Hello there, Today, I'd want to introduce you to a typical Docker Volumes issue. Sometimes our applications are not Cloud Native as they should be, or they are not as mature as we would like.
This article describes how to mount Docker volumes between the host and container without root privileges. Some open-source projects still require root privileges! However, because this is a HIGH-RISK vulnerability, it should be avoided in production environments. It's a....

Let's start with a simple Node.js HTTP server that writes logs and shares them with hosts via mount docker volume.
Let's setup permissions
Disclaimer! Why not use Filebeat or Logstash to work with logs? I prefer to keep things simple and easy. Node Express Server will be used to list logs as static files, which is very secure! 🤭
Let's start by creating your Docker file to support node applications.
- Dockerfile-node
This file accepts the following arguments: UID: a user identifier, GID: a group identifier, and SOURCE: the application directory.
We'll create basic Node.js applications, run scripts, and copy javascript files.
- apps/simple-express/index.js
- apps/static-server-express/index.js
Don't forget to sets the script "start" in file both "package.json".
Next step, create your docker compose file.
- docker-compose.yml
Observe the environment variables; the host and container will have the identical user id (UID), group id (GID), and directory path (volume). The Node container will be in responsible of writing logs, while the Static container will list and read files.
Congratulations, you have completed your composition file, let's start containers.
Now, test several HTTP requests on port 3000 and file reading on port 3001.


You can validate file and directory permissions by deleting logs from the host and making new requests.
That's it!
If you prefer, you can clone the repository. https://github.com/williampsena/docker-recipes.
We build some containers that share a volume without root access. Remember that if you want to use a specific user, the UID and GID for the host and containers must be the same.
Your kernel has already been upgraded; see you later.