运行容器时,权限被拒绝(docker 1.12.5)
我试图在一个Docker 1.12.5安装的新创build的虚拟机上运行一个ElasticSearch容器,但是遇到了Permission Deniedexception。 令我感到困惑的是,在Docker 1.12.2中,一切运行良好的虚拟机都运行良好。 我错过了什么?
例外 :
Exception in thread "main" SettingsException[Failed to open stream for url [/usr/share/elasticsearch/config/elasticsearch.yml]]; nested: AccessDeniedException[/usr/share/elasticsearch/config/elasticsearch.yml]; Likely root cause: java.nio.file.AccessDeniedException: /usr/share/elasticsearch/config/elasticsearch.yml at sun.nio.fs.UnixException.translateToIOException(UnixException.java:84) at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:102) at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:107) at sun.nio.fs.UnixFileSystemProvider.newByteChannel(UnixFileSystemProvider.java:214) at java.nio.file.Files.newByteChannel(Files.java:361) at java.nio.file.Files.newByteChannel(Files.java:407) at java.nio.file.spi.FileSystemProvider.newInputStream(FileSystemProvider.java:384) at java.nio.file.Files.newInputStream(Files.java:152) at org.elasticsearch.common.settings.Settings$Builder.loadFromPath(Settings.java:1067) at org.elasticsearch.node.internal.InternalSettingsPreparer.prepareEnvironment(InternalSettingsPreparer.java:88) at org.elasticsearch.common.cli.CliTool.<init>(CliTool.java:107) at org.elasticsearch.common.cli.CliTool.<init>(CliTool.java:100) at org.elasticsearch.bootstrap.BootstrapCLIParser.<init>(BootstrapCLIParser.java:48) at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:242) at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:35)
该系统 :
- Windows 10,安装了VirtualBox,
- 一个XUbuntu 16.04映像,包含Dockerfile和elasticsearch.ymlconfiguration文件的共享主机文件夹。
Docker文件 :
FROM openjdk:8-jre ENV VERSION 2.4.1 RUN groupadd -r elasticsearch && useradd -r -g elasticsearch elasticsearch RUN apt-key adv --keyserver ha.pool.sks-keyservers.net --recv-keys 46095ACC8548582C1A2699A9D27D666CD88E42B4 RUN set -x \ && apt-get update && apt-get install -y --no-install-recommends apt-transport-https && rm -rf /var/lib/apt/lists/* \ && echo 'deb http://packages.elasticsearch.org/elasticsearch/2.x/debian stable main' > /etc/apt/sources.list.d/elasticsearch.list RUN set -x \ && apt-get update \ && apt-get install -y --no-install-recommends elasticsearch=$VERSION \ && rm -rf /var/lib/apt/lists/* ENV PATH /usr/share/elasticsearch/bin:$PATH WORKDIR /usr/share/elasticsearch RUN set -ex \ && for path in \ ./data \ ./logs \ ./config \ ./config/scripts \ ; do \ mkdir -p "$path"; \ chown -R elasticsearch:elasticsearch "$path"; \ done COPY config ./config VOLUME /usr/share/elasticsearch/data VOLUME /usr/share/elasticsearch/logs EXPOSE 9200 9300 USER elasticsearch CMD elasticsearch
除了Dockerfile以外,还包含以下文件结构 :
- config - elasticsearch.yml
由于该映像在另一个虚拟机上运行,我相信它的configuration应该是正确的。 我不认为问题来自ElasticSearch,因为我似乎有另一个图像具有相同的问题(H2)。 我是Docker和Linux的初学者级别。
在您复制configuration后设置文件权限:
COPY config ./config RUN chown -R elasticsearch:elasticsearch /usr/share/elasticsearch/config
您还可以创build并以root用户身份/usr/share/elasticsearch目录,然后将处理/usr/share/elasticsearch内容的其余步骤作为USER elasticsearch