如何在Elastic Beanstalk上为特定容器设置文件夹权限 [英] How to set folder permissions for a particular container on Elastic Beanstalk

问题描述

我在为Elastic Beanstalk上的Web文件夹设置权限时遇到麻烦.我在一个实例中使用自定义docker映像运行多个容器:apache-php，mysql，memcached等.对于容器"apache-php"，我将带有yii2应用程序的文件夹映射到/var/www/html/.

I have troubles setting permissions for a web folder on Elastic Beanstalk. I run multiple containers using custom docker images in one instance: apache-php, mysql, memcached, etc.. For the container "apache-php" I map a folder with my yii2 application to /var/www/html/.

当我手动制作一个捆绑包并通过Elastic Beanstalk控制台上传/部署时，我肯定对该文件夹拥有正确的权限，并且一切正常.

When I manually make a bundle and do upload / deploy via Elastic Beanstalk console I sure have right permissions for the folder and everything works fine.

现在，当我使用"eb deploy"部署应用程序时，它将放弃所有权限，并且出现服务器错误，并且"Web进程无法写入该目录:/var/www/html/backend/web/assets在日志中.

Now, when I deploy the app using "eb deploy", it drops all permissions and I get a server error and "The directory is not writable by the Web process: /var/www/html/backend/web/assets" in logs.

我可以通过ssh连接并手动设置必要的权限，但是请确保这样做不方便，因为每次我重新部署该应用程序时都需要完成此操作.

I can connect via ssh and set necessary permissions manually, but sure this is not convenient, since needs to be done every time I re-deploy the app.

所以，我的问题是为Elastic Beanstalk上的特定容器中的特定文件夹自动设置权限的最佳方法是什么?

So, my questions is what is the best way to automatically set permission for particular folder in particular container on Elastic Beanstalk?

也许我可以使用.ebextensions，但是我没有找到如何为特定容器运行"container_commands".

Perhaps, I can use .ebextensions, but I didn't find how to run "container_commands" for particular container.

推荐答案

AWS EB部署在/var/app/ondeck

中启动您的应用

AWS EB Deployment starts your app in /var/app/ondeck

1. 部署弹性beantalk时，首先将您的应用解压缩到/var/app/ondeck/
   • 很有可能，您正在部署的本地文件夹没有所需的权限.

容器命令应在该路径上运行

但是请记住，除非您使用某种方法来测试预配置，否则无论您是否需要，这些命令都会在每次部署时运行.

Container commands should be run to that path

But keep in mind, that these commands will run EVERY time you deploy, whether needed or not, unless you use some method to test for pre-config.

container_commands:
  08user_config:
    test: test ! -f  /opt/elasticbeanstalk/.preconfig-complete
    command: |
      echo "jail-me" > /home/ec2-user/.userfile
  09writable_dirs:
    command: |
       chmod -R 770 /var/app/ondeck/backend/web/assets
       chmod -R 770 /var/app/ondeck/[path]
  99complete:
    command: |
      touch /opt/elasticbeanstalk/.preconfig-complete

files:
  "/etc/profile.d/myalias.sh":
    mode: "000644"
    owner: root
    group: root
    content: |
      alias webroot='cd /var/www/html/backend/web; ls -al --color;'
      echo " ========== "
      echo " The whole point of Elastic Beanstalk is that you shouldn't need to SSH into the server. "
      echo " ========== "

这篇关于如何在Elastic Beanstalk上为特定容器设置文件夹权限的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！