Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Docker - mkdir read-only file system

Tags:

docker

ubuntu

After freshly installing Ubuntu 18 I am receiving the following error when trying to launch a docker container that has a bind to a LVM (ext4) partition:

mkdir /storage: read-only file system 

I have tried reinstalling the OS, reinstalling Docker and forcing the drive to mount as RW (everything that isn't docker can write to the drive).

The directory that is being bound is currently set to 777 permissions.

There seems to be almost no information available for this error.

like image 928
Jamie Brunton Avatar asked Sep 26 '18 21:09

Jamie Brunton


People also ask

How do I make a docker container read-only?

There are two ways to add the read-only flag: via the docker cli too, and via docker-compose. When using the docker cli tool, simply add the `— read-only` flag, and presto, you have a read-only filesystem in the container. Docker-compose is a wrapper for the cli tool that automatically fills in the flags for you.

Can I do read-only mapping in Docker?

The readonly option, if present, causes the bind mount to be mounted into the container as read-only. May be specified as readonly or ro . The volume-opt option, which can be specified more than once, takes a key-value pair consisting of the option name and its value.

Are container images read-only?

Docker images are stored as series of read-only layers. When we start a container, Docker takes the read-only image and adds a read-write layer on top.

How do you use mkdir Docker?

The command RUN mkdir -p /var/www/new_directory allows you to create a directory named new_directory inside the Docker file system that we will eventually build using an image built using the above Docker file.


2 Answers

I had same issue, but removed docker from snap and reinstall on following the official docker steps.

Remove docker from snap

snap remove docker 

then remove the docker directory, and old version

rm -R /var/lib/docker  sudo apt-get remove docker docker-engine docker.io 

install official docker: https://docs.docker.com/install/linux/docker-ce/ubuntu/

I hope this help for you!

like image 175
Attila Szili Avatar answered Sep 18 '22 13:09

Attila Szili


Update 01/2021: while still pretty cool, Snaps don't always work. Specifically with the Docker Snap, it didn't work for Swarm mode, so I ditched it and installed Docker the recommended way.

Snaps are actually pretty cool, IMO, and think it's beneficial to run Docker within a Snap than installing it directly on the system. The fact that you're getting a read-only permissions error is a good thing. It means that a rogue container isn't able to wreak havoc on your base OS. That said, how to fix your issue.

The reason that this is coming up is that Snaps will expose the host OS as read-only so that Docker can see the host's files, but not modify them (hence the permission denied error). But there is a directory that the Docker Snap can write to: /var/snap/docker. Actually, a better directory that snap can write to is /home. I created /home/docker for container's to have persistent storage from the host system.

In your case, you wanted /storage to be writeable by Docker containers. I had a very similar use-case, which led me to this SO post. I solved this by mounting my storage within the docker snap directory /home/docker; the easiest example simply being a directory on the same filesystem:

mkdir -p /home/docker/<container name>/data 

In my case, I created a ZFS dataset at the location above instead of simply mkdir'ing a directory.

Then, the container I ran could write to that with something like:

docker run -ti -v /home/docker/<container name>/data:/data [...] 

Now you have the best of both worlds: Docker running in a contained Snap environment and persistent storage. 🙌🏽

like image 39
berto Avatar answered Sep 16 '22 13:09

berto