No more access to mounted /fluentd/logs folder

[alexandersm]

It seems that in the latest fluentd version there is now issue with mount of the host folder to /fluentd/logs

The issue happens on dynamically created EC2 instances in AWS. Docker deployment task definition has the mount point , like /var/log/fluentd/data to /fluentd/logs

During container deployment folder /var/log/fluentd/data is created on the host EC2, but after that there is no enough permissions to write into this folder:

2019-02-10 17:41:55 +0000 [error]: config error file="/fluentd/etc/fluent.conf" error_class=Fluent::ConfigError error="out_file: `/fluentd/log/docker-20190210.log` is not writable"

To fix that we need manually execute something like chmod a+w /var/log/fluentd/data on the host then fluentd starts fine.

It seems that it is due to the latest changes in entrypoint.sh file.

Is it possible to fix it somehow?

[repeatedly]

To fix that we need manually execute something like chmod a+w /var/log/fluentd/data on the host then fluentd starts fine.
Is it possible to fix it somehow?

What the approach do other images take for such cases?
Recently, we changed docker image to follow docker way and it removed several terrible approach from docker image. Maybe it causes this problem.
We want to know how other images resolve this problem and how ECS handle user mapping.

[alexandersm]

For all other images we deploy there is no such issue
Path created on the host has write permissions for container process.. Another option which exists in ECS tasks is to define user (e.g. roo) but fluentd entrypoint ignores it

[repeatedly]

Hmm... so ECS doesn't use -u option to change running user?

https://github.com/fluent/fluentd-docker-image#change-running-user

[repeatedly]

Do you use FLUENTD_UID to set uid?

[alexandersm]

FLUENTD_UID does not help ( I've tried to set
FLUENTD_UID=0)

But I've tried to specify root user inside ECS container definition, this helps and write operations is allowed to the newly created logs folder. Tested on latest v1.4 version , not sure that it works on earlier versions.

[cpxPratik]

-u option to change user does not work. FLUENTD_UID does not work. Is there no other way than to give 777 permission on folder or adding fluent user on host and chown or building custom image?

[chesterlai]

" Is there no other way than to give 777 permission on folder or adding fluent user on host and chown or building custom image?"

-u option to change user does not work. FLUENTD_UID does not work. Is there no other way than to give 777 permission on folder or adding fluent user on host and chown or building custom image?

The reply is good for me.
But I still want to know if it would change in the official docker image.
Have any update on this?
many thanks

[chidiwilliams]

Are there any updates on this? Or workarounds or alternatives? I'm having the same issue.

[chesterlai]

Are there any updates on this? Or workarounds or alternatives? I'm having the same issue.

I run my fluentd as 'root' inside docker.
If you need workaround, you can consider about this.
But I don't think it is good.

[github-actions]

This issue has been automatically marked as stale because it has been open 30 days with no activity. Remove stale label or comment or this issue will be closed in 7 days