Go to Qiita Advent Calendar 2024 Top
LoginSignup
5
3

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?

More than 5 years have passed since last update.

@tamanobi(Kohki Yamagiwa)

fluentdのプラグインを公式DockerイメージでインストールするときはRootユーザーで実行しよう

Last updated at Posted at 2019-08-06

結論

  • Gemインストール時は、ユーザーをrootに切り替えれば良い
  • https://hub.docker.com/r/fluent/fluentd/3. Customize Dockerfile to install plugins (optional) の節に書いてある

はじめに

あなたは、DockerHubで公開されているfluentdのイメージに新しくプラグインを入れたいとします。ここではGCSプラグインを例とします。

失敗例

何も考えずに以下のDockerfileを作りました。これではいけません。

FROM fluentd:v1.6-1
RUN gem install fluent-plugin-gcs

$ docker build -t fluentd-gcs .
Sending build context to Docker daemon  2.048kB
Step 1/2 : FROM fluentd:v1.6-1
 ---> 4d4d1e466958
Step 2/2 : RUN gem install fluent-plugin-gcs
 ---> Running in fb98c78f3610
ERROR:  While executing gem ... (Gem::FilePermissionError)
    You don't have write permissions for the /usr/lib/ruby/gems/2.5.0 directory.

パーミッションエラー

権限が足りずにプラグインインストールに失敗してしまいます。

ERROR:  While executing gem ... (Gem::FilePermissionError)
    You don't have write permissions for the /usr/lib/ruby/gems/2.5.0 directory.

なぜそうなるか

fluentdの実行ユーザーが fluent になっているため起こります。 https://hub.docker.com/r/fluent/fluentd/dockerfile の中に USER fluent と書いてあるからです。
fluentユーザーでは、 /usr/lib/ruby/gems/2.5.0 への書き込み権限がありません。

成功例

DockerのUSERインストラクションでユーザーをrootへ変更して実行します。無事完了します。

FROM fluentd:v1.6-1
USER root
RUN gem install fluent-plugin-gcs
USER fluent

$ docker build -t fluentd-gcs .
Sending build context to Docker daemon  2.048kB
Step 1/4 : FROM fluentd:v1.6-1
 ---> 4d4d1e466958
Step 2/4 : USER root
 ---> Running in 524cdb350bbd
Removing intermediate container 524cdb350bbd
 ---> 06ae39860fc1
Step 3/4 : RUN gem install fluent-plugin-gcs
 ---> Running in 98c82c8d168d
Successfully installed multipart-post-2.1.1
Successfully installed faraday-0.15.4
Successfully installed google-cloud-env-1.2.0
Successfully installed google-cloud-core-1.3.0
Successfully installed declarative-option-0.1.0
Successfully installed declarative-0.0.10
Successfully installed uber-0.1.0
Successfully installed representable-3.0.4
Successfully installed retriable-3.1.2
Successfully installed public_suffix-3.1.1
Successfully installed addressable-2.6.0
Successfully installed mini_mime-1.0.2
Successfully installed jwt-2.2.1
Successfully installed multi_json-1.13.1
Successfully installed signet-0.11.0
Successfully installed memoist-0.16.0
Successfully installed os-1.0.1
Successfully installed googleauth-0.9.0
Successfully installed httpclient-2.8.3
Successfully installed google-api-client-0.30.8
Successfully installed digest-crc-0.4.1
Successfully installed mime-types-data-3.2019.0331
Successfully installed mime-types-3.2.2
Successfully installed google-cloud-storage-1.19.0
Successfully installed fluent-plugin-gcs-0.4.0
25 gems installed
Removing intermediate container 98c82c8d168d
 ---> 21cef68e5ac6
Step 4/4 : USER fluent
 ---> Running in d8c63dbf5184
Removing intermediate container d8c63dbf5184
 ---> 0cecffaf0aae
Successfully built 0cecffaf0aae
Successfully tagged fluentd-gcs:latest

まとめ

  • Gemインストール時は、ユーザーをrootに切り替えれば良い
  • https://hub.docker.com/r/fluent/fluentd/3. Customize Dockerfile to install plugins (optional) の節に書いてある
5
3
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin
5
3

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?