以非根的形式运行Fluentd码头映像
以非根的形式运行Fluentd码头映像
提问于 2017-05-12 14:48:56
这是流畅的码头形象:https://github.com/fluent/fluentd-docker-image
下面是Dockerfile:
FROM fluent/fluentd:onbuild
USER root
# below RUN includes two plugins as examples
# elasticsearch and record-reformer are not required
# you may customize including plugins as you wish
RUN apk add --update --virtual .build-deps \
sudo build-base ruby-dev \
&& sudo -u fluent gem install \
fluent-plugin-elasticsearch \
fluent-plugin-record-reformer \
&& sudo -u fluent gem sources --clear-all \
&& apk del .build-deps \
&& rm -rf /var/cache/apk/* \
/home/fluent/.gem/ruby/2.3.0/cache/*.gem
USER fluent
EXPOSE 24284将其作为码头映像运行后
docker exec -it b3c565091160 /bin/sh
cat /etc/passwd
fluent:x:1000:1000::/home/fluent:和
/home/fluent # ps -ef
PID USER TIME COMMAND
1 root 0:00 {fluentd} /usr/bin/ruby /usr/bin/fluentd -c /fluentd/etc/fluent.conf -p /fluentd/plugins
8 root 0:12 {fluentd} /usr/bin/ruby /usr/bin/fluentd -c /fluentd/etc/fluent.conf -p /fluentd/plugins
22 root 0:00 /bin/sh
28 root 0:00 ps -ef
/home/fluent # whoami
root如何以fluent用户(特别是用户1000而不是ROOT用户)的身份运行此Fluentd?
回答 2
Stack Overflow用户
回答已采纳
发布于 2021-03-08 08:42:35
最后,我以flunentd作为基本映像构建了自己的centos映像。
要运行该程序,请执行以下操作:
docker run -v [pathOfDirectoryHaving fluent.conf]/:/etc/fluent/ -p 24224:24224 -d --name <Image Name>
DOCKERFILE
FROM centos:7
# Complete the core fluentd install:
# - Create a fluent user/group for this container to run as.
# - Install which RPM (required by RVM installer).
# - Load GPG key for RVM.
# - Install RVM.
# - Use RVM to install Ruby 2.4 and make it the default Ruby version.
# - Install Fluentd and Fluentd-Kafka gems.
# - Clean up the build-support RPMs installed by the RVM installer (by using yum history undo we also remove the dependent RPMs).
# - Run rvm cleanup to wipe out leftover Ruby source files.
RUN groupadd -g 1000 fluent && \
useradd -g fluent -u 1000 -m fluent && \
yum install -y which && \
# https://rvm.io/rvm/security
gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB && \
curl -sSL https://get.rvm.io | bash -s stable && \
/bin/bash -c "source /etc/profile.d/rvm.sh && \
rvm install 2.4 && \
rvm use 2.4 --default && \
gem install fluentd -v 1.6.3 --no-document && \
gem install fluent-plugin-kafka -v 0.7.9 --no-document && \
gem install fluent-plugin-record-modifier --no-document && \
gem install fluent-plugin-secure-forward --no-document && \
rvm cleanup all" && \
mkdir /etc/fluent && \
yum -y --setopt=tsflags=noscripts remove libffi-devel-* && \
yum history -y undo last && \
yum -y clean all && \
#rpm --rebuilddb && \
#package-cleanup --problems && \
rm -rf /var/lib/yum/yumdb/*
# We expose port 24224 for the fluentd listener.
EXPOSE 24224
# Run fluentd as the fluent user (UID 1000). We must specify the user as a UID so that Kubernetes can determine
# that this container runs as a non-root user.
USER 1000
# Since we need to source /etc/profile.d/rvm.sh to populate PATH and other variables before invoking fluentd, use
# a bash login shell that in turn invokes fluentd.
ENTRYPOINT [ "/bin/bash", "-lc", "fluentd" ]Stack Overflow用户
发布于 2020-10-30 12:15:45
您必须在entrypoint.sh中对其进行调整,fluentd有一个二进制启动命令,就像容器中的每个应用程序一样。这个应用程序主要是从entrypoint.sh启动的。
在这里,我没有看到entrypoint.sh,也没有看到这个应用程序是从哪里开始的?启动后,该应用程序将被设置为运行该应用程序的id。
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/43940614
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号