search

containers / podman-compose

a script to run docker-compose.yml using podman
GNU General Public License v2.0
5.05k stars 482 forks source link

Podman-compose can't bind local volume on Fedora #482

Closed Meister1593 closed 2 years ago

Meister1593 commented 2 years ago

Describe the bug Mounting volumes (in my case - local folder) doesn't work

I tried using nginx container and mount local folders from compose folder into container, but when i did - it couldn't read/write into them because of permissions error

I first reported it at podman issue but i think it's not related to it because it works without compose (by just mounting folder like so podman run --rm --name nginx -v ./logs/nginx:/var/log/nginx:Z,U nginx)

To Reproduce Steps to reproduce the behavior:

  1. what is the content of the current working directory (ex. docker-compose.yml, .env, Dockerfile, ...etc.)

docker-compose.yaml

version: '3'
services:
    nginx:
        image: nginx:latest
        ports:
            - "8080:80"
            - "4433:443"
        volumes:
            - ./hosts:/etc/nginx/conf.d
            - ./html:/usr/share/nginx/html
            - ./logs/nginx:/var/log/nginx

Added Z,U labels for mountpoints (SELinux related)

version: '3'
services:
    nginx:
        image: nginx:latest
        ports:
            - "8080:80"
            - "4433:443"
        volumes:
            - ./hosts:/etc/nginx/conf.d:Z,U
            - ./html:/usr/share/nginx/html:Z,U
            - ./logs/nginx:/var/log/nginx:Z,U
  1. what is the sequence of commands you typed

podman-compose up

Expected behavior Podman-compose should mount folder properly and container should be able to access mounted folders. Adding labels to mountpoints didn't work either

Actual behavior It couldn't access these folders because of permission deniederror

Output

$ podman-compose version
using podman version: 3.4.4
podman-composer version  1.0.3
podman --version 
podman version 3.4.4

$ podman-compose up
...
['podman', '--version', '']
using podman version: 3.4.4
** excluding:  set()
['podman', 'network', 'exists', 'nginx-rtmp_default']
podman create --name=nginx-rtmp_nginx_1 --label io.podman.compose.config-hash=123 --label io.podman.compose.project=nginx-rtmp --label io.podman.compose.version=0.0.1 --label com.docker.compose.project=nginx-rtmp --label com.docker.compose.project.working_dir=/var/home/plyshka/Documents/docker/nginx-rtmp --label com.docker.compose.project.config_files=docker-compose.yaml --label com.docker.compose.container-number=1 --label com.docker.compose.service=nginx -v /var/home/plyshka/Documents/docker/nginx-rtmp/hosts:/etc/nginx/conf.d -v /var/home/plyshka/Documents/docker/nginx-rtmp/html:/usr/share/nginx/html -v /var/home/plyshka/Documents/docker/nginx-rtmp/logs/nginx:/var/log/nginx --net nginx-rtmp_default --network-alias nginx -p 8080:80 -p 4433:443 nginx:latest
Error: error creating container storage: the container name "nginx-rtmp_nginx_1" is already in use by "055eca1345047acd40f5c0bbbc616d675c74768c1b16eddce864a2e3622de105". You have to remove that container to be able to reuse that name.: that name is already in use
exit code: 125
podman start -a nginx-rtmp_nginx_1
/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
10-listen-on-ipv6-by-default.sh: info: /etc/nginx/conf.d/default.conf is not a file or does not exist
/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
/docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh
/docker-entrypoint.sh: Configuration complete; ready for start up
nginx: [alert] could not open error log file: open() "/var/log/nginx/error.log" failed (13: Permission denied)
2022/04/24 16:10:11 [emerg] 1#1: open() "/var/log/nginx/error.log" failed (13: Permission denied)
exit code: 1

Environment:

muayyad-alsadi commented 2 years ago

it could be SELinux, because I don't see Z,U in the output 

podman create --name=nginx-rtmp_nginx_1 .... -v /var/home/plyshka/Documents/docker/nginx-rtmp/hosts:/etc/nginx/conf.d -v /var/home/plyshka/Documents/docker/nginx-rtmp/html:/usr/share/nginx/html -v /var/home/plyshka/Documents/docker/nginx-rtmp/logs/nginx:/var/log/nginx --net nginx-rtmp_default --network-alias nginx -p 8080:80 -p 4433:443 nginx:latest

please use podman-compose down to remove old container.

you might want to upgrade to the latest devel (which detects changes and recreate the container)

pip3 install --user https://github.com/containers/podman-compose/archive/devel.tar.gz
Meister1593 commented 2 years ago

it could be SELinux, because I don't see Z,U in the output

podman create --name=nginx-rtmp_nginx_1 .... -v /var/home/plyshka/Documents/docker/nginx-rtmp/hosts:/etc/nginx/conf.d -v /var/home/plyshka/Documents/docker/nginx-rtmp/html:/usr/share/nginx/html -v /var/home/plyshka/Documents/docker/nginx-rtmp/logs/nginx:/var/log/nginx --net nginx-rtmp_default --network-alias nginx -p 8080:80 -p 4433:443 nginx:latest

please use podman-compose down to remove old container.

you might want to upgrade to the latest devel (which detects changes and recreate the container)

pip3 install --user https://github.com/containers/podman-compose/archive/devel.tar.gz

Sorry, the output was from the first run without Z,U but issue was pretty much identical

But nonetheless

I just tried latest development podman-compose from pip (before - i installed it from copr), gracefully removed containers with podman-compose down (before i used just podman-compose stop), added Z,U flags again and it seems that it works now!

Thanks!

muayyad-alsadi commented 2 years ago

the latest version would detect changes in the YAML and automatically do down.