open() file failed (13: Permission denied) in nginx & docker & minikube

1
votes

This only happens with docker inside minikube operating on host using minikube docker eval (minikube docker-env)

Trying to build a basic setup with Nginx serving a single file:

conf.d/example.conf

server {
  listen 80 default_server;
  listen [::]:80 default_server ipv6only=on;
  server_name localhost;
  location /file.json { root /data/; }
}

data/file.json

{"a": 1}

Run using docker nginx image:

docker run -it --rm -v "$(PWD)/conf.d:/etc/nginx/conf.d":ro -v "$(PWD)/data:/data":ro -p 8085:80 nginx

curl http://localhost/file.json gives me 2017/02/01 19:07:39 [error] 6#6: *1 open() "/data/file.json" failed (13: Permission denied)...

Cannot figure out how to make this right... Help wanted!

What I've tried so far:

  1. providing a custom command like chmod -R o+x /data && ls -la data && nginx -g "daemon off;" -rwxrwx--- 1 root 1013 11 Feb 1 13:08 /data/file.json chmod does not seem to work properly. neither chown :( $ docker run -it --rm -v "$(PWD):/etc/nginx/conf.d":ro -v "$(PWD)/data:/data" -p 8085:80 nginx bash -c 'chown -R nginx:nginx /data/ && ls -la /data/ && nginx -g daemon off;"' total 8 drwxrwx--- 1 root 1013 102 Feb 1 13:08 . drwxr-xr-x 1 root root 4096 Feb 1 19:50 .. -rwxrwx--- 1 root 1013 11 Feb 1 13:08 pub_key.json

  2. setting a docker user to nginx

  3. chmod -R 777 data on host $ ls -la data drwxrwxrwx 3 antonk staff 102 Feb 1 17:08 data $ docker run -it --rm -v "$(PWD):/etc/nginx/conf.d":ro -v "$(PWD)/data:/data" -p 8085:80 nginx bash -c 'ls -la /data/ && nginx -g "daemon off;"' total 8 drwxrwx--- 1 root 1013 102 Feb 1 13:08 . drwxr-xr-x 1 root root 4096 Feb 1 20:20 .. -rwxrwx--- 1 root 1013 11 Feb 1 13:08 pub_key.json

    $ docker version Client: Version: 1.13.1-rc1 API version: 1.23 Go version: go1.7.4 Git commit: 2527cfc Built: Sat Jan 28 00:43:00 2017 OS/Arch: darwin/amd64

    Server: Version: 1.11.1 API version: 1.23 (minimum version ) Go version: go1.5.4 Git commit: 5604cbe Built: Wed Apr 27 00:34:20 2016 OS/Arch: linux/amd64 Experimental: false

    minikube version: v0.15.0

https://github.com/kubernetes/minikube/issues/1067

1
nginxdockerfile-permissions
Are you running this under the /Users folder? Please include a long listing of the directory on both your host and inside the container after you ran the chmod on the host.BMitch
Yes, /Users/... on my Macmelekes
All of the output you've provided is running the command inside a container. Where is the output from running the command on your host, without any docker command?BMitch
What does echo $(PWD) output?BMitch
/Users/antonk/...melekes

1 Answers

0
votes

When you map directories from the host directly into your container with volume mounts like these:

docker run -it --rm \
  -v "$(PWD)/conf.d:/etc/nginx/conf.d":ro -v "$(PWD)/data:/data":ro \
  -p 8085:80 nginx

The files are mounted directly in with the same uid's and file permissions you have on your host. Most likely your UID/GID on your host does not match those used inside the container. So if the files are not publicly readable on your host, they will not be readable inside the container. You can work around this with the following on your host:

chmod o+rx data && chmod o+r data/file.json