运行 docker-compose up 时，我的 mongodb 本地卷被拒绝

Question

这是我的 docker-compose.yml

version: "3.5"
services:
  api:
    container_name: upvotocracy-api
    restart: always
    build: .
    env_file: .env
    ports:
      - "127.0.0.1:8537:8537"
      - "127.0.0.1:9228:9229"
    links:
      - mongo
    volumes:
      - ./index.js:/usr/src/app/index.js
      - ./.env:/usr/src/app/.env
    networks:
      - upvotocracy-network
  mongo:
    container_name: upvotocracy-mongo
    restart: always
    image: mongo:latest
    env_file: .env
    volumes:
      - ./mongo_data:/data/db
    ports:
      - "127.0.0.1:28016:27017"
    networks:
      - upvotocracy-network
  redis:
    image: redis
    restart: always
    container_name: upvotocracy-cache
    ports:
      - "127.0.0.1:6381:6379"
    networks:
      - upvotocracy-network
  es01:
    image: docker.elastic.co/elasticsearch/elasticsearch:7.6.2
    container_name: upvotocracy-es01
    restart: always
    environment:
      - node.name=es01
      - cluster.name=es-docker-cluster
      - cluster.initial_master_nodes=es01
      - bootstrap.memory_lock=true
      - action.auto_create_index=+*
      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
    ulimits:
      memlock:
        soft: -1
        hard: -1
    volumes:
      - ./data01:/usr/share/elasticsearch/data
    ports:
      - 127.0.0.1:9201:9200
    networks:
      - upvotocracy-network
networks:
  upvotocracy-network:
    name: upvotocracy-network
volumes:
  mongo_data: {}
  data01:
    driver: local

它仅在我以 root 身份运行 docker-compose up 时有效，否则我在 999:ubuntu 拥有的 ./mongo_data 目录上收到权限被拒绝错误

Pulling mongo ... done
Pulling api   ... done
Pulling redis ... done
Pulling es01  ... done
mongo uses an image, skipping
redis uses an image, skipping
es01 uses an image, skipping
Building api
Traceback (most recent call last):
  File "bin/docker-compose", line 6, in <module>
  File "compose/cli/main.py", line 72, in main
  File "compose/cli/main.py", line 128, in perform_command
  File "compose/cli/main.py", line 303, in build
  File "compose/project.py", line 403, in build
  File "compose/project.py", line 385, in build_service
  File "compose/service.py", line 1106, in build
  File "site-packages/docker/api/build.py", line 160, in build
  File "site-packages/docker/utils/build.py", line 30, in tar
  File "site-packages/docker/utils/build.py", line 49, in exclude_paths
  File "site-packages/docker/utils/build.py", line 214, in rec_walk
  File "site-packages/docker/utils/build.py", line 214, in rec_walk
  File "site-packages/docker/utils/build.py", line 184, in rec_walk
PermissionError: [Errno 13] Permission denied: '/home/ubuntu/data/www/coupondealsavings.com/api/mongo_data/diagnostic.data'
[10551] Failed to execute script docker-compose
Starting coupondeals-mongo ... done
Starting coupondeals-cache ... done
Starting coupondeals-es01  ... done
Starting coupondeals-api   ... done
Connection to xxx closed.

Answer 1

对我来说，我只需将./mongo_data 添加到.dockerignore，Dockerfile 在构建api 时会忽略此目录。

我为所有卷都这样做了，现在一切正常，没有权限错误。

Answer 2

我遇到了同样的问题。 我假设您在第一次使用 docker-compose up 时没有出现此权限错误。 这 文件“mongo_data/diagnostic.data”也不存在。 mongo容器将在启动时创建文件，该文件属于一个用户，在我的情况下是999：root（postgres）。

drwx------ 19            999 root            4096 Jun  4 12:19 postgres-data/

您的 api 容器将当前目录作为构建上下文。构建 docker 的用户是您的主机用户，它必须不是 999。因此，当您 docker-compose up 时，权限会被拒绝。 可以在context文件夹中创建一个.dockerignore文件，内容为：

mongo_data

您必须在其他容器的卷中添加此文件中的其他文件夹。