在Ubuntu上运行docker:挂载主机卷不能从容器写入 [英] Running docker on Ubuntu: mounted host volume is not writable from container
问题描述
所以我试图在Ubuntu桌面上设置我的应用程序和docker-compose,其中docker客户端和docker主机都在同一个系统上运行。这是有效的,但是我的运行中的docker容器不能写入挂载的主机卷。
我使用docker-compose进行以下设置:
卷:
- ./api:/usr/src/app
所以我将主机Ubuntu操作系统的api目录装载到/ usr / src / app下的docker容器中。
docker inspect< container ID>
显示该卷可写
Destination:/ usr / src / app,
/ pre>
Mode:rw,
RW:true
但是它不是:当我尝试创建目录或编辑文件时,我得到
权限被拒绝
从Docker容器中。
当然,我在google上搜索了这个问题,我遇到了几个关于CentOS / RHEL的SELinux问题,但是运行Ubuntu 15.10,64位版本,而不是CentOS。
解决方案如果您的
uid
在主机上与$ docker容器中的用户的uid
不一样(通常是docker),id -u
)那么你可以有这个问题。您可以尝试:
- 使您的用户和Docker容器中的用户之间的UID相同。
- 您还可以使用核选项:
chmod a + rwx -R project-dir /
核选项将使您的
git
工作空间污秽,这将大大刺激您,所以不是最好的长期解决方案。
为了进一步了解问题,您可能会发现这些有用:
Docker works great on a Mac for me, but I have to run docker host inside of a VirtualBox (or Parallels, or VMWare Fusion), since Mac's kernel doesn't support docker.
So I tried to setup my application and a docker-compose on an Ubuntu Desktop - natively, where both docker client and docker host run physically on the same system. This worked, but my running docker containers can't write into a mounted host volume.
I use docker-compose with the following settings:
volumes: - ./api:/usr/src/app
So I'm mounting the "api" directory of the host Ubuntu OS into docker container under /usr/src/app.
docker inspect <container ID>
shows that the volume is writable"Destination": "/usr/src/app", "Mode": "rw", "RW": true
However it is not: I get
permission denied
when I try to create a directory or edit a file from within the docker container.I googled for this issue, of course, and I came across a few SELinux issues of CentOS/RHEL, but I'm running Ubuntu 15.10, 64 bit edition, not CentOS.
解决方案If your
uid
on the host (id -u
) isn't the same as theuid
of the user in the docker container (often "docker") then you can have this problem. You can try:
- Making the UIDs the same between your user and the user in the docker container.
- Setting the group permissions on the directory to be writable for a group that both you and docker belong to.
- You could also use the nuclear option:
chmod a+rwx -R project-dir/
The nuclear option will make your
git
workspace filthy, which will annoy you greatly, so isn't the best long-term solution. It stops the bleeding tho.For further understanding the problem, you might find these useful:
这篇关于在Ubuntu上运行docker:挂载主机卷不能从容器写入的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!