好多时候,我们docker run一个镜像,会挂载一个目录到容器中去,比如:
docker run --name myat -d -p 8080:8080 -v /data/jira/:/var/atlassian/application-data/jira/ myjira:v1
把/data/jira目录挂载到容器中去了。
如果build镜像时不做定制,直接跑start-jira.sh的话,此时的jira用户对/var/atlassian/application-data/jira/是没有权限的,
看此时的Dockerfile文件
root@ding:~/jira# cat Dockerfile
FROM ubuntu
LABEL maintainer "aaa@xxx.com"
ENV ATLASSIAN_PATH = /opt/atlassian \
ATLASSIAN_DATA_PATH = /var/atlassian
RUN useradd -ms /bin/bash jira
WORKDIR /opt
COPY --chown=jira:jira pro/atlassian/jira/ ./atlassian/jira/
WORKDIR /var
COPY --chown=jira:jira data/atlassian/application-data/jira/ ./atlassian/application-data/jira/
WORKDIR /
COPY start.sh /
EXPOSE 8080 8005
ENTRYPOINT ["/opt/atlassian/jira/bin/start-jira.sh"]
#CMD ["/opt/atlassian/jira/bin/start-jira.sh", "-fg"]
看上面Dockerfile,是直接跑/opt/atlassian/jira/bin/start-jira.sh了。
那么,如果解决挂载目录的权限问题呢?
答案很简单,看上面已经把start.sh脚本拷进镜像了,只要在start.sh中执行一下chown就可以了,
看start.sh文件内容,哈哈,是不是很简单
root@ding:~/jira# cat start.sh
#!/bin/bash
chown jira:root /var/atlassian/application-data/jira/ -R
/opt/atlassian/jira/bin/start-jira.sh -fg
之后,定制的Dockerfile是这样的:
root@ding:~/jira# cat Dockerfile
FROM ubuntu
LABEL maintainer "aaa@xxx.com"
ENV ATLASSIAN_PATH = /opt/atlassian \
ATLASSIAN_DATA_PATH = /var/atlassian
RUN useradd -ms /bin/bash jira
WORKDIR /opt
COPY --chown=jira:jira pro/atlassian/jira/ ./atlassian/jira/
WORKDIR /var
COPY --chown=jira:jira data/atlassian/application-data/jira/ ./atlassian/application-data/jira/
WORKDIR /
COPY start.sh /
EXPOSE 8080 8005
ENTRYPOINT ["/start.sh"]
#ENTRYPOINT ["/opt/atlassian/jira/bin/start-jira.sh"]
#CMD ["/opt/atlassian/jira/bin/start-jira.sh", "-fg"]
看到了没?是ENTRYPOINT ["/start.sh"]了,而不是ENTRYPOINT ["/opt/atlassian/jira/bin/start-jira.sh"]了。
参考:
