Permission denied on mkdir /data at startup
Summary
When starting up using docker compose as follows,
minio:
build:
context: ../minio
dockerfile: Dockerfile
container_name: minio
ports:
- 9000
environment:
MINIO_ROOT_USER: minio
MINIO_ROOT_PASSWORD: minio123
VIRTUAL_HOST: minio.local.jwnmi.mil
VIRTUAL_PORT: 9000
command: server /dataI received the error ERROR Unable to initialize backend: mkdir /data/.minio.sys/tmp/c7a77a16-f6c9-45f6-8965-38784e466c46: permission denied.
However, it will work after updating Dockerfile as follows.
ARG BASE_REGISTRY=registry1.dso.mil
ARG BASE_IMAGE=ironbank/redhat/ubi/ubi8
ARG BASE_TAG=8.4
FROM minio/minio:RELEASE.2021-06-17T00-10-46Z as base
FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG}
COPY --from=base /usr/bin/minio /usr/bin/minio
COPY --from=base /data /data
COPY scripts/docker-entrypoint.sh /usr/bin/docker-entrypoint.sh
RUN dnf upgrade -y && \
dnf clean all && \
rm -rf /var/cache/dnf && \
chmod +x /usr/bin/docker-entrypoint.sh && \
groupadd -g 1001 minio && \
useradd -r -u 1001 -m -s /sbin/nologin -g minio minio && \
chown -R minio:minio /data && \
chmod -R 755 /data
USER minio
EXPOSE 9000
VOLUME /data
ENTRYPOINT ["/usr/bin/docker-entrypoint.sh"]
HEALTHCHECK --interval=10s --timeout=1s --start-period=10s --retries=6 \
CMD curl -f http://localhost:9000/minio/index.html || exit 1
CMD ["minio"]
Steps to reproduce
Use docker-compose to pull and start up the service as follows, and then will receive error ERROR Unable to initialize backend: mkdir /data/.minio.sys/tmp/c7a77a16-f6c9-45f6-8965-38784e466c46: permission denied.
minio:
build:
context: ../minio
dockerfile: Dockerfile
container_name: minio
ports:
- 9000
environment:
MINIO_ROOT_USER: minio
MINIO_ROOT_PASSWORD: minio123
VIRTUAL_HOST: minio.local.jwnmi.mil
VIRTUAL_PORT: 9000
command: server /dataWhat is the current bug behavior?
Startup fails and exits. The docker log displays ERROR Unable to initialize backend: mkdir /data/.minio.sys/tmp/c7a77a16-f6c9-45f6-8965-38784e466c46: permission denied
What is the expected correct behavior?
Startup succeeds and log displays as follows.
Endpoint: http://192.168.112.3:9000 http://127.0.0.1:9000
Browser Access:
http://192.168.112.3:9000 http://127.0.0.1:9000
Object API (Amazon S3 compatible):
Go: https://docs.min.io/docs/golang-client-quickstart-guide
Java: https://docs.min.io/docs/java-client-quickstart-guide
Python: https://docs.min.io/docs/python-client-quickstart-guide
JavaScript: https://docs.min.io/docs/javascript-client-quickstart-guide
.NET: https://docs.min.io/docs/dotnet-client-quickstart-guide
IAM initialization completeRelevant logs and/or screenshots
Failure log:
ERROR Unable to initialize backend: mkdir /data/.minio.sys/tmp/c7a77a16-f6c9-45f6-8965-38784e466c46: permission deniedSuccess log:
Endpoint: http://192.168.112.3:9000 http://127.0.0.1:9000
Browser Access:
http://192.168.112.3:9000 http://127.0.0.1:9000
Object API (Amazon S3 compatible):
Go: https://docs.min.io/docs/golang-client-quickstart-guide
Java: https://docs.min.io/docs/java-client-quickstart-guide
Python: https://docs.min.io/docs/python-client-quickstart-guide
JavaScript: https://docs.min.io/docs/javascript-client-quickstart-guide
.NET: https://docs.min.io/docs/dotnet-client-quickstart-guide
IAM initialization completePossible fixes
Dockerfile changed to
ARG BASE_REGISTRY=registry1.dso.mil
ARG BASE_IMAGE=ironbank/redhat/ubi/ubi8
ARG BASE_TAG=8.4
FROM minio/minio:RELEASE.2021-06-17T00-10-46Z as base
FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG}
COPY --from=base /usr/bin/minio /usr/bin/minio
COPY --from=base /data /data
COPY scripts/docker-entrypoint.sh /usr/bin/docker-entrypoint.sh
RUN dnf upgrade -y && \
dnf clean all && \
rm -rf /var/cache/dnf && \
chmod +x /usr/bin/docker-entrypoint.sh && \
groupadd -g 1001 minio && \
useradd -r -u 1001 -m -s /sbin/nologin -g minio minio && \
chown -R minio:minio /data && \
chmod -R 755 /data
USER minio
EXPOSE 9000
VOLUME /data
ENTRYPOINT ["/usr/bin/docker-entrypoint.sh"]
HEALTHCHECK --interval=10s --timeout=1s --start-period=10s --retries=6 \
CMD curl -f http://localhost:9000/minio/index.html || exit 1
CMD ["minio"]
Defintion of Done
-
Bug has been identified and corrected within the container