我正在通过docker-compose.yml文件在Docker容器中装入本地文件:
version: '3'
services:
myapp:
build:
context: ./dockerfiles
dockerfile: myapp.Dockerfile
args:
- UID=1000
- GID=1000
network_mode: host
volumes:
- ./volumes/logs:/opt/myapp/logs
已安装的文件夹属于我的用户(uid:1000,gid:1000),这些是docker用户获得的ID,但docker用户无法写入已安装的文件夹(permission denied)。
Dockerfile:
FROM centos:7
ARG UID=1000
ARG GID=1000
RUN yum -y update && \
yum -y install epel-release && \
yum -y install passwd curl jq supervisor iputils openssl-devel
RUN yum -y clean all
RUN useradd -m -s /bin/sh user && \
passwd -d user && \
usermod -o -u ${UID} user && \
groupmod -o -g ${GID} user
VOLUME ["/opt/myapp/logs"]
ADD myapp /opt/myapp/app
ADD supervisor/services.ini /etc/supervisord.d/services.ini
ADD start.sh /
RUN chown -R user:user /opt/myapp
RUN chown user:user /start.sh
USER user
CMD ["/start.sh"]
start.sh
exec supervisord -c /etc/supervisord.conf -n
service.ini
[program:myapp]
user = user
autorestart = true
stdout_logfile = /dev/stdout
stdout_logfile_maxbytes = 0
stderr_logfile = /dev/stderr
stderr_logfile_maxbytes = 0
command = /opt/myapp/app
我的app与user一起运行,并且无法将其日志写入已安装的文件夹中。
我的目标是从Docker容器外部访问日志。
即使我与
root用户一起在容器中运行,我仍然无法访问已安装的文件夹!