I am starting a new Grafana docker instance (no migration) with the latest 5.2.4 version on ubuntu 16 and ubuntu 17 and when I add volumes I get this error
docker-compose up
Starting grafana_grafana_1 ... done
Attaching to grafana_grafana_1
grafana_1 | GF_PATHS_DATA='/var/lib/grafana' is not writable.
grafana_1 | You may have issues with file permissions, more information here: http://docs.grafana.org/installation/docker/#migration-from-a-previous-version-of-the-docker-container-to-5-1-or-later
grafana_1 | mkdir: cannot create directory '/var/lib/grafana/plugins': Permission denied
grafana_grafana_1 exited with code 1
tried setting user 472 104 and all but nothing worked ref.
It looks like you’re trying to map a folder from your local hard drive into the Grafana container on /var/lib/grafana, is that correct? In that case you either have to start the container using the same userid as you have locally or chown the local folder to match Grafanas userid (472).
You can find out what your user id is by running id -u.
Basically now every time I start grafana from docker compose, it deletes all my data. So I wanted a persistent storage to save my data and hence the volume to local system. Is there any other way to save the data?
With persistent storage you have a few different options. You can create a docker volume and in vanilla docker that will work with the file permissions for the Grafana docker container (id = 472, group = 472).
When using a local folder you need to do a little bit of extra work to make it so that the docker container can read the contents of the folder as well as write to it. In the example below we will modify the user that Grafana runs as within the container so that it runs as the same user id as you do in your local file system, this will guarantee that it has access if you do.
mkdir gfdata
id -u (this will give you your user id, which you will enter into the docker-compose file. In my case it is 1001, replace 1001 in the docker-compose file with your id)
Glad to hear it worked out for you. Not sure why setting the id didn’t work out though. I presume you didn’t set id but the actual numeric id that id -u returned?
Just to share my experience with the same permissions errors:
Specifying the user:"$UID", initially didn’t work. It was throwing an error - that is until I first did “docker rm grafana” (where grafana is my container name) to clear out the failed container.
Now it is running great.
I’kind of having the same issue. The user: "1001" option didn’t work although id -u said 1001.
When I start grafana with changed permissions as given on this page (at the very bottom where it says Modifying permissions everything runs smoothly (for "<your volume mapping here>" I set two volumes to my local filesystem to make the data persistent).
I thought once started with the given commands, permissions would persist. I was wrong. Yet when I tried to start the whole thing with docker-compose everything reverts “not working”.
So my question(s) is: How do I have to write docker-compose.yml to change the permissions on startup OR how to make the permission changes permanent (with a bit of work up-front).
The reason I want to have it setup like this is, that I want to regularly update (reinstall) my hostsystem. All data that need to be persistant are on an external diskstation. --> When I install new hostsystem I would like to docker-compose up and have everything I need running…
I literally have no idea why this worked for me, but I think I have a solution.
TL;DR: user: ":" worked for me
What didn’t work for me:
Setting data folder ownership to 472:472
Setting “user:” to something meaningful, like my UID or UID:GID, or some IDs that correspond to the ownership of the host data directory
What did work:
Setting host folder permissions to 777, but I didn’t like it. I noticed though that with 777 permissions the files created by grafana were owned by some random user IDs, that might or might not depend on the “user:” setting provided in the docker-compose.yml
So I tried setting “user:” to “$UID:$GID”, but got a warning saying
WARN[0000] The "UID" variable is not set. Defaulting to a blank string.
WARN[0000] The "GID" variable is not set. Defaulting to a blank string.
But in this case, the files created by the docker container were owned by my host user, not by a random UID (which was the case with all the other options, regardless of the user setting). Then I decided to get rid of warning and just set it to a blank string. And it worked, now all the files created by grafana are owned by my host user and everything works fine.
For some reason though user: "" doesn’t work, but user: ":" does.
It would be great if some docker guru explained this behaviour though.
Well for me the second solution with the user ID did work. On the machine which docker container should run id -u which gives back a number (in my case 1026). The extend docker-compose.yml within the grafana service wiht user: "1026". Then restart the with docker-compose up.
Thought I’d just be a good samaritan and leave a quick answer.
If you mount a local directory into the container, run chown 472:0 -Rv {dir}
grafana runs as user grafana (472) but part of group root (0)
By running this on the dir of the host, nothing needs to change on the container config, and it will start working.
Notes:
How to find the user in the future if this pops up and the solu above doesn’t work.
Run the following command: docker run -ti --rm --entrypoint="" grafana/grafana-oss:{version} /bin/bash
This will take you into a bash console within the container.
You can then run whoami → to find the user its running as.
You can cat /etc/passwd and see what the {user}'s id is and what group they are a part of.
That info can then be taken back up to the original command.