Directory permissions when creating a container with Docker

When I was writing a project yesterday, I needed to use the derivative version of MySQL, Percona, so I wanted to use Docker to install it. As a result, I stepped on the pit all night, and finally solved it this morning. Now record it here.
The reason for this pitfall is that I am not sensitive to the directory permission problem of Linux. My system is Ubuntu 16.04, and everything is normal when running docker pull percona to pull the image.

After pulling, enter docker images to view all images, and the display is normal:

Then I create a container with the following command (do not use line breaks when executing):

docker create --name percona -v /data/mysql-data:/var/lib/mysql -p 3306:3306 -e MYSQL_ROOT_PASSWORD=root percona:lates

This command means that I create a container named percona, then map my local /data/mysql-data directory to the /var/lib/mysql directory in the docker container and specify port 3306, then set the database root user password to root, and the last percona:latest specifies the version I pulled above.

Because the database in the docker container is just a mirror, it can be understood that it does not really exist. The purpose of mapping it to my local directory is that the data stored in the /var/lib/mysql directory by docker can be synchronized and stored in my local /data/mysql-data directory. This ensures that the data is not lost and facilitates my local operations.

If you don't understand the command parameters, you can read the official documentation or search for a docker video tutorial, which has explanations. Then I start this container, docker start percona. After starting, query all running containers docker ps, and then there is a problem:

It is empty, that is, no running containers are found... Then I checked all containers, including running and non-running ones. docker ps -a shows the following:

It turns out that the port was not bound successfully, so it did not run! It automatically exited every time it was run.

At this time, I checked the docker logs and entered the command docker logs container id, which showed the following:

Note: 71 here is the first two digits of the container_id of this container. Docker supports this simplified writing.

The log error says that I do not have permission to create and write to the /var/lib/mysql directory in the container.
Now I have found the cause of this problem, but I have not been able to solve it after searching all night. I have to say that some irresponsible posts on the Internet are really a pitfall!
Finally found a solution this morning:
That is, check whether the owner of my local directory and the owner of the /var/lib/mysql directory in the docker container are the same user.

docker run -ti --rm --entrypoint="/bin/bash" percona -c "whoami && id"

This command is used to view the owner of the container, which is displayed as:

Then enter (no line breaks):

docker run -ti --rm -v /data/mysql-data:/var/lib/mysql --entrypoint="/bin/bash" percona -c "ls -la /var/lib/mysql"

This command is used to view the owner of this directory when mapping a local data volume.

This is the reason. This is why when the mysql user accesses the directory in docker, a permission error is reported! Because the owner of the local mapping directory is the root user, and the owner of the /var/lib/mysql directory in the docker container is the mysql user, with a uid of 999!
Then the solution is to assign the owner of the current directory to uid 999, the mysql user, and then restart the container

The problem is solved! I wasted a whole night. I have to say that I need to deepen my knowledge of Linux permission control!

This is the end of this article about the pitfalls of directory permissions when Docker creates containers. For more information about directory permissions when Docker creates containers, please search for previous articles on 123WORDPRESS.COM or continue to browse the following related articles. I hope everyone will support 123WORDPRESS.COM in the future!