为什么docker-compose使用user：group 999：999创建目录/文件？ [英] Why docker-compose creates directories/files with user:group 999:999?

问题描述

我将 docker-compose up 与以下 docker-compose.yml

version: '3.5'
services:
 mysql-server:
  image: mysql:5.7
  environment:
    - MYSQL_ROOT_PASSWORD=root_pwd
  volumes:
   - ./var/lib/mysql:/var/lib/mysql:rw

目录 ./ var / lib / mysql 最初不存在。

运行 docker-compose up ..

ls -al ./var/lib/mysql 命令显示具有 user：group <$ c $的所有文件c> 999：999 。

我在系统中找不到名为 999 的用户或组。

I cannot find user or group called 999 in my system.

为什么 docker-compose 选择创建文件与不存在的uid：gid 吗？

对于我来说，除非更改所有权，否则无法提交特定目录。但是，即使我这样做了，在下一次运行时， docker-compose up 也会再次将所有权更新为 999：999 。

In my case, I cannot commit the specific directory unless I change ownership. But even when I do, on a next run, docker-compose up updates the ownership again to 999:999.

上述问题的解决方案是什么？例如有没有一种方法可以指示docker-compose使用特定的uid：gid对映射主机中的文件？

What is the solution to the above problem? e.g. Is there a way to instruct docker-compose to map files in host machine with a specific uid:gid pair?

主机：ubuntu-18.04

docker-compose：1.22.0

Host: ubuntu-18.04
docker-compose: 1.22.0

推荐答案

Docker创建并使用 mysql 图片使用。该用户当然在容器中具有 uid 。该 uid 恰好是999。

Docker creates and populates the directory with the user that mysql image uses. That user, of course, has an uid within the container. That uid happens to be 999.

具有该 uid 存在于容器中，但主机中不存在。

The user with that uid exists in the container but does not exist in your host.

在容器中，文件夹如下所示：

On the container the folder looks like this:

root@f86ffddac96c:/var/lib# ls -l
total 32
...
drwxr-xr-x 5 mysql mysql 4096 Mar 19 13:06 mysql
...

并且在主机上最终

root@machine:/home/username/mysql/var/lib# ls -l
total 4
drwxr-xr-x 5 999 docker 4096 Mar 19 15:06 mysql

这仅表示用户 mysql 的 uid 为999。在创建从容器到容器的绑定卷时主机上，该卷中的所有文件必须对相同的 uid 具有相同的权限。在我的测试机上，docker的 guid 为999，这就是为什么它在主机端显示为这样的原因。

This just simply means that the user mysql has uid of 999. And as you are creating a bind volume from container to host, all files within that volume must have same permissions for same uids. On my test machine docker has guid of 999, which is why it is displayed as such on the host side.

对于修复，您可以在dockerfile中使用（主机级）已知的 uid 代替默认文件，或者您可以忽略它，因为它完全按照预期的方式运行，除非出于特殊原因，您希望它在主机系统中为特定的 uid 显示特定的名称。

As for "fixing" this you can either use a (host-level) known uid in the dockerfile instead of the default one, or you can just ignore it, as it is working exactly as intended, unless there's a specific reason why you want it to display a certain name for a certain uid in your host system.

这篇关于为什么docker-compose使用user：group 999：999创建目录/文件？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！