I am using docker-compose to provide environment to developers. The application is running fine on docker-compose build command and running on 0.0.0.0:3000 on docker-compose up command. When I am trying to run the command docker-compose run web rails g controller to generate a controller with an action, than the files are generated but don't have permission to edit on host.
Dockerfile
FROM ubuntu:14.04 FROM ruby:2.2.1 # Run updates RUN apt-get update -qq && apt-get install -y build-essential libpq-dev # Set up working directory RUN mkdir /xyz/ WORKDIR /xyz/ # Set up gems ADD Gemfile /xyz/Gemfile ADD Gemfile.lock /xyz/Gemfile.lock RUN bundle install # Finally, add the rest of our app's code # (this is done at the end so that changes to our app's code # don't bust Docker's cache) ADD . /xyz I even tried to add a user xyzuser but didn't work.
# Create a user imliuser to run app that is not root RUN useradd --create-home --home-dir /xyz --shell /bin/bash xyzuser RUN chown -R xyzuser /xyz docker-compose.yml
db: image: postgres ports: - "5432" redis: image: redis ports: - "6379" web: build: . command: bundle exec rails s -b 0.0.0.0 volumes: - .:/xyz:rw ports: - "3000:3000" links: - db - redis When am running docker-compose build , also getting a warning, don't run bundler as root.
One more error I am getting is when the bundler start installing gems the gem listed as a public git repo was not able to install.
gem 'workflow', :git => 'git@github.com:xyz/workflow.git', :branch =>'feature_state_to_integer' Getting the following error.
Host key verification failed. fatal: Could not read from remote repository. Even if the repository is public
2 Answers
Answers 1
You're exposing three issues in your question:
- You dont have access to the files written by docker in the mounted volume.
- You get a warning saying
don't run bundle as root. - You dont have access to github because
Host key verification failed.
Find below my suggestion for each one:
1) You could access any file in your host system if you have root access to it. So I'm assuming you don't but you user is in the docker group, allowed to run docker commands. First, find the user id of such user:
id -u xyzuser 1000 In the example above the user id is 1000. Then, add useradd command to your Dockerfile in the same way you did in your post, but adding an additional argument (-u):
RUN useradd -u 1000 --create-home --home-dir /xyz --shell /bin/bash xyzuser Finally, run your docker container with xyzuser (see next point). Thus, you've made both host and docker container understand they are using the same user instead of just two different users with the same name.
Alternatively, you can also use the USER instruction in the Dockerfile to specify the user during the build, as was posted in a deleted answer.
2) The error is very explicit, you can't run bundler as root, I'd say your solution is to change the user who is going to run commands inside the docker container. You can use the user argument in your .yaml file to change it. Example:
web: build: . user: xyzuser command: bundle exec rails s -b 0.0.0.0 volumes: # Avoid to use relative paths during # testing stage - /abs/path/to/current:/xyz ports: - "3000:3000" links: - db - redis 3) To solve the Host key verification ... error you need to manage to add the host to the container known_hosts file. A way to do so is as follows:
ssh-keyscan -H github.com >> ~/.ssh/known_hosts In your docker file, you can add the line:
RUN ssh-keyscan github.com >> /root/.ssh/known_hosts prior to the gems set up. Make sure you add the host key to the .ssh directory of the actual user that is going to connect to github.
The reason for this is because you're connecting to github via ssh and this protocol uses "fingerprints" to identify the server to a client. Take a look to Giles' answer if you want to know more about this: http://unix.stackexchange.com/questions/42643/ssh-key-based-authentication-known-hosts-vs-authorized-keys
Answers 2
Docker containers run your application as the root user by default. You'll have to sudo chown them to set them as your user, or create a user in the image with the same user id.
0 comments:
Post a Comment