tmpfs 必須包含在 linuxParameters 中:
"linuxParameters": {
"tmpfs": [
{
"containerPath": "/var/log/nginx",
"mountOptions": [ "rw" ],
"size": 50
},
{
"mountOptions": [ "rw" ],
"containerPath": "/run",
"size": 10
},
{
"mountOptions": [ "rw"],
"containerPath": "/var/cache/nginx",
"size": 10
},
{
"mountOptions": [ "rw"],
"containerPath": "/tmp",
"size": 10
}
]
}
查看文檔, tmpfs
接受Array of Tmpfs objects
。
您似乎兩次傳遞tmpfs
,而不是傳遞一個數組。 正確傳遞數組應該有效:
"tmpfs": [
{
"containerPath": "/var/run",
"size": "50",
"mountOptions": "rw"
},
{
"containerPath": "/var/cache/nginx",
"size": "50",
"mountOptions": "rw"
}
]
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.