I'm using following system version/spec for the docker-redis setup using default redis.conf.
Redhat version: 7.6 (Red Hat Enterprise Linux Server)
Redis Version: 5.0.4
Docker Version: 1.13.1, build b2f74b2/1.13.1
When I run following command it's working perfectly fine.
sudo docker run -d -v $PWD/redis.conf:/usr/local/etc/redis/redis.conf --name redis-persistance --net tyk -p 7070:6379 redis redis-server /usr/local/etc/redis/redis.conf --appendonly yes
I need to get redis data (which is in /data inside the container) to the host directory (/usr/local/etc/redis/data) (-v $PWD/data:/data). So when I run following command I'm getting the below error.
Note $PWD = /usr/local/etc/redis/
sudo docker run -d -v $PWD/redis.conf:/usr/local/etc/redis/redis.conf -v $PWD/data:/data --name redis-persistance --net tyk -p 7070:6379 redis redis-server /usr/local/etc/redis/redis.conf --appendonly yes
Error in docker logs:
journal: chown: changing ownership of '.': Permission denied
level=warning msg="05ce842f052e28566aed0e2eab32281138462cead771033790266ae145fce116 cleanup: failed to unmount secrets: invalid argument"
Also I tried changing the ownership of the data folder in the host to following as well. chown redis:redis data
drwxrwxrwx. 2 redis redis 6 May 3 07:11 data
Can someone help me out on this. Thanks.
First create a volume:
docker volume create redis_data
Check the volume is created (note the Mountpoint):
docker volume inspect redis_data
Then use this volume to start your container:
sudo docker run -d -v $PWD/redis.conf:/usr/local/etc/redis/redis.conf -v redis_data:/data --name redis-persistance --net tyk -p 7070:6379 redis redis-server /usr/local/etc/redis/redis.conf --appendonly yes
You can then check the contents of the "Mountpoint" that should be the redis data.
Related
I am following an already written guideline on running docker and Mariadb on VM. but I am using wsl ubuntu on windows.
(sudo) apt update
(sudo) apt upgrade
* Docker
(sudo) apt-get install docker.io
Portainer
(sudo) docker volume create portainer_data
(sudo) docker run --name portainer -d -p 9000:9000 -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer --log-opt max-size=50m --log-opt max-file=5 -d --privileged -p 9000:9000 -v /var/run/docker.sock:/var/run/docker.sock -v /path/on/host/data:/data portainer/portainer
MariaDB
(sudo) mkdir /mnt/raid/data/mariadb
(sudo) mkdir /mnt/raid/data/mariadb/storage
(sudo) touch /mnt/raid/data/mariadb/config.cnf
(sudo) nano /mnt/raid/data/mariadb/config.cnf
but I get an error whenever I run docker run --log-opt max-size=50m --log-opt max-file=5 --name mariadb -v /mnt/raid/data/mariadb/storage:/var/lib/mysql -v /mnt/raid/data/mariadb/config.cnf:/etc/mysql/my.cnf -p 3306:3306 -e MYSQL_ROOT_PASSWORD=admin -d mariadb/server:latest
This is the error:
Error response from daemon: failed to create shim: OCI runtime create failed: container_linux.go:380: starting container process caused: process_linux.go:545: container init caused: rootfs_linux.go:75: mounting "/run/desktop/mnt/host/wsl/docker-desktop-bind-mounts/Ubuntu/e18d5bf9d7f9627840069cbdafadd22ec458ffe154082d3c685ed8b1a4f15eb2" to rootfs at "/etc/mysql/my.cnf" caused: mount through procfd: not a directory: unknown: Are you trying to mount a directory onto a file (or vice-versa)? Check if the specified host path exists and is the expected type
I guess it might be an error with the mounting because I cannot locate the locations of the created path or the folder in the system.
How can I run docker commands inside a docker container when the user is not root?
The reason behind this (running as non root) is that the (first) container creates some files on a mounted volume. If the user in the container is root then these files' owner is also root. If I run the container with the same user as on the host system then these files have the correct user and group.
docker run --rm -it -u $(id -u):$(id -g) -v /var/run/docker.sock:/var/run/docker.sock ubuntu /bin/bash
// inside container:
// assume docker binary is available
docker pull alpine
This will not work when run as a non root user giving following error:
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post http://%2Fvar%2Frun%2Fdocker.sock/v1.24/images/create?fromImage=alpine&tag=latest: dial unix /var/run/docker.sock: connect: permission denied
Docker:
docker run -it -u $(id -u):$(id -g) --group-add $(getent group docker | cut -d ':' -f 3) --rm -v /var/run/docker.sock:/var/run/docker.sock docker docker --version
For Docker Compose set group_add under your service and set the env variable:
export DOCKER_GROUP_ID=$(getent group docker | cut -d ':' -f 3);
services:
myservice:
image: docker
group_add:
- ${DOCKER_GROUP_ID}
I'm building a Docker image for an application which requires to ssh into localhost (i.e ssh user#localhost)
I'm working on a Ubuntu desktop machine and started with a basic ubuntu:16.04 container.
Following is the content of my Dockerfile:
FROM ubuntu:16.04
RUN apt-get update && apt-get install -y \
openjdk-8-jdk \
ssh && \
groupadd -r custom_group && useradd -r -g custom_group -m user1
USER user1
RUN ssh-keygen -b 2048 -t rsa -f ~/.ssh/id_rsa -q -N "" && \
cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
Then I build this container using the command:
docker build -t test-container .
And run it using:
docker run -it test-container
The container opens with the following prompt and the keys are generated correctly to enable ssh into localhost:
user1#0531c0f71e0a:/$
user1#0531c0f71e0a:/$ cd ~/.ssh/
user1#0531c0f71e0a:~/.ssh$ ls
authorized_keys id_rsa id_rsa.pub
Then ssh into localhost and greeted by the error:
user1#0531c0f71e0a:~$ ssh user1#localhost
ssh: connect to host localhost port 22: Cannot assign requested address
Is there anything I'm doing wrong or any additional network settings that needs to be configured? I just want to ssh into localhost within the running container.
First you need to install the ssh server in the image building script:
RUN sudo apt-get install -y openssh-server
Then you need to start the ssh server:
RUN sudo /etc/init.d/ssh start
or probably even in the last lines of the Dockerfile ( you must have one binary instantiated to keep the container running ... )
USER root
CMD [ "sh", "/etc/init.d/ssh", "start"]
on the host than
# init a container from an the image
run -d --name my-ssh-container-name-01 \
-v /opt/local/dir:/opt/container/dir my-image-01
As #user2915097 stated in the OP comments, this was due to the ssh instance in the container was attempting to connect to the host using IPv6.
Forcing connection over IPv4 using -4 solved the issue.
$ docker run -it ubuntu ssh -4 user#hostname
For Docker Compose I was able to add the following to my .yml file:
network_mode: "host"
I believe the equivalent in Docker is:
--net=host
Documentation:
https://docs.docker.com/compose/compose-file/compose-file-v3/#network_mode
https://docs.docker.com/network/#network-drivers
host: For standalone containers, remove network isolation between the
container and the Docker host, and use the host’s networking directly.
See use the host network.
I also faced this error today, here's how to fix it:
If(and only if) you are facing this error inside a running container that isn't in production.
Do this:
docker exec -it -u 0 [your container id here] /bin/bash
then when you entered the container in god mode, run this:
service ssh start
then you can run your ssh based commands.
Of course it is best practice to do it in your Dockerfile before all these, but no need to sweat if you are not done with your image built process just yet.
sudo docker run -p 3000:3000 -d --name mca-service myteam/reponame
this is the command i usually using to run the container. i have a folder in /var/log/appLog. i need to mount this directory with the contaner to store my app log file to make it persistent. i tried
sudo docker run -p 3000:3000 -d --name mca-service -v /var/log/appLog:/var/log/appLog:rw --entrypoint myteam/reponame
this command. but it raise some errors. can someone please help me to do this?
Under which user is your container (myteam/reponame) running? If it is not root, you have to change the user and group and the read/write permission of your folder on the host.
Your --entrypoint is empty. Either remove it or use --entrypoint []
root#centdev01$ grep -e CMD -e RUN Dockerfile
RUN apt-get update
RUN apt-get -y install ruby ruby-dev build-essential redis-tools
RUN gem install --no-rdoc --no-ri sinatra json redis
RUN mkdir -p /opt/webapp
RUN chmod 777 /opt/webapp
CMD ["/opt/webapp/bin/webapp"]
root#centdev01$ docker build -t "alok87/sinatra" .
root#centdev01$ docker run -d -p 80 --name ubunsin10 -v $PWD/webapp:/opt/webapp alok87/sinatra
25ekgjalgjal25rkg
root#centdev01$ docker logs ubunsin10
/opt/webapp/bin/webapp: Permission Denied - /opt/webapp/bin/webapp ( Errno:EACCESS)
The issue is the volume is being mounted to the container but from the container it is not having any acces to the mounted volume. I can cd to /opt/webapp/bin but i can not ls /opt/webapp/bin.
Please suggest how it can be fixed. The host mount has all files having 777 permission.
Docker processes have the svirt_lxc_net_t default type. By default these processes are not allowed to access your content in /var, /root and /home.
You have specify a suitable type label for your host folder, to allow the container processes to access the content. You can do this by giving the $PWD/webapp folder the type label svirt_sandbox_file_t.
chcon -Rt svirt_sandbox_file_t $PWD/webapp
After this, you can access the folder from within the container. Read more about it in Dan Walsh's article - Bringing new security features to Docker