If you are running SELinux and have errors then copy the polcy file to a to the docker host, and then run these commands:
checkmodule -M -m -o sameersbn-docker-nginx.mod sameersbn-docker-nginx.te
semodule_package -o sameersbn-docker-nginx.pp -m sameersbn-docker-nginx.mod
sudo semodule -i sameersbn-docker-nginx.pp
The nginx module ngx_pagespeed doesn't play well with current implementions
of SELinux policies for docker. The Pagespeed module tries to call mmap()
on
/dev/zero to
create a volitile (anonymous) shared memory segment. In non-containerized
situations this isn't a problem becuse the host is labeled in such away that
allows the "execute" permission on /dev/zero. ("execute" permission is
required for mmap)
The error generated by ngx_pagespeed looks like this:
nginx: [error] [ngx_pagespeed 1.9.32.10-7423] Unable to create SHM segment [1]globalstatistics, mmap failed with errno=13.
nginx: [warn] [ngx_pagespeed 1.9.32.10-7423] Problem during shared memory setup; statistics functionality unavailable.
nginx: [error] [ngx_pagespeed 1.9.32.10-7423] Unable to create SHM segment [1]dummy_hostname:-1statistics, mmap failed with errno=13.
nginx: [warn] [ngx_pagespeed 1.9.32.10-7423] Problem during shared memory setup; statistics functionality unavailable.
nginx: [error] [ngx_pagespeed 1.9.32.10-7423] Unable to create SHM segment [1]pagespeed_default_shm/metadata_cache, mmap failed with errno=13.
nginx: [error] [ngx_pagespeed 1.9.32.10-7423] SharedMemCache: can't create segment pagespeed_default_shm/metadata_cache of size 52445184
nginx: [error] [ngx_pagespeed 1.9.32.10-7423] Unable to create SHM segment [1]/named_locks, mmap failed with errno=13.
nginx: [error] [ngx_pagespeed 1.9.32.10-7423] Unable to create memory segment for locks.