Closed Kyosuk3 closed 5 years ago
Anyone able to comment on this thread? I'm having the same issue.
Does it work fine if you do it the normal, not swarm way?
Yes, I've been able to do it the normal way without issue.
The issue is that Docker Swarm is on V3 which does not support security_opt or cap_add.
I don't know what that means, is Docker Swarm too old or too new?
Can you use another Docker clustering / management tool? Surely Google can tell you what you should replace security_opt and cap_add with?
The docker compose file provided in the repo is notated as version 3. Version 3 does not support those flags nor does it support anything like them due to security concerns (ultimately that file is non-working). Docker Swarm only supports V3 and higher.
Almost every unifi video docker image I see requires these flags so I'm not sure that there is actually a solution. Was just hoping someone else may have known otherwise.
As for Google, I've spent a significant amount of time Googling trying to figure this out on my own. This is the first forum I've actually asked for help as I'm at wits end trying to figure out if it's possible to do.
Ah, I've got nothing then. :/
Thanks anyways, I really appreciate you taking the time to try to help.
More information about the problem on missing cap_add
support in docker swarm can be found in this issue https://github.com/moby/moby/issues/25885.
I'm just gonna close this, sorry it doesn't work in docker swarm. :(
I know this has nothing to do with swarm, but I faced the same issue using podman, I was able to solve it by using:
--mount type=tmpfs,tmpfs-mode=0700,tmpfs-size=512M,destination=/var/cache/unifi-video
Just in case someone else using podman faces the same issue, since I got here when googling for the issue.
despite several days of research I can't find a configuration that allows the swarm compose to allow writing to the tmpfs cache. I have tried the different recommended configurations but swarm denies them: security_opt:
in the end, I have the following error when the java application starts the binary: => mount: /var/cache/unifi-video: permission denied.
I also added a mount tmpfs but that doesn't change anything