D4M 17.04.0-ce-rc2-mac6 (16165): Volume labels no longer accepted in stack file #32579
Comments
|
/cc @dnephin |
|
In previous versions there was no error, but they were being ignored. The swarm mode mount definition does not support these flags. We could continue to ignore them, and warn they are being ignored, instead of returning an error. |
|
Please continue to ignore, or better yet, ignore+warn; throwing an error breaks existing stack files. Also, this behavior should be called out in the documentation. There's no mention of swarm-specific expectations: |
|
I'm pretty sure swarm mode supports these in "VolumeOptions" |
|
@cpuguy83 I think |
|
Oh yes, you are right. We don't support selinux relabeling in swarm mode. |
|
Aren't these for bind propagation? Swarmkit handles them explicitly: https://github.com/docker/swarmkit/blob/master/agent/exec/dockerapi/container.go#L290. |
|
z and Z are for selinux. |
|
@cpuguy83 We should almost just pass these through directly... |
|
@stevvooe It was a conscious decision to not support these at the time because it actually modifies the host path. |
|
I recently updated my D4M and noticed the "invalid spec" error again. |
|
I know this was 4 years ago, but I'm facing this issue now and looking for advise. |
|
For config, use swarm configs: https://docs.docker.com/engine/swarm/configs/ For logs; make sure the container sends logs to stdout/stderr, so that they're captured by docker's logging drivers |
|
@thaJeztah What is the best practice for larger non-config mounts (such as the TSDB for prometheus?) I generally prefer bind mounts to volumes due to the simplicity of working with them but it seems like it will be necessary to switch to a volume when working with persistent storage in docker swarm services. @cpuguy83 Can you elaborate on the background of the decision not to support SELinux tags in services? |
|
@ducttapecoder-vt Because the settings are not namespaced. It happens on the host, directly to those files records.
Set the selinux labels on the host. |
This comment was marked as spam.
This comment was marked as spam.
This comment was marked as spam.
This comment was marked as spam.
|
closing this one, as this was an intentional change (see above) |
and others
Description
Docker stack deploy throws errors when encountering volume labels.
This error surfaced when I upgraded to 17.04.0-ce-rc2-mac6 (16165). Rolling back to stable fixes the problem. I've opened this issue in the D4M project, and they diagnosed it as a docker/docker issue.
The previous version of Beta worked, as does the current version of Stable.
Version 17.03.1-ce-mac5 (16048)
Channel: stable
b18e2a50cc
Documentation still shows volume labels as a supported feature:
https://docs.docker.com/engine/tutorials/dockervolumes/#volume-labels
Steps to reproduce the issue:
The following docker command should be able to launch a stack with volumes that have volume labels
docker stack deploy -c docker-compose.yml my_app
e.g.
Describe the results you received:
1 error(s) decoding:
invalid spec: /var/run/docker.sock:/var/run/docker.sock:z: unknown option: z
Describe the results you expected:
A successfully deployed stack
Additional information you deem important (e.g. issue happens only occasionally):
Issue raised in 2 other forums, I was directed to raise the issue here:
https://github.com/docker/editions/issues/1006
docker/for-mac#1519
Output of
docker version:Output of
docker info:Additional environment details (AWS, VirtualBox, physical, etc.):
OSX 10.12.4, Macbook Pro 15"
The text was updated successfully, but these errors were encountered: