Running Logstash in a Docker container: data directory permissions

Hello, I'm trying to run a Docker container with this setup:

docker run --name logstash6 -d -v /srv/logstash6/pipeline/:/usr/share/logstash/pipeline/ -v /srv/logstash6/data/:/usr/share/logstash/data/ docker.elastic.co/logstash/logstash-oss:6.2.4

My problem is that Logstash is exiting with the following error:

[FATAL][logstash.runner          ] An unexpected error occurred! {:error=>#<ArgumentError: Path "/usr/share/logstash/data" must be a writable directory. It is not writable.>

I have already set 644/755 permissions on /srv/logstash6/data directory

What am I doing wrong?

Who's the owner of /srv/logstash6/data? What user is Logstash running as inside the container?

1 Like

Hi @magnusbaeck,

usually for Elasticsearch Docker container, i set a data directory to achieve persistency and the owner is root with file/folder permissions set to 755/644, and the thing works. Somehow Docker manages to automatically change the ownership of the folder.
For Logstash, I set 755/644 as well, but the container seems to be unable to write in the folder. The ownership remains for root.

I managed to make the whole thing work using a folder inside the home of the user who launches the docker run command (e.g. ~/logstash/data/), but I'm still confused how the whole thing works.

For the moment, my best practice seems to be to put all ELK containers folders inside ~/
But I would like to understand how you need to set file/folder ownership and permissions for another system folder, like /srv/* in order to make the think working always

Thank you!

I repeat: What user is Logstash running as inside the container?

The user Logstash is running inside the container is logstash
Currently, the container is able to write files to the host folder /home/user/logstash/data/ which has the following permissions:

drwxr-xr-x 5 user user 4096 Jun  8 11:34 data/

But the container would not work with a host folder owned by root, e.g. /srv/logstash/data/

drwxr-xr-x 2 root root 4096 Jun  7 14:01 data/

Thank you

What's the uid of "user"? What's the uid of "logstash" in the Logstash container?

Both logstash and user have the same uid, 1000.
I would like to understand how to set file and folder permissions when user has a uid different than logstash.
Thank you :slight_smile:

Both logstash and user have the same uid, 1000.

As I suspected. That's why it happens to work when you mount directories from your home directory.

I would like to understand how to set file and folder permissions when user has a uid different than logstash.

The directory you mount needs to be writable to the logstash user with uid 1000. So, a chown operation on /srv/logstash/data/ or whatever directory you want to use should solve the problem.

1 Like

Do you think another option would be changing uid of the logstash user inside the container with the docker run --user 1001 option?

Thank you

Yeah, that probably works.

Thank you for your time, this discussion has been really helpful to me (and I hope for others as well).

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.