15

我想在 docker 容器内安装 s3fs。

我用 s3fs 制作了 docker 镜像,并且这样做了:

host$ docker run -it --rm docker/s3fs bash
[ root@container:~ ]$ s3fs s3bucket /mnt/s3bucket -o allow_other -o allow_other,default_acl=public-read -ouse_cache=/tmp
fuse: failed to open /dev/fuse: Operation not permitted

显示“不允许操作”错误。

所以我用谷歌搜索,并再次这样做(添加--privileged = true):

host$ docker run -it --rm --privileged=true docker/s3fs bash
[ root@container:~ ]$ s3fs s3bucket /mnt/s3bucket -o allow_other -o allow_other,default_acl=public-read -ouse_cache=/tmp
[ root@container:~ ]$ ls /mnt/s3bucket
ls: cannot access /mnt/s3bucket: Transport endpoint is not connected
[ root@container:~ ]$ fusermount -u /mnt/s3bucket
[ root@container:~ ]$ s3fs s3bucket /mnt/s3bucket -o allow_other -o allow_other,default_acl=public-read -ouse_cache=/tmp
[ root@container:~ ]$ ls /mnt/s3bucket
ls: cannot access /mnt/s3bucket: Transport endpoint is not connected

然后,mounting not 显示错误,但是如果运行 ls 命令,会出现“Transport endpoint is not connected”的错误。

如何在 docker 容器内挂载 s3fs?这是不可能的吗?

[更新]

添加 Dockerfile 配置。

Dockerfile:

FROM dockerfile/ubuntu

RUN apt-get update
RUN apt-get install -y build-essential
RUN apt-get install -y libfuse-dev
RUN apt-get install -y fuse
RUN apt-get install -y libcurl4-openssl-dev
RUN apt-get install -y libxml2-dev
RUN apt-get install -y mime-support

RUN \
  cd /usr/src && \
  wget http://s3fs.googlecode.com/files/s3fs-1.74.tar.gz && \
  tar xvzf s3fs-1.74.tar.gz && \
  cd s3fs-1.74/ && \
  ./configure --prefix=/usr && \
  make && make install

ADD passwd/passwd-s3fs /etc/passwd-s3fs
ADD rules.d/99-fuse.rules /etc/udev/rules.d/99-fuse.rules
RUN chmod 640 /etc/passwd-s3fs

RUN mkdir /mnt/s3bucket

rules.d/99-fuse.rules:

KERNEL==fuse, MODE=0777
4

2 回答 2

10

我不确定你做了什么没用,但我能让它像这样工作:

Dockerfile:

FROM ubuntu:12.04

RUN apt-get update -qq
RUN apt-get install -y build-essential libfuse-dev fuse-utils libcurl4-openssl-dev libxml2-dev mime-support automake libtool wget tar

RUN wget https://github.com/s3fs-fuse/s3fs-fuse/archive/v1.77.tar.gz -O /usr/src/v1.77.tar.gz
RUN tar xvz -C /usr/src -f /usr/src/v1.77.tar.gz
RUN cd /usr/src/s3fs-fuse-1.77 && ./autogen.sh && ./configure --prefix=/usr && make && make install

RUN mkdir /s3bucket

构建后:

docker build --rm -t ubuntu/s3fs:latest .

我运行容器:

docker run -it -e AWSACCESSKEYID=obscured -e AWSSECRETACCESSKEY=obscured --privileged ubuntu/s3fs:latest bash

然后在容器内:

root@efa2689dca96:/# s3fs s3bucket /s3bucket
root@efa2689dca96:/# ls /s3bucket
testing.this.out  work.please  working
root@efa2689dca96:/#

它成功列出了我的 s3bucket 中的文件。

您确实需要确保主机上的内核支持 fuse,但您似乎已经这样做了?

注意:当使用 Docker 的 --volume 或 --volumes-from 指令时,您的 S3 挂载点不会在其他容器中显示/工作。例如:

docker run -t --detach --name testmount -v /s3bucket -e AWSACCESSKEYID=obscured -e AWSSECRETACCESSKEY=obscured --privileged --entrypoint /usr/bin/s3fs ubuntu/s3fs:latest -f s3bucket /s3bucket
docker run -it --volumes-from testmount --entrypoint /bin/ls ubuntu:12.04 -ahl /s3bucket
total 8.0K
drwxr-xr-x  2 root root 4.0K Aug 21 21:32 .
drwxr-xr-x 51 root root 4.0K Aug 21 21:33 ..

即使存储桶中有文件,也不返回任何文件。

于 2014-08-21T21:35:21.387 回答
0

添加另一个解决方案。

Dockerfile:

FROM ubuntu:16.04

# Update and install packages
RUN DEBIAN_FRONTEND=noninteractive apt-get -y update --fix-missing && \
    apt-get install -y automake autotools-dev g++ git libcurl4-gnutls-dev wget libfuse-dev libssl-dev libxml2-dev make pkg-config

# Clone and run s3fs-fuse
RUN git clone https://github.com/s3fs-fuse/s3fs-fuse.git /tmp/s3fs-fuse && \
    cd /tmp/s3fs-fuse && ./autogen.sh && ./configure && make && make install && ldconfig && /usr/local/bin/s3fs --version

# Remove packages
RUN DEBIAN_FRONTEND=noninteractive apt-get purge -y wget automake autotools-dev g++ git make  && \
    apt-get -y autoremove --purge && apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*

# Set user and group
ENV USER='appuser'
ENV GROUP='appuser'
ENV UID='1000'
ENV GID='1000'

RUN groupadd -g $GID $GROUP && \
    useradd -u $UID -g $GROUP -s /bin/sh -m $USER

# Install fuse
RUN apt-get update   && \
    apt install fuse && \
    chown ${USER}.${GROUP} /usr/local/bin/s3fs

# Config fuse
RUN chmod a+r /etc/fuse.conf && \
    perl -i -pe 's/#user_allow_other/user_allow_other/g' /etc/fuse.conf

# Copy credentials
ENV SECRET_FILE_PATH=/home/${USER}/passwd-s3fs
COPY ./passwd-s3fs $SECRET_FILE_PATH
RUN chmod 600 $SECRET_FILE_PATH && \
    chown ${USER}.${GROUP} $SECRET_FILE_PATH

# Switch to user
USER ${UID}:${GID}


# Create mnt point
ENV MNT_POINT_PATH=/home/${USER}/data
RUN mkdir -p $MNT_POINT_PATH && \
    chmod g+w $MNT_POINT_PATH

# Execute
ENV S3_BUCKET = ''
WORKDIR /home/${USER}
CMD exec sleep 100000 && /usr/local/bin/s3fs $S3_BUCKET $MNT_POINT_PATH -o passwd_file=passwd-s3fs -o allow_other

码头工人-撰写-yaml:

version: '3.8'
services:
  s3fs:
    privileged: true
    image: <image-name:tag>
    ##Debug
    #stdin_open: true # docker run -i
    #tty: true        # docker run -t
    environment:
      - S3_BUCKET=my-bucket-name
    devices:
      - "/dev/fuse"
    cap_add:
      - SYS_ADMIN
      - DAC_READ_SEARCH
    cap_drop:
      - NET_ADMIN

docker build -t <image-name:tag> .
使用Run构建映像:docker-compose -d up

于 2020-08-29T20:36:22.653 回答