Openshift Nginx permission problem [nginx: [emerg] mkdir() "/var/cache/nginx/client_temp" failed (13: Permission denied)]

docker nginx openshift root alpine
relief.melone picture relief.melone · Jan 25, 2019 · Viewed 11.6k times · Source

I am currently running into a problem trying to set up nginx:alpine in Openshift.

My build runs just fine but I am not able to deploy with permission being denied with the following error

2019/01/25 06:30:54 [emerg] 1#1: mkdir() "/var/cache/nginx/client_temp" failed (13: Permission denied)

nginx: [emerg] mkdir() "/var/cache/nginx/client_temp" failed (13: Permission denied)

Now I know Openshift is a bit tricky when it comes to permissions as the container is running without root privilidges and the UID is gerenated on runetime which means it's not available in /etc/passwd. But the user is part of the group root. Now how this is supposed to be handled is being described here

https://docs.openshift.com/container-platform/3.3/creating_images/guidelines.html#openshift-container-platform-specific-guidelines

I even went further and made the whole /var completely accessible (777) for testing purposes but I still get the error. This is what my Dockerfile looks like

Dockerfile

FROM nginx:alpine

#Configure proxy settings
ENV HTTP_PROXY=http://my.proxy:port
ENV HTTPS_PROXY=http://my.proxy:port
ENV HTTP_PROXY_AUTH=basic:*:username:password

WORKDIR /app
COPY . .

# Install node.js
RUN apk update && \
    apk add nodejs npm python make curl g++


# Build Application
RUN npm install
RUN ./node_modules/@angular/cli/bin/ng build
COPY ./dist/my-app /usr/share/nginx/html

# Configure NGINX
COPY ./openshift/nginx/nginx.conf /etc/nginx/nginx.conf
COPY ./openshift/nginx/conf.d/default.conf /etc/nginx/conf.d/default.conf

RUN chgrp -R root /var/cache/nginx /var/run /var/log/nginx && \
    chmod -R 777 /var
RUN sed -i.bak 's/^user/#user/' /etc/nginx/nginx.conf

EXPOSE 8080

It's funny that this approach just seems to effekt the alpine version of nginx. nginx:latest (based on debian I think) has no issues and the way to set it up described here

https://torstenwalter.de/openshift/nginx/2017/08/04/nginx-on-openshift.html

works. (but i am having some other issues with that build so I switched to alpine)

Any ideas why this is still not working?

Answer

quasipolynomial picture quasipolynomial · Nov 1, 2019

I was using openshift, with limited permissions, so I fixed this problem by using the following nginx image (rather than nginx:latest) 

FROM nginxinc/nginx-unprivileged

Related questions

From inside of a Docker container, how do I connect to the localhost of the machine?

So I have a Nginx running inside a docker container, I have a mysql running on localhost, I want to connect to the MySql from within my Nginx. The MySql is running on localhost and not exposing a port to …

Read More
How to correctly link php-fpm and Nginx Docker containers?

I am trying to link 2 separate containers: nginx:latest php:fpm The problem is that php scripts do not work. Perhaps the php-fpm configuration is incorrect. Here is the source code, which is in my repository. Here is the file …

Read More
How to run Nginx within a Docker container without halting?

I have Nginx installed on a Docker container, and am trying to run it like this: docker run -i -t -p 80:80 mydockerimage /usr/sbin/nginx The problem is that the way Nginx works, is that the initial process immediately spawns …

Read More