algorand · onetechnical · Jan 18, 2023 · Jan 8, 2023 · Jan 9, 2023 · Jan 11, 2023
diff --git a/Dockerfile b/Dockerfile
@@ -61,4 +61,6 @@ COPY --chown=algorand:algorand --from=builder "/node/files/run/" "/node/run/"
 # Expose Algod REST API, Algod Gossip, and Prometheus Metrics ports
 EXPOSE $ALGOD_PORT 4160 9100
 
+WORKDIR /node/bin
+
 CMD ["/node/run/run.sh"]
diff --git a/docker/README.md b/docker/README.md
@@ -1,5 +1,7 @@
 # Algod Container
 
+[![DockerHub](https://img.shields.io/badge/DockerHub-blue)](https://hub.docker.com/r/algorand/algod)
+
 General purpose algod container image.
 
 ## Image Configuration
@@ -42,6 +44,7 @@ Configuration can be modified by specifying certain files. These can be changed
 | /etc/config.json | Override default configurations by providing your own file. |
 | /etc/algod.token | Override default randomized REST API token. |
 | /etc/algod.admin.token | Override default randomized REST API admin token. |
+| /etc/logging.config | Use a custom [logging.config](https://developer.algorand.org/docs/run-a-node/reference/telemetry-config/#configuration) file for configuring telemetry. |
 
 TODO: `/etc/template.json` for overriding the private network topology.
 
@@ -66,14 +69,45 @@ Explanation of parts:
 * `-p 4190:8080` maps the internal algod REST API to local port 4190
 * `-e NETWORK=` can be set to any of the supported public networks.
 * `-e FAST_CATCHUP=` causes fast catchup to start shortly after launching the network.
-* `-e TELEMETRY_NAME=` enables telemetry reporting to Algorand for network health analysis.
+* `-e TELEMETRY_NAME=` enables telemetry reporting to Algorand for network health analysis. The value of this variable takes precedence over the GUID in `/etc/logging.config`.
 * `-e TOKEN=` sets the REST API token to use.
 * `-v ${PWD}/data:/algod/data/` mounts a local volume to the data directory, which can be used to restart and upgrade the deployment.
 
 ## Mounting the Data Directory
 
 The data directory located at `/algod/data`. Mounting a volume at that location will allow you to shutdown and resume the node.
 
+### Volume Permissions
+
+The container executes in the context of the `algorand` user with it's own UID and GID which is handled differently depending on your operating system. Here are a few options for how to work with this environment:
+
+#### Named Volume
+
+Using a named volume will work without any specific configuration in most cases:
+
+```bash
+docker volume create algod-data
+docker run -it --rm -d -v algod-data:/algod/data algorand/algod
+```
+
+#### Local Directory without SELinux
+
+Explicitly set the UID and GID of the container:
+
+```bash
+docker run -it --rm -d -v /srv/data:/algod/data -u $UID:$GID algorand/algod
+```
+
+#### Local Directory with SELinux
+
+Set the UID and GID of the container while add the `Z` option to the volume definition:
+
+```bash
+docker run -it --rm -d -v /srv/data:/algod/data:Z -u $UID:$GID algorand/algod
+```
+
+> See the documentation on [configuring the selinux label](https://docs.docker.com/storage/bind-mounts/#configure-the-selinux-label).
+
 ### Private Network
 
 Private networks work a little bit differently. They are configured with, potentially, several data directories. The default topology supplied with this container is installed to `/algod/`, and has a single node named `data`. This means the private network has a data directory at `/algod/data`, matching the production configuration.

diff --git a/docker/files/build/install.sh b/docker/files/build/install.sh
@@ -87,6 +87,6 @@ BUILD_NUMBER="" BRANCH="$BRANCH" make build
 
 shopt -s extglob
 
-cd "$BINDIR" && rm -vrf !(algocfg|algod|algoh|algokey|carpenter|catchupsrv|ddconfig.sh|diagcfg|find-nodes.sh|goal|kmd|msgpacktool|node_exporter|tealcut|tealdbg|update.sh|updater|COPYING)
+cd "$BINDIR" && rm -vrf !(algocfg|algod|algokey|diagcfg|goal|kmd|msgpacktool|node_exporter|tealdbg|update.sh|updater|COPYING)
 
 "$BINDIR"/algod -v