Docker Community Forums

Share and learn in the Docker community.

Run docker-compose as root on linux


(Nxtra) #1

I want to run docker-compose as root on linux server of aws.

I want to do this to spin up a website on port 80. From what I read you have to run docker-compose as root for ports below 1024.

How can I run docker-compose as root user?

I tried the following techniques:

  • ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
    /////////////
  • install docker-compose in /usr/bin
    /////////////

With either of the above setups, I can run ‘sudo docker-compose up -d’.
Still my website is unavailable on port 80. When I change the yaml to run on a port above 1024 it does work.

Am I not running as root or is something else going on?

Continued:

docker-compose.yml

version: '3.3'

volumes:
  data:
networks:
  back:

services:

  db:
    image: mysql:5.7
    volumes:
      - data:/var/lib/mysql
    environment:
       MYSQL_ROOT_PASSWORD: somewordpress
       MYSQL_DATABASE: wordpress
       MYSQL_USER: wordpress
       MYSQL_PASSWORD: wordpress
    networks:
      - back

  wordpress:
    depends_on:
      - db
    image: wordpress:latest
    ports:
      - 80:80
      - 443:443
    environment:
       WORDPRESS_DB_HOST: db:3306
       WORDPRESS_DB_USER: wordpress
       WORDPRESS_DB_PASSWORD: wordpress
    volumes:
      - ./html:/var/www/html
    container_name: site
    networks:
      - back

  phpmyadmin:
    depends_on:
      - db
    image: phpmyadmin/phpmyadmin
    restart: always
    ports:
      - 3001:80
    environment:
      PMA_HOST: db
      MYSQL_USER: wordpress
      MYSQL_PASSWORD: wordpress
      MYSQL_ROOT_PASSWORD: wordpress
    networks:
      - back

I can run a python app on port 80 however, docker-compose.yml :
version: ‘3’

services:

  kickstarter-service:
  #build whats in this directory, relative to docker-compose file
    build: ./kickstarter
    volumes:
      - ./kickstarter:/usr/src/app
    ports:
      - 8000:80

  website:
    image: php:apache
    volumes:
      - ./website:/var/www/html
    ports:
      - 443:80
    depends_on:
      - kickstarter-service 

Summary:

I can run the website on port 8080
I cannot run the website on port 80 (refused to connect in browser, but container is up)
I can run the pythonapp on port 8080 and 80
–> Why can I not run my website on port 80 with docker-compose?


(David Maze) #2

Same as any other command, generally with sudo.

This doesn’t matter, because you must be root to run Docker commands at all (or be in a group that effectively gives you root permissions) and because the Docker daemon runs as root. (There’s a specific issue with the Mac desktop version of Docker which you won’t hit on AWS.)

Have you checked the usual culprits: you’re actually publishing the ports with a ports directive in the docker-compose.yml file; you don’t have a local firewall that’s blocking it; you don’t have an AWS security group that’s blocking it?


(Nxtra) #3

Thanks for the reply. I tried some things out. I am able to serve a python app on port 80. But still cannot serve my website there. I attached additional info about aws security groups and docker to the original question. The container is up and should be accessable on port 80 but I get a “refused to connect”.
I can serve and visit a pythonapp on port 80 though.
With the extra info I provide (also in original question), do you have an idea why I cannot visit the webpage.