在AWS EC2上将docker容器作为ec2-user运行

时间:2017-08-15 20:55:24

标签: docker amazon-ec2

我正在AWS EC2上运行docker,并且希望以用户ec2-user启动docker容器,因此使用命令mkdir afolder在容器内创建的任何文件夹都将归ec2-user所有。

我向user: ec2-user添加了docker-compose.yml,但是docker拒绝启动并提供错误:

Cannot start service web: linux spec user: unable to find user ec2-user: no matching entries in passwd file

这是因为容器没有用户ec2-user。我不想在构建时在Dockerfile中创建ec2-user,这意味着我必须在部署到差异服务器时修改Dockerfile。

解决此问题的更好方法是什么?

PS:我的Dockerfile和docker-compose.yml设置正确,因此当运行docker-compose up -d容器时,可以按预期启动。

我的Dockerfile

FROM codemix/yii2-base:2.0.12-apache
#FROM codemix/yii2-base:2.0.11.2-php7-fpm
#FROM codemix/yii2-base:2.0.11.2-hhvm

# Copy the Yii2 specific config apache config
COPY apache2.conf /etc/apache2/apache2.conf

# PHP configuration
COPY php.ini /usr/local/etc/php/php.ini

# Composer packages are installed first. This will only add packages
# that are not already in the yii2-base image.
COPY composer.json /var/www/html/
COPY composer.lock /var/www/html/
RUN composer self-update --no-progress && \
    composer install --no-progress

# Copy the working dir to the image's web root
COPY . /var/www/html

# The following directories are .dockerignored to not pollute the docker images
# with local logs and published assets from development. So we need to create
# empty dirs and set right permissions inside the container.
RUN mkdir -p runtime frontend/web/assets backend/web/assets \
    && chown www-data:www-data runtime frontend/web/assets backend/web/assets

# Expose everything under /var/www (vendor + html)
# This is only required for the nginx setup
VOLUME ["/var/www"]

我的docker-compose.yml

version: '2'
services:

    web:
        container_name: vl 
        build: 
            context: .
            dockerfile: Dockerfile
        volumes:
            - ./:/var/www/html/
        links:
            - db

        # For Apache based image:
        ports:
            - "8080:80"

    db:
        image: mysql:5.6
        ports:
            - "8081:3306"
        expose:
            - "3306"
        environment:
            MYSQL_ROOT_PASSWORD: secret-root
            MYSQL_DATABASE: web
            MYSQL_USER: web
            MYSQL_PASSWORD: web
        volumes:
            - mysql_data:/var/lib/mysql
volumes:
    mysql_data:

        # Autostart at boottime
        #restart: always

2 个答案:

答案 0 :(得分:0)

为了使web服务器在文件夹下的mkdir,文件夹需要由www-data用户拥有。在php init脚本中,使用chownchgrp更改文件夹权限。

答案 1 :(得分:0)

您应该在容器中创建一个名为ec2-user的用户。 在docker文件中应添加此类命令

RUN groupadd -g 1000 ec2-user && \    
    useradd -u 1000 -g ec2-user -m ec2-user -G docker_env && \   
    usermod -p "*" ec2-user