The default YugabyteDB Docker image from Docker Hub runs the database as a root user.
I need to run it as a non-root user and there is no release Docker image Dockerfile available in YugabyteDB repositories.
So I’ve created my own and here it is.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM centos:7.9.2009 as builder | |
| ARG YB_VERSION=2.7.1.1 | |
| RUN yum update -y && yum install -y wget curl \ | |
| && wget https://downloads.yugabyte.com/yugabyte-${YB_VERSION}-linux.tar.gz -O /yugabyte-${YB_VERSION}-linux.tar.gz | |
| FROM centos:7.9.2009 | |
| ARG GID=1060 | |
| ARG GROUPNAME=myybuser | |
| ARG UID=1060 | |
| ARG USERNAME=myybuser | |
| ARG YB_VERSION=2.7.1.1 | |
| RUN groupadd -g ${GID} ${GROUPNAME} \ | |
| && useradd -m -d /home/${USERNAME} -g ${GID} -u ${UID} -s /bin/bash ${USERNAME} | |
| COPY --from=builder /yugabyte-${YB_VERSION}-linux.tar.gz /home/${USERNAME}/yugabyte-${YB_VERSION}-linux.tar.gz | |
| RUN tar xvfz /home/${USERNAME}/yugabyte-${YB_VERSION}-linux.tar.gz -C /home/${USERNAME} --strip 1 \ | |
| && /home/${USERNAME}/bin/post_install.sh \ | |
| && chown -R ${USERNAME}:${GROUPNAME} /home/${USERNAME} \ | |
| && ln -s /home/${USERNAME}/bin/yb-admin /usr/local/bin/yb-admin \ | |
| && ln -s /home/${USERNAME}/bin/yb-ts-cli /usr/local/bin/yb-ts-cli \ | |
| && ln -s /home/${USERNAME}/bin/ycqlsh /usr/local/bin/ycqlsh \ | |
| && ln -s /home/${USERNAME}/bin/ysqlsh /usr/local/bin/ysqlsh \ | |
| && ln -s /home/${USERNAME}/bin/yugabyted /usr/local/bin/yugabyted \ | |
| && chown -R ${USERNAME}:${GROUPNAME} /usr/local/bin | |
| USER ${USERNAME} |
To build the image, run this command:
|
|
Start the container:
|
|
Run this in the the container to start the cluster:
|
|
The output:
|
|
That’s about it.
