Is s3fs not able to mount inside docker container?

Question

I want to mount s3fs inside of docker container.

I made docker image with s3fs, and did like this:

host$ docker run -it --rm docker/s3fs bash
[ root@         


        

Answer 1

I'm not sure what you did that did not work, but I was able to get this to work like this:

Dockerfile:

FROM ubuntu:12.04

RUN apt-get update -qq
RUN apt-get install -y build-essential libfuse-dev fuse-utils libcurl4-openssl-dev libxml2-dev mime-support automake libtool wget tar

RUN wget https://github.com/s3fs-fuse/s3fs-fuse/archive/v1.77.tar.gz -O /usr/src/v1.77.tar.gz
RUN tar xvz -C /usr/src -f /usr/src/v1.77.tar.gz
RUN cd /usr/src/s3fs-fuse-1.77 && ./autogen.sh && ./configure --prefix=/usr && make && make install

RUN mkdir /s3bucket

After building with:

docker build --rm -t ubuntu/s3fs:latest .

I ran the container with:

docker run -it -e AWSACCESSKEYID=obscured -e AWSSECRETACCESSKEY=obscured --privileged ubuntu/s3fs:latest bash

and then inside the container:

root@efa2689dca96:/# s3fs s3bucket /s3bucket
root@efa2689dca96:/# ls /s3bucket
testing.this.out  work.please  working
root@efa2689dca96:/#

which successfully listed the files in my s3bucket.

You do need to make sure the kernel on your host machine supports fuse, but it would seem you have already done so?

Note: Your S3 mountpoint will not show/work from inside other containers when using Docker's --volume or --volumes-from directives. For example:

docker run -t --detach --name testmount -v /s3bucket -e AWSACCESSKEYID=obscured -e AWSSECRETACCESSKEY=obscured --privileged --entrypoint /usr/bin/s3fs ubuntu/s3fs:latest -f s3bucket /s3bucket
docker run -it --volumes-from testmount --entrypoint /bin/ls ubuntu:12.04 -ahl /s3bucket
total 8.0K
drwxr-xr-x  2 root root 4.0K Aug 21 21:32 .
drwxr-xr-x 51 root root 4.0K Aug 21 21:33 ..

returns no files even though there are files in the bucket.

Answer 2

Adding another solution.

Dockerfile:

FROM ubuntu:16.04

# Update and install packages
RUN DEBIAN_FRONTEND=noninteractive apt-get -y update --fix-missing && \
    apt-get install -y automake autotools-dev g++ git libcurl4-gnutls-dev wget libfuse-dev libssl-dev libxml2-dev make pkg-config

# Clone and run s3fs-fuse
RUN git clone https://github.com/s3fs-fuse/s3fs-fuse.git /tmp/s3fs-fuse && \
    cd /tmp/s3fs-fuse && ./autogen.sh && ./configure && make && make install && ldconfig && /usr/local/bin/s3fs --version

# Remove packages
RUN DEBIAN_FRONTEND=noninteractive apt-get purge -y wget automake autotools-dev g++ git make  && \
    apt-get -y autoremove --purge && apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*

# Set user and group
ENV USER='appuser'
ENV GROUP='appuser'
ENV UID='1000'
ENV GID='1000'

RUN groupadd -g $GID $GROUP && \
    useradd -u $UID -g $GROUP -s /bin/sh -m $USER

# Install fuse
RUN apt-get update   && \
    apt install fuse && \
    chown ${USER}.${GROUP} /usr/local/bin/s3fs

# Config fuse
RUN chmod a+r /etc/fuse.conf && \
    perl -i -pe 's/#user_allow_other/user_allow_other/g' /etc/fuse.conf

# Copy credentials
ENV SECRET_FILE_PATH=/home/${USER}/passwd-s3fs
COPY ./passwd-s3fs $SECRET_FILE_PATH
RUN chmod 600 $SECRET_FILE_PATH && \
    chown ${USER}.${GROUP} $SECRET_FILE_PATH

# Switch to user
USER ${UID}:${GID}


# Create mnt point
ENV MNT_POINT_PATH=/home/${USER}/data
RUN mkdir -p $MNT_POINT_PATH && \
    chmod g+w $MNT_POINT_PATH

# Execute
ENV S3_BUCKET = ''
WORKDIR /home/${USER}
CMD exec sleep 100000 && /usr/local/bin/s3fs $S3_BUCKET $MNT_POINT_PATH -o passwd_file=passwd-s3fs -o allow_other

docker-compose-yaml:

version: '3.8'
services:
  s3fs:
    privileged: true
    image: <image-name:tag>
    ##Debug
    #stdin_open: true # docker run -i
    #tty: true        # docker run -t
    environment:
      - S3_BUCKET=my-bucket-name
    devices:
      - "/dev/fuse"
    cap_add:
      - SYS_ADMIN
      - DAC_READ_SEARCH
    cap_drop:
      - NET_ADMIN

Build image with docker build -t <image-name:tag> .
Run with: docker-compose -d up