I have a Node.JS service running in a Docker container that deploys related Docker containers (Docker-outside-of-Docker) through REST.
The actions sequence (inside the NodeJS container):
chown -R 0755 .
to the entire extracted content.docker-compose.yml
file (nothing special here; all mounted volumes
are marked as :rw
- read-write).docker-compose up -d
.After running docker-compose up -d
, I noticed that some content from the directories specified in volumes
does not exist inside the container (ls -la
- empty folder, but among the unpacked files, I see that this folder is not empty.).
Why does this happen, and how can I solve this issue?
I have already tried:
root
,privileged
mode,sleep
before docker-compose up -d
,chmod -R 0777 .
, chown www-data:www-data
,mv
with cp
:rw
with :Z
UPD:
Base OS:
# cat /etc/os-release
PRETTY_NAME="Debian GNU/Linux 11 (bullseye)"
NodeJS container based on node:20-slim
(Debian 12)
Children container based on php:8.2-fpm-alpine3.18
UPD:
Add some more thoughts:
Inside the container I'm creating, my user is www-data. However, in the nodejs container, the www-data user has UID/GID = 33, while in the alpine container, it is UID/GID = 82 (perhaps this is causing a conflict?).
I believe the issue lies somewhere around here, with file permissions.
UPD: I switched from Debian to Alpine in the NodeJS container, but the issue persists.
UPD:
When executing ls -la
inside the container, it is evident that some folders (included in the volumes) have a different user as the owner. Attempting to change the user with chown -R 82:82 [folder]
results in the error chown: [folder]: Operation not permitted
.
However, if stop a container and then execute docker-compose up -d
from the root
user of the host machine
, the container starts, and all permissions are correct.
Docker-outside-of-Docker
I suspect the directories you have given to docker-compose are relative to docker-compose file.
You are running on docker outside. That means that directories specified with volumes:
are directories outside, they are directories on the host where docker daemon is running.
Because volumes:
by default creates an empty directory, most probably you created a bunch of empty directories on the host running docker demon. Consider using the form volumes: - type: bind source: /dir target: /dir
so that docker fails with directory not found when directory does not exists as a protection.