All geek questions in one place

How to set folder access rights for a specific container on an elastic beanstalk

I have problems setting permissions for a web folder on Elastic Beanstalk. I run several containers using custom docker images in a single instance: apache-php, mysql, memcached, etc. For the "apache-php" container, I map the folder to my yii2 application in / var / www / html /.

When I manually create a package and download / deploy through the Elastic Beanstalk console, I am sure that you have rights to this folder and everything works fine.

Now, when I deploy the application using "eb deploy", it removes all permissions, and I get a server error, and "the directory is not writable by the web process: / var / www / html / backend / web / assets" in the logs .

I can connect via ssh and set the necessary permissions manually, but this is not convenient, since it needs to be done every time the application is redeployed.

So, my questions are the best way to automatically select the resolution for a specific folder in a specific container on Elastic Beanstalk?

Maybe I can use .ebextensions, but I have not found how to run "container_commands" for a specific container.

+5
source share
2 answers

AWS EB Deployment launches your application in /var/app/ondeck

  • When you deploy an elastic bean stack, your application is first unpacked in /var/app/ondeck/
    • Most likely, your local folder, expanded, does not have the necessary permissions.
  • If you need to make adjustments to your application or shell during deployment, .ebextensions/*.config is the place to .ebextensions/*.config .

Container Commands Must Be Run This Way

But keep in mind that these commands will run EVERY time you deploy, regardless of whether you need them or not, unless you use some method to verify pre-config.

 container_commands: 08user_config: test: test ! -f /opt/elasticbeanstalk/.preconfig-complete command: | echo "jail-me" > /home/ec2-user/.userfile 09writable_dirs: command: | chmod -R 770 /var/app/ondeck/backend/web/assets chmod -R 770 /var/app/ondeck/[path] 99complete: command: | touch /opt/elasticbeanstalk/.preconfig-complete files: "/etc/profile.d/myalias.sh": mode: "000644" owner: root group: root content: | alias webroot='cd /var/www/html/backend/web; ls -al --color;' echo " ========== " echo " The whole point of Elastic Beanstalk is that you shouldn't need to SSH into the server. " echo " ========== "
+9
source

Yes, you should use ebextensions.

Create a folder in the root directory of the application named .ebextensions . Create a file with the extension .config , say 01-folder-permissions.config . Files are processed in the lexicographic order of their name.

The contents of the file may be:

 container_commands: change_permissions: command: chmod 777 /var/www/some-folder

Replace the appropriate folder and permissions. Read more about container commands here .

-1
source

Source: https://habr.com/ru/post/1241215/

More articles:


All Articles