Just the deployment of elk with docker-compose, without them, view the log and found when data volumes mounted, being given insufficient authority.
Since the log is gone, here directly posted solutions.
Problem Cause and solutions
due to the security module selinux CentOS7 authority in the ban, and there are at least three ways to solve the mounted directory does not have permission problems:
1. At runtime container, container Stuttgart to right, and add on --privileged = true parameters:
Docker RUN -i -t -v / Soft: / Soft --privileged = true 686672a1d0cc / bin / the bash
Note: This is suitable RUN Docker
2. temporary closure of SELinux:
setenforce 0
This solves the problem.
3. Add selinux rule, change the directory you want to mount the security text
# change the security text format is as follows
the chcon [-R & lt] [-t type] [-u User] [- R & lt Role] files or directories Election are not parameters: - R & lt: together Qie subdirectories in the directory will also change; - T: followed by the type field of the security article! E.g. httpd_sys_content_t; - U: followed by the identification, e.g. system_u; - R & lt: street behind spy color, e.g. system_r [root@localhost Desktop]# chcon --help Usage: chcon [OPTION]... CONTEXT FILE... or: chcon [OPTION]... [-u USER] [-r ROLE] [-l RANGE] [-t TYPE] FILE... or: chcon [OPTION]... --reference=RFILE FILE... Change the SELinux security context of each FILE to CONTEXT. With --reference, change the security context of each FILE to that of RFILE. Mandatory arguments to long options are mandatory for short options too. --dereference affect the referent of each symbolic link (this is the default), rather than the symbolic link itself -h, --no-dereference affect symbolic links instead of any referenced file -u, --user=USER set user USER in the target security context -r, --role=ROLE set role ROLE in the target security context -t, --type=TYPE set type TYPE in the target security context -l, --range=RANGE set range RANGE in the target security context --no-preserve-root do not treat '/' specially (the default) --preserve-root fail to operate recursively on '/' --reference=RFILE use RFILE's security context rather than specifying a CONTEXT value -R, --recursive operate on files and directories recursively -v, --verbose output a diagnostic for every file processed The following options modify how a hierarchy is traversed when the -R option is also specified. If more than one is specified, only the final one takes effect. -H if a command line argument is a symbolic link to a directory, traverse it -L traverse every symbolic link to a directory encountered -P do not traverse any symbolic links (default) --help display this help and exit --version output version information and exit GNU coreutils online help: <http://www.gnu.org/software/coreutils/> For complete documentation, run: info coreutils 'chcon invocation'
Modify the security document / soft directory on the host
[root@localhost Desktop]# chcon -Rt svirt_sandbox_file_t /soft [root@ba471da26d07 soft]# ll total 384264 -rw-r--r--. 1 root root 212046774 Aug 8 10:01 hadoop-2.7.2.tar.gz -rw-r--r--. 1 root root 181435897 Aug 8 09:23 jdk-8u102-linux-x64.tar.gz In the docker can access the normal resources under that directory.
Original link: https: //blog.csdn.net/rznice/article/details/52170085