如何使用非默认运行参数在AWS Elastic Beanstalk中运行Docker容器？ [英] How can I run a Docker container in AWS Elastic Beanstalk with non-default run parameters?

问题描述

我有一个在本地开发机器上运行良好的 Docker 容器。我想将其移动到 AWS弹性Beanstalk ，但是我遇到了一些麻烦。

我正在尝试安装通过使用 s3fs ，将 S3 我有Docker文件：

  FROM tomcat：7.0 
 MAINTAINER me@example.com 
 
运行apt-get update 
 RUN DEBIAN_FRONTEND =非交互式apt-get install -y build-essential libfuse-dev libcurl4-openssl-dev libxml ++ 2.6-dev libssl-dev mime-support automake libtool wget tar 
 
＃添加java源
添加。 / path / to / tomcat / webapps / 
 ADD run_docker.sh /root/run_docker.sh 
 WORKDIR $ CATALINA_HOME 
 
 EXPOSE 8080 
 
 CMD [ /root/run_docker.sh] 
  

我安装 s3fs ，装载一个 S3 桶，并在创建映像后运行 Tomcat 服务器，方法是运行 run_docker.sh ：

 ＃！/ bin / bash 
＃run_docker.sh 
 
 wget https://github.com/s3fs-fuse/s3fs-fuse/archive/master.zip -O /usr/src/master.zip; 
 cd / usr / src /; 
 unzip /usr/src/master.zip; 
 cd / usr / src / s3fs-fuse-master; 
 autoreconf --install; 
 CPPFLAGS = -I / usr / include / libxml2 / / usr / src / s3fs-fuse-master / configure; 
 make; 
 make install; 
 cd $ CATALINA_HOME; 
 
 mkdir / opt / s3-files; 
 s3fs my-bucket / opt / s3-files; 
 catalina.sh运行
  

当我使用以下命令构建并运行该Docker容器时： / p>

  docker run --cap-add mknod --cap-add sys_admin --device = / dev / fuse -p 80：8080 -d用户名/ mycontainer：最新
  

它工作得很好。然而，当我删除 - cap-add mknod -cap-add sys_admin --device = / dev / fuse 时，然后 s3fs 无法挂载我的 S3 桶。

现在想要在 AWS弹性Beanstalk 上运行，并且当我部署容器（并运行 run_docker.sh ）时，所有步骤都执行正常，除了步骤 s3fs my-bucket / opt / s3-files 在 run_docker.sh 无法装入存储桶。 / p>

推测，这是因为弹性Beanstalk运行Docker容器时，它不会添加任何其他标志，例如 - cap-add mknod --cap-add sys_admin --device = / dev / fuse 。

我的 Dockerrun.aws.json 文件看起来像：

  {
AWSEBDockerrunVersion：1，
Image：{
Name：tomcat：7.0
}，
Ports：[
 {
ContainerPort：8080 
} 
] 
} 
  

是否可以向AWS EB Docker部署添加额外的 docker run 标志？
另一个选项是找到另一种方法来装载一个 S3 bucket，但我怀疑我会遇到类似的权限错误。有没有人看到任何方式来完成这个？

更新：

对于试图在下面使用@ Egor答案的人，当EB配置设置为使用运行Docker 1.6.0 的 v1.4.0时，它将起作用。任何超过v1.4.0版本都会失败。所以为了使它的工作，正常建立你的环境（这应该给你一个失败的构建），然后重建它与一个 v1.4.0运行Docker 1.6.0 配置。应该这样做！

解决方案

如果您使用的是最新版本的aws docker stack（例如docker 1.7.1）您需要稍微修改上述答案。尝试这样：

 命令：
 00001_add_privileged：
 cwd：/ tmp 
命令： sed -i/ docker run -d / docker run --privileged -d //opt/elasticbeanstalk/hooks/appdeploy/enact/00run.sh'
  

请注意位置&&运行脚本的名称

I have a Docker container that runs great on my local development machine. I would like to move this to AWS Elastic Beanstalk, but I am running into a small bit of trouble.

I am trying to mount an S3 bucket to my container by using s3fs. I have the Dockerfile:

FROM tomcat:7.0
MAINTAINER me@example.com

RUN apt-get update
RUN DEBIAN_FRONTEND=noninteractive apt-get install -y build-essential libfuse-dev libcurl4-openssl-dev libxml++2.6-dev libssl-dev mime-support automake libtool wget tar 

# Add the java source
ADD . /path/to/tomcat/webapps/
ADD run_docker.sh /root/run_docker.sh
WORKDIR $CATALINA_HOME

EXPOSE 8080

CMD ["/root/run_docker.sh"]

And I install s3fs, mount an S3 bucket, and run the Tomcat server after the image has been created, by running run_docker.sh:

#!/bin/bash
#run_docker.sh

wget https://github.com/s3fs-fuse/s3fs-fuse/archive/master.zip -O /usr/src/master.zip;
cd /usr/src/;
unzip /usr/src/master.zip;
cd /usr/src/s3fs-fuse-master;
autoreconf --install;
CPPFLAGS=-I/usr/include/libxml2/ /usr/src/s3fs-fuse-master/configure;
make;
make install;
cd $CATALINA_HOME;

mkdir /opt/s3-files;
s3fs my-bucket /opt/s3-files;
catalina.sh run

When I build and run this Docker container using the command:

docker run --cap-add mknod --cap-add sys_admin --device=/dev/fuse -p 80:8080 -d username/mycontainer:latest

it works well. Yet, when I remove the --cap-add mknod --cap-add sys_admin --device=/dev/fuse, then s3fs fails to mount my S3 bucket.

Now, I would like to run this on AWS Elastic Beanstalk, and when I deploy the container (and run run_docker.sh), all the steps execute fine, except the step s3fs my-bucket /opt/s3-files in run_docker.sh fails to mount the bucket.

Presumably, this is because whatever Elastic Beanstalk does to run a Docker container, it doesn't add any additional flags like, --cap-add mknod --cap-add sys_admin --device=/dev/fuse.

My Dockerrun.aws.json file looks like:

{
  "AWSEBDockerrunVersion": "1",
  "Image": {
    "Name": "tomcat:7.0"
  },
  "Ports": [
    {
      "ContainerPort": "8080"
    }
  ]
}

Is it possible to add additional docker run flags to an AWS EB Docker deployment? An alternative option is to find another way to mount an S3 bucket, but I suspect I'd run into similar permission errors regardless. Has anyone seen any way to accomplish this???

UPDATE:

For people trying to use @Egor's answer below, it works when the EB configuration is set to use v1.4.0 running Docker 1.6.0. Anything past the v1.4.0 version fails. So to make it work, build your environment as normal (which should give you a failed build), then rebuild it with a v1.4.0 running Docker 1.6.0 configuration. That should do it!

解决方案

If you are using the latest version of aws docker stack (docker 1.7.1 for example), you'll need to slightly modify the above answer. Try this:

commands:
    00001_add_privileged:
        cwd: /tmp
        command: 'sed -i "s/docker run -d/docker run --privileged -d/" /opt/elasticbeanstalk/hooks/appdeploy/enact/00run.sh'

Notice the change of location && name of the run script

这篇关于如何使用非默认运行参数在AWS Elastic Beanstalk中运行Docker容器？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！