Hi everyone,
I am pretty new to Docker and I have an issue that really puzzles me.
I am trying to run a container with persistent volume on Docker in marathon. The container persists a single .txt file in order to save its progress. When I deploy the container to test - it works just fine. The file is created if it doesn’t exist, gets read and overwritten successfully. When I deploy it to production, using the same configuration (same code, same config, same host), I get java.nio.AccessDeniedException on the first iteration - when it tries to create the file.
What I tried so far:
- Run the container in privileged mode - no difference
- Suspend the test application and re-deploy to production
Any help is much appreciated!
Dockerfile
WORKDIR /opt/klm
COPY target/auditlog.v1.batch.jar ./
RUN chown -R klm:klm /opt/klm
USER klm
CMD java -jar auditlog.v1.batch.jar
marathon.json
{
"id": "${ID}",
"cpus": 0.01,
"mem": 512,
"disk": 0,
"instances": 1,
"constraints": [
[
"hostname",
"UNIQUE"
],
],
"container": {
"type": "DOCKER",
"volumes": [
{
"containerPath": "/srv/data",
"hostPath": "/srv/data/service-auditbatch-${ENV}/srv/data",
"mode": "RW"
}
],
"docker": {
"image": "${IMAGE}",
"network": "BRIDGE",
"portMappings": [
{
"containerPort": 8080,
"servicePort": 0
}
]
}
},
"env": {
"SPRING_PROFILES_ACTIVE": "${ENV}"
},
"healthChecks": [
{
"gracePeriodSeconds": 30,
"intervalSeconds": 30,
"timeoutSeconds": 20,
"maxConsecutiveFailures": 3,
"portIndex": 0,
"path": "/actuator/health",
"protocol": "HTTP",
"ignoreHttp1xx": false
}
],
"labels": {
"env": "${ENV}"
},
"upgradeStrategy": {
"minimumHealthCapacity": 0,
"maximumOverCapacity": 0
}
}