Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.
Sign upFR: chown the /prometheus for docker containers before start #3485
Comments
This comment has been minimized.
This comment has been minimized.
|
I would argue this is a responsibility of your environment. For example in Kubernetes you can set all of this information using the |
This comment has been minimized.
This comment has been minimized.
|
You are right, of course. But then k8s is about the only one, I think (maybe mesos as well?). |
This comment has been minimized.
This comment has been minimized.
|
@hsmade I think the main reason you're seeing this behaviour is because you're bind-mounting a volume. When using a named volume instead (created with For example: $ docker volume create foo
foo
$ docker run -it --rm --entrypoint=/bin/sh -v foo:/prometheus prom/prometheus:v2.0.0
/prometheus $ touch hello_world
/prometheus $ ls -alh
total 8
drwxr-xr-x 2 nobody nogroup 4.0K Nov 19 03:56 .
drwxr-xr-x 1 root root 4.0K Nov 19 03:56 ..
-rw-r--r-- 1 nobody nogroup 0 Nov 19 03:56 hello_world
/prometheus $ |
This comment has been minimized.
This comment has been minimized.
|
Sounds like this is resolved, please let us know if that's not the case. |
brian-brazil
closed this
Dec 8, 2017
This comment has been minimized.
This comment has been minimized.
jpalczewski
commented
Sep 27, 2018
|
In
It might be again the case: I got
When I mounted volume from alpine container it seems like it where mounted as root:root. Applicable fragments from docker-compose:
|
hsmade commentedNov 16, 2017
When using the docker image for prometheus, you'd want to volume mount /prometheus so that the data can be re-used when restarting the container. Problem is, that docker will create the path on the host as root. When using a scheduler like nomad and using a persistent disk for /prometheus, the same thing happens.
This is a problem as prometheus runs as nobody, and thus doesn't have access to the path that is created by root.
I propose to use a wrapper script as entrypoint that does a chown -R nobody: /prometheus and then starts prometheus as user nobody.