gcsfuse cannot mount when building a docker container

Question

I am trying to mount a storage bucker inside my container during docker build. I've read other threads, here, here and understood that this may be a privileged problem. It can be solved by adding the --privileged flag in the docker run process, but I would like to get the bucket mounted right off the building stage.

Attached to the container, checked that both fuse and gcsfuse are installed. GOOGLE_APPLICATION_CREDENTIALS is set, no problem with accessing Google APIs. Here's the error I am getting.

Opening GCS connection...
Opening bucket...
Mounting file system...
daemonize.Run: readFromProcess: sub-process: mountWithArgs: mountWithConn: Mount: mount: running fusermount: exit status 1

stderr:
fusermount: fuse device not found, try 'modprobe fuse' first

Dockerfile

FROM gcr.io/google-appengine/python
.
.
.
ENV GCSFUSE_REPO=gcsfuse-jessie
RUN apt-get update && apt-get install -y ca-certificates \
    && echo "deb http://packages.cloud.google.com/apt $GCSFUSE_REPO main" > /etc/apt/sources.list.d/gcsfuse.list \
    && curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add - \
    && apt-get update && apt-get install -y gcsfuse

# Config fuse
RUN chmod a+r /etc/fuse.conf
RUN perl -i -pe 's/#user_allow_other/user_allow_other/g' /etc/fuse.conf

# Alter permission
RUN chmod a+w mount-folder

RUN gcsfuse -o --implicit-dirs bucket mount-folder

Answer 1

For mounting a bucker using gcsfuse, you need to run docker with --privileged flag. Now the question is, "How to build a docker image without any error in such case"? Scenario: When in Dockerfile you have the line:

RUN chmod +x launcher.sh
USER ubuntu
RUN mkdir db
RUN gcsfuse mybucket /home/username/mypath
EXPOSE 8000
CMD ["python3.6","manage.py","runmodwsgi"]

You see

Step 8/12 : USER ubuntu
 ---> Running in 0d880396010b
Removing intermediate container 0d880396010b
 ---> 390ed28965e1
Step 9/12 : RUN mkdir mypath
 ---> Running in b1f657562f24
Removing intermediate container b1f657562f24
 ---> 002ca425ac4c
Step 10/12 : RUN gcsfuse mybucket /home/username/mypath
 ---> Running in cae87fd47c1d
Using mount point: /home/username/mypath
Opening GCS connection...
Opening bucket...
Mounting file system...
daemonize.Run: readFromProcess: sub-process: mountWithArgs: mountWithConn: Mount: mount: running fusermount: exit status 1

stderr:
fusermount: fuse device not found, try 'modprobe fuse' first

The command '/bin/sh -c gcsfuse database_simrut /home/ubuntu/db' returned a non-zero code: 1

Solution: Remove the line

RUN gcsfuse mybucket /home/username/mypath

from the Dockerfile and create a launcher script instead which has following content:

#!/bin/bash
gcsfuse mybucket /home/username/mypath
python3.6 manage.py runmodwsgi

and your new docker should look like:

RUN chown $USER:$USER $HOME
RUN chmod +x launcher.sh
USER ubuntu
RUN mkdir db
EXPOSE 8000
CMD ["./launcher.sh"]

Output:

Step 8/11 : USER ubuntu
 ---> Running in 83c0e73295c2
Removing intermediate container 83c0e73295c2
 ---> fad81733c14d
Step 9/11 : RUN mkdir mypath
 ---> Running in 5d83416f035e
Removing intermediate container 5d83416f035e
 ---> 4575ba28dc44
Step 10/11 : EXPOSE 8000
 ---> Running in 081dc094c046
Removing intermediate container 081dc094c046
 ---> 546c8edd43c3
Step 11/11 : CMD ["./launcher.sh"]
 ---> Running in 6780900e1b2d
Removing intermediate container 6780900e1b2d
 ---> 9ef9fd5af68c
Successfully built 9ef9fd5af68c