Docker failed to start mongodb, indicating that it does not have permission to create lock files.

  docker, question

First of all, the phenomenon:

mongodb_1    | 2019-04-27T03:55:24.900+0000 I  CONTROL  [main] Automatically disabling TLS 1.0, to force-enable TLS 1.0 specify --sslDisabledProtocols 'none'
 mongodb_1    | 2019-04-27T03:55:24.904+0000 I  CONTROL  [initandlisten] MongoDB starting : pid=1 port=27017 dbpath=/data/db 64-bit host=a57fa7215d67
 mongodb_1    | 2019-04-27T03:55:24.904+0000 I  CONTROL  [initandlisten] db version v4.1.10
 mongodb_1    | 2019-04-27T03:55:24.904+0000 I  CONTROL  [initandlisten] git version: 8cdc51e7810f7fd8898a4c60b935e389f04659ee
 mongodb_1    | 2019-04-27T03:55:24.904+0000 I  CONTROL  [initandlisten] OpenSSL version: OpenSSL 1.1.0g  2 Nov 2017
 mongodb_1    | 2019-04-27T03:55:24.904+0000 I  CONTROL  [initandlisten] allocator: tcmalloc
 mongodb_1    | 2019-04-27T03:55:24.904+0000 I  CONTROL  [initandlisten] modules: none
 mongodb_1    | 2019-04-27T03:55:24.904+0000 I  CONTROL  [initandlisten] build environment:
 mongodb_1    | 2019-04-27T03:55:24.904+0000 I  CONTROL  [initandlisten]     distmod: ubuntu1804
 mongodb_1    | 2019-04-27T03:55:24.904+0000 I  CONTROL  [initandlisten]     distarch: x86_64
 mongodb_1    | 2019-04-27T03:55:24.904+0000 I  CONTROL  [initandlisten]     target_arch: x86_64
 mongodb_1    | 2019-04-27T03:55:24.904+0000 I  CONTROL  [initandlisten] options: { net: { bindIp: "*" }, security: { authorization: "enabled" } }
 mongodb_1    | 2019-04-27T03:55:24.904+0000 I  STORAGE  [initandlisten] exception in initAndListen: IllegalOperation: Attempted to create a lock file on a read-only directory: /data/db, terminating
 mongodb_1    | 2019-04-27T03:55:24.904+0000 I  NETWORK  [initandlisten] shutdown: going to close listening sockets  ...
 mongodb_1    | 2019-04-27T03:55:24.904+0000 I  NETWORK  [initandlisten] removing socket file: /tmp/mongodb-27017.sock
 mongodb_1    | 2019-04-27T03:55:24.905+0000 I  CONTROL  [initandlisten] now exiting
 mongodb_1    | 2019-04-27T03:55:24.905+0000 I  CONTROL  [initandlisten] shutting down with code:100
 dockers_mongodb_1 exited with code 100

The main problem is in this line:

mongodb_1    | 2019-04-27T03:55:24.904+0000 I  STORAGE  [initandlisten] exception in initAndListen: IllegalOperation: Attempted to create a lock file on a read-only directory: /data/db, terminating

Using mongodb’s official container Dockerfile build, using docker-compose choreography.
The dockerfile file is as follows:

FROM ubuntu:bionic
 
 # add our user and group first to make sure their IDs get assigned consistently, regardless of whatever dependencies get added
 RUN groupadd -r mongodb && useradd -r -g mongodb mongodb
 
 RUN  echo "deb  http://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic main restricted universe multiverse" > /etc/apt/sources.list \
 && echo "deb  http://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic-updates main restricted universe multiverse" >> /etc/apt/sources.list \
 && echo "deb  http://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic-backports main restricted universe multiverse" >> /etc/apt/sources.list \
 && echo "deb  http://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic-security main restricted universe multiverse" >> /etc/apt/sources.list
 
 RUN export all_proxy=http:192.168.1.177:1080
 
 RUN set -eux;  \
 apt-get update;  \
 apt-get install -y --no-install-recommends \
 ca-certificates \
 jq \
 numactl \
 ;  \
 if !   command -v ps > /dev/null;  then \
 apt-get install -y --no-install-recommends procps;  \
 fi;  \
 rm -rf /var/lib/apt/lists/*
 
 # grab gosu for easy step-down from root  ( https://github.com/tianon/gosu/releases )
 ENV GOSU_VERSION 1.11
 # grab "js-yaml" for parsing mongod's YAML config files  ( https://github.com/nodeca/js-yaml/releases )
 ENV JSYAML_VERSION 3.13.0
 
 RUN mkdir ~/.gnupg && echo "disable-ipv6" >> ~/.gnupg/dirmngr.conf
 
 RUN set -ex;  \
 \
 apt-get update;  \
 apt-get install -y --no-install-recommends \
 wget \
 ;  \
 if !   command -v gpg > /dev/null;  then \
 apt-get install -y --no-install-recommends gnupg dirmngr;  \
 fi;  \
 rm -rf /var/lib/apt/lists/*;  \
 \
 dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')";  \
 wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch";  \
 wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc";  \
 export GNUPGHOME="$(mktemp -d)";  \
 gpg --batch --keyserver  ha.pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4;  \
 gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu;  \
 command -v gpgconf && gpgconf --kill all || :;  \
 rm -r "$GNUPGHOME" /usr/local/bin/gosu.asc;  \
 chmod +x /usr/local/bin/gosu;  \
 gosu --version;  \
 gosu nobody true;  \
 \
 wget -O /js-yaml.js "https://github.com/nodeca/js-yaml/raw/${JSYAML_VERSION}/dist/js-yaml.js";  \
 # TODO some sort of download verification here
 \
 apt-get purge -y --auto-remove wget
 
 RUN mkdir /docker-entrypoint-initdb.d
 
 ENV GPG_KEYS E162F504A20CDF15827F718D4B7C549A058F8B6B
 RUN set -ex;  \
 export GNUPGHOME="$(mktemp -d)";  \
 for key in $GPG_KEYS;  do \
 gpg --batch --keyserver  ha.pool.sks-keyservers.net --recv-keys "$key";  \
 done;  \
 gpg --batch --export $GPG_KEYS > /etc/apt/trusted.gpg.d/mongodb.gpg;  \
 command -v gpgconf && gpgconf --kill all || :;  \
 rm -r "$GNUPGHOME";  \
 apt-key list
 
 # Allow build-time overrides (eg. to build image with MongoDB Enterprise version)
 # Options for MONGO_PACKAGE: mongodb-org OR mongodb-enterprise
 # Options for MONGO_REPO:  repo.mongodb.org OR  repo.mongodb.com
 # Example: docker build --build-arg MONGO_PACKAGE=mongodb-enterprise --build-arg MONGO_REPO=repo.mongodb.com .
 ARG MONGO_PACKAGE=mongodb-org-unstable
 ARG MONGO_REPO=repo.mongodb.org
 ENV MONGO_PACKAGE=${MONGO_PACKAGE} MONGO_REPO=${MONGO_REPO}
 
 ENV MONGO_MAJOR 4.1
 ENV MONGO_VERSION 4.1.10
 # bashbrew-architectures:amd64 arm64v8 s390x
 RUN echo "deb http://$MONGO_REPO/apt/ubuntu bionic/${MONGO_PACKAGE%-unstable}/$MONGO_MAJOR multiverse" | tee "/etc/apt/sources.list.d/${MONGO_PACKAGE%-unstable}.list"
 
 RUN set -x \
 && apt-get update \
 && apt-get install -y \
 ${MONGO_PACKAGE}=$MONGO_VERSION \
 ${MONGO_PACKAGE}-server=$MONGO_VERSION \
 ${MONGO_PACKAGE}-shell=$MONGO_VERSION \
 ${MONGO_PACKAGE}-mongos=$MONGO_VERSION \
 ${MONGO_PACKAGE}-tools=$MONGO_VERSION \
 && rm -rf /var/lib/apt/lists/* \
 && rm -rf /var/lib/mongodb \
 && mv /etc/mongod.conf /etc/mongod.conf.orig
 
 RUN mkdir -p /data/db /data/configdb \
 && chown -R mongodb:mongodb /data/db /data/configdb \
 && chmod g+w -R /data/db \
 && chmod g+w -R /data/configdb
 
 VOLUME /data/db /data/configdb
 
 COPY docker-entrypoint.sh /usr/local/bin/
 ENTRYPOINT ["docker-entrypoint.sh"]
 
 EXPOSE 27017
 CMD ["mongod"]

The docker-compose service configuration is as follows, and other service configurations are omitted:

mongodb:
 build: ./dockerfiles/mongodb
 volumes:
 - ./data/mongodb/db:/data/db
 - ./data/mongodb/configdb:/data/configdb
 ports:
 - 7017:27017
 environment:
 - MONGO_INITDB_ROOT_USERNAME=super
 - MONGO_INITDB_ROOT_PASSWORD=uZL99s7SMH36bZEp
 restart: always

If the volumes selection of docker-compose mongodb service is removed, it can be started normally. The reason is that the mount of the host directory causes the problem. It is stated here that the host data directory permission setting is 0777.

A lot of data searched by the network are all about permissions, but they are all about startup in non-container environment, and permissions in non-container environment can be easily solved by chmod command. In the container environment, directory permissions are also set to mongodb user ownership in dockerfile. And through the run command into the container test found mongodb users to /data/mongodb directory is writable.

I tried to set read and write permissions on /data/mongodb in the docker-entrypoint.sh file but failed.

The problem has been solved. It turned out to be my environmental problem. The mounted directory is under a shared directory of windows. mongodb does not support NFS file format, so it keeps reporting errors. I will change the mounted directory to ubuntu’s other directory and there will be no problem.

Observe the changes of volumes node below

mongodb:
 build: ./dockerfiles/mongodb
 volumes:
 - /home/longmon/data/mongodb/db:/data/db
 - /home/longmon/data/mongodb/configdb:/data/configdb
 ports:
 - 7017:27017
 environment:
 - MONGO_INITDB_ROOT_USERNAME=super
 - MONGO_INITDB_ROOT_PASSWORD=uZL99s7SMH36bZEp
 restart: always