Merge pull request #1307 from infosiftr/axe-selinux-notes
Remove SELinux specific notes
This commit is contained in:
yosifkit
GitHub
commit
b0d7d9378e
|
|
@ -97,12 +97,6 @@ The Docker documentation is a good starting point for understanding the differen
|
|||
|
||||
The `-v /my/own/datadir:/opt/bonita` part of the command mounts the `/my/own/datadir` directory from the underlying host system as `/opt/bonita` inside the container, where Bonita will deploy the bundle and write data files by default.
|
||||
|
||||
Note that users on host systems with SELinux enabled may see issues with this. The current workaround is to assign the relevant SELinux policy type to the new data directory so that the container will be allowed to access it:
|
||||
|
||||
```console
|
||||
$ chcon -Rt svirt_sandbox_file_t /my/own/datadir
|
||||
```
|
||||
|
||||
## Migrate from an earlier version of Bonita
|
||||
|
||||
- Stop the container to perform a backup
|
||||
|
|
|
|||
|
|
@ -152,12 +152,6 @@ The Docker documentation is a good starting point for understanding the differen
|
|||
|
||||
The `-v /my/own/datadir:/var/lib/cassandra` part of the command mounts the `/my/own/datadir` directory from the underlying host system as `/var/lib/cassandra` inside the container, where Cassandra by default will write its data files.
|
||||
|
||||
Note that users on host systems with SELinux enabled may see issues with this. The current workaround is to assign the relevant SELinux policy type to the new data directory so that the container will be allowed to access it:
|
||||
|
||||
```console
|
||||
$ chcon -Rt svirt_sandbox_file_t /my/own/datadir
|
||||
```
|
||||
|
||||
## No connections until Cassandra init completes
|
||||
|
||||
If there is no database initialized when the container starts, then a default database will be created. While this is the expected behavior, this means that it will not accept incoming connections until such initialization completes. This may cause issues when using automation tools, such as `docker-compose`, which start several containers simultaneously.
|
||||
|
|
|
|||
|
|
@ -78,12 +78,6 @@ $ docker run --name some-%%REPO%% -v /my/custom:/etc/mysql/conf.d -e MYSQL_ROOT_
|
|||
|
||||
This will start a new container `some-%%REPO%%` where the MariaDB instance uses the combined startup settings from `/etc/mysql/my.cnf` and `/etc/mysql/conf.d/config-file.cnf`, with settings from the latter taking precedence.
|
||||
|
||||
Note that users on host systems with SELinux enabled may see issues with this. The current workaround is to assign the relevant SELinux policy type to your new config file so that the container will be allowed to mount it:
|
||||
|
||||
```console
|
||||
$ chcon -Rt svirt_sandbox_file_t /my/custom
|
||||
```
|
||||
|
||||
### Configuration without a `cnf` file
|
||||
|
||||
Many configuration options can be passed as flags to `mysqld`. This will give you the flexibility to customize the container without needing a `cnf` file. For example, if you want to change the default encoding and collation for all tables to use UTF-8 (`utf8mb4`) just run the following:
|
||||
|
|
@ -158,12 +152,6 @@ The Docker documentation is a good starting point for understanding the differen
|
|||
|
||||
The `-v /my/own/datadir:/var/lib/mysql` part of the command mounts the `/my/own/datadir` directory from the underlying host system as `/var/lib/mysql` inside the container, where MySQL by default will write its data files.
|
||||
|
||||
Note that users on host systems with SELinux enabled may see issues with this. The current workaround is to assign the relevant SELinux policy type to the new data directory so that the container will be allowed to access it:
|
||||
|
||||
```console
|
||||
$ chcon -Rt svirt_sandbox_file_t /my/own/datadir
|
||||
```
|
||||
|
||||
## No connections until MySQL init completes
|
||||
|
||||
If there is no database initialized when the container starts, then a default database will be created. While this is the expected behavior, this means that it will not accept incoming connections until such initialization completes. This may cause issues when using automation tools, such as `docker-compose`, which start several containers simultaneously.
|
||||
|
|
|
|||
|
|
@ -144,12 +144,6 @@ The `-v /my/own/datadir:/data/db` part of the command mounts the `/my/own/datadi
|
|||
|
||||
This image also defines a volume for `/data/configdb` [for use with `--configsvr` (see docs.mongodb.com for more details)](https://docs.mongodb.com/v3.4/reference/program/mongod/#cmdoption-configsvr).
|
||||
|
||||
Note that users on host systems with SELinux enabled may see issues with this. The current workaround is to assign the relevant SELinux policy type to the new data directory so that the container will be allowed to access it:
|
||||
|
||||
```console
|
||||
$ chcon -Rt svirt_sandbox_file_t /my/own/datadir
|
||||
```
|
||||
|
||||
## Creating database dumps
|
||||
|
||||
Most of the normal tools will work, although their usage might be a little convoluted in some cases to ensure they have access to the `mongod` server. A simple way to ensure this is to use `docker exec` and run the tool from the same container, similar to the following:
|
||||
|
|
|
|||
|
|
@ -74,12 +74,6 @@ $ docker run --name some-%%REPO%% -v /my/custom:/etc/mysql/conf.d -e MYSQL_ROOT_
|
|||
|
||||
This will start a new container `some-%%REPO%%` where the MySQL instance uses the combined startup settings from `/etc/mysql/my.cnf` and `/etc/mysql/conf.d/config-file.cnf`, with settings from the latter taking precedence.
|
||||
|
||||
Note that users on host systems with SELinux enabled may see issues with this. The current workaround is to assign the relevant SELinux policy type to your new config file so that the container will be allowed to mount it:
|
||||
|
||||
```console
|
||||
$ chcon -Rt svirt_sandbox_file_t /my/custom
|
||||
```
|
||||
|
||||
### Configuration without a `cnf` file
|
||||
|
||||
Many configuration options can be passed as flags to `mysqld`. This will give you the flexibility to customize the container without needing a `cnf` file. For example, if you want to change the default encoding and collation for all tables to use UTF-8 (`utf8mb4`) just run the following:
|
||||
|
|
@ -160,12 +154,6 @@ The Docker documentation is a good starting point for understanding the differen
|
|||
|
||||
The `-v /my/own/datadir:/var/lib/mysql` part of the command mounts the `/my/own/datadir` directory from the underlying host system as `/var/lib/mysql` inside the container, where MySQL by default will write its data files.
|
||||
|
||||
Note that users on host systems with SELinux enabled may see issues with this. The current workaround is to assign the relevant SELinux policy type to the new data directory so that the container will be allowed to access it:
|
||||
|
||||
```console
|
||||
$ chcon -Rt svirt_sandbox_file_t /my/own/datadir
|
||||
```
|
||||
|
||||
## No connections until MySQL init completes
|
||||
|
||||
If there is no database initialized when the container starts, then a default database will be created. While this is the expected behavior, this means that it will not accept incoming connections until such initialization completes. This may cause issues when using automation tools, such as `docker-compose`, which start several containers simultaneously.
|
||||
|
|
|
|||
|
|
@ -78,12 +78,6 @@ $ docker run --name some-%%REPO%% -v /my/custom:/etc/mysql/conf.d -e MYSQL_ROOT_
|
|||
|
||||
This will start a new container `some-%%REPO%%` where the Percona instance uses the combined startup settings from `/etc/mysql/my.cnf` and `/etc/mysql/conf.d/config-file.cnf`, with settings from the latter taking precedence.
|
||||
|
||||
Note that users on host systems with SELinux enabled may see issues with this. The current workaround is to assign the relevant SELinux policy type to your new config file so that the container will be allowed to mount it:
|
||||
|
||||
```console
|
||||
$ chcon -Rt svirt_sandbox_file_t /my/custom
|
||||
```
|
||||
|
||||
### Configuration without a `cnf` file
|
||||
|
||||
Many configuration options can be passed as flags to `mysqld`. This will give you the flexibility to customize the container without needing a `cnf` file. For example, if you want to change the default encoding and collation for all tables to use UTF-8 (`utf8mb4`) just run the following:
|
||||
|
|
@ -162,12 +156,6 @@ The Docker documentation is a good starting point for understanding the differen
|
|||
|
||||
The `-v /my/own/datadir:/var/lib/mysql` part of the command mounts the `/my/own/datadir` directory from the underlying host system as `/var/lib/mysql` inside the container, where MySQL by default will write its data files.
|
||||
|
||||
Note that users on host systems with SELinux enabled may see issues with this. The current workaround is to assign the relevant SELinux policy type to the new data directory so that the container will be allowed to access it:
|
||||
|
||||
```console
|
||||
$ chcon -Rt svirt_sandbox_file_t /my/own/datadir
|
||||
```
|
||||
|
||||
## No connections until MySQL init completes
|
||||
|
||||
If there is no database initialized when the container starts, then a default database will be created. While this is the expected behavior, this means that it will not accept incoming connections until such initialization completes. This may cause issues when using automation tools, such as `docker-compose`, which start several containers simultaneously.
|
||||
|
|
|
|||
|
|
@ -72,12 +72,6 @@ The Docker documentation is a good starting point for understanding the differen
|
|||
|
||||
The `-v /my/own/datadir:/usr/src/redmine/files` part of the command mounts the `/my/own/datadir` directory from the underlying host system as `/usr/src/redmine/files` inside the container, where Redmine will store uploaded files.
|
||||
|
||||
Note that users on host systems with SELinux enabled may see issues with this. The current workaround is to assign the relevant SELinux policy type to the new data directory so that the container will be allowed to access it:
|
||||
|
||||
```console
|
||||
$ chcon -Rt svirt_sandbox_file_t /my/own/datadir
|
||||
```
|
||||
|
||||
## Port Mapping
|
||||
|
||||
If you'd like to be able to access the instance from the host without the container's IP, standard port mappings can be used. Just add `-p 3000:3000` to the `docker run` arguments and then access either `http://localhost:3000` or `http://host-ip:3000` in a browser.
|
||||
|
|
|
|||
|
|
@ -133,9 +133,3 @@ $ docker run --name some-%%REPO%% -v /my/own/datadir:/var/ts3server/ -d %%IMAGE%
|
|||
```
|
||||
|
||||
The `-v /my/own/datadir:/var/ts3server/` part of the command mounts the `/my/own/datadir` directory from the underlying host system as `/var/ts3server` inside the container, where TeamSpeak by default will write its data files.
|
||||
|
||||
Note that users on host systems with SELinux enabled may see issues with this. The current workaround is to assign the relevant SELinux policy type to the new data directory so that the container will be allowed to access it:
|
||||
|
||||
```console
|
||||
$ chcon -Rt svirt_sandbox_file_t /my/own/datadir
|
||||
```
|
||||
|
|
|
|||
Loading…
Reference in New Issue