Entrypoint.sh:不允许操作 no-new-privileges:对于 Traefik docker compose 为 true

问题描述 投票:0回答:1

感谢您阅读本文。

我一直在尝试为 traefik 设置以下 docker-compose.yml:

version: '3'

services:
  traefik:
    image: traefik:latest
    container_name: traefik
    restart: unless-stopped
    security_opt:
      - no-new-privileges:true
    networks:
      - proxy
    ports:
      - 80:80
      - 443:443
    environment:
      # - CF_DNS_API_TOKEN=
      # If you choose to use an API Key instead of a Token, specify your email as well
      - CF_API_EMAIL=myEmail
      - CF_API_KEY=myKey
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - /a/b/c/traefik/traefik.yml:/traefik.yml:ro
      - /a/b/c/traefik/acme.json:/acme.json
      - /a/b/c/traefik/config.yml:/config.yml:ro
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.traefik.entrypoints=http"
      - "traefik.http.routers.traefik.rule=Host(`traefik-dashboard-internal.example.com`)"
      - "traefik.http.middlewares.traefik-auth.basicauth.users=user:hash"
      - "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https"
      - "traefik.http.middlewares.sslheader.headers.customrequestheaders.X-Forwarded-Proto=https"
      - "traefik.http.routers.traefik.middlewares=traefik-https-redirect"
      - "traefik.http.routers.traefik-secure.entrypoints=https"
      - "traefik.http.routers.traefik-secure.rule=Host(`traefik-dashboard.example.com`)"
      - "traefik.http.routers.traefik-secure.middlewares=traefik-auth"
      - "traefik.http.routers.traefik-secure.tls=true"
      - "traefik.http.routers.traefik-secure.tls.certresolver=cloudflare"
      - "traefik.http.routers.traefik-secure.tls.domains[0].main=example.com"
      - "traefik.http.routers.traefik-secure.tls.domains[0].sans=*.example.com"
      - "traefik.http.routers.traefik-secure.service=api@internal"

networks:
  proxy:
    external: true

但是,运行时我得到以下输出

sudo docker compose up

# traefik is up-to-date
# Attaching to traefik
# traefik    |  exec /entrypoin.sh: operation not permited

我很确定这是由于 

no-new-privile=True
造成的,因为当我制作它时 
=Flase
它将运行容器(尽管它似乎不起作用)。

有什么想法可以解决这个问题吗?撰写文件还有其他问题吗?

我已经尝试过:

  1. 以 sudo 运行
  2. traefik、docker.sock、acme.json、config.yml 和本地时间文件的 chown 和 chmod
  3. 注释掉大部分配置

更新 1 - 版本: Ubuntu:

Distributor ID: Ubuntu
Description:    Ubuntu 23.10
Release:        23.10
Codename:       mantic

Docker:

Docker version 26.0.0, build 2ae903e

Docker 组合

Docker Compose version v2.25.0
ubuntu docker-compose traefik
1个回答
0
投票

所以我解决了我自己的问题。不知道为什么,但我必须完全删除 docker 并重新安装它。此外,我必须重新创建所有配置文件和 docker 文件。

将其留在这里,因为它可能对某些人有帮助。

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.