Nomad 中 RabbitMQ 与 docker 卷的问题

问题描述 投票:0回答:1

我正在尝试使用 Docker 让 RabbitMQ 在 Nomad 中运行。然而,我偶然发现了一些与权限相关的问题。当尝试在 Nomad 中运行作业时,我要么收到此错误:

sed: preserving permissions for ‘/etc/rabbitmq/sedpR1m3w’: Operation not permitted
sed: preserving permissions for ‘/etc/rabbitmq/sedEc0Idz’: Operation not permitted
/usr/local/bin/docker-entrypoint.sh: line 250: /etc/rabbitmq/rabbitmq.conf: Permission denied
touch: cannot touch '/etc/rabbitmq/rabbitmq.conf': Permission denied

WARNING: '/etc/rabbitmq/rabbitmq.conf' is not writable, but environment variables have been provided which request that we write to it
  We have copied it to '/tmp/rabbitmq.conf' so it can be amended to work around the problem, but it is recommended that the read-only source file should be modified and the environment variables removed instead.

/usr/local/bin/docker-entrypoint.sh: line 250: /tmp/rabbitmq.conf: Permission denied

或者这个错误:

chmod: changing permissions of '/var/lib/rabbitmq/.erlang.cookie': Operation not permitted

我设置了卷,以便可以保留 RabbitMQ 数据。这些卷指向网络上其他位置的 Windows Server 机器上的 SMB 共享。 我已将以下内容添加到

/etc/ftstab
以进行自动安装:

//DC02/Nomad /mnt/winshare cifs credentials=/home/linuxnomad/.smbcreds,uid=995,gid=993,file_mode=0777,dir_mode=0777 0 0

这就是工作规范的样子:

job "rabbitmq03" {
  datacenters = ["techtest"]
  type        = "service"
  
  constraint {
    attribute = "${attr.kernel.name}"
    value     = "linux"
  }

    constraint {
    attribute = "${attr.unique.hostname}"
    value     = "nomadlinux03"
  }
  
  group "rabbitmq" {
    network {
        mode = "cni/prod"
      hostname = "RabbitMqNOMAD03"
    }
    
    service {
      name         = "${JOB}"
      port         = 5672
      address_mode = "alloc"
      check {
        type         = "http"
            port         = 15672
        path         = "/api/health/checks/local-alarms"
        interval     = "3s"
        timeout      = "2s"
        address_mode = "alloc"
        header {
          Authorization = ["Basic Z3Vlc3Q6Z3Vlc3Q="]
        }
      }
    }

    task "rabbitmq" {
      driver = "docker"
      
      config {
        privileged     = false
        image          = "rabbitmq:3.8.12-management"
        auth_soft_fail = true
        
        volumes = [
          "/mnt/winshare/RabbitMQ03/data:/var/lib/rabbitmq/mnesia",
          "/mnt/winshare/RabbitMQ03/config:/etc/rabbitmq",
          "/mnt/winshare/RabbitMQ03/log:/var/log/rabbitmq"
        ]
      }

      env {
        HOSTNAME = "RabbitMqNOMAD"
        RABBITMQ_DEFAULT_USER = "guest"
        RABBITMQ_DEFAULT_PASS = "guest"
        RABBITMQ_ERLANG_COOKIE = "testsecret"    
      }

      resources {
        cpu    = 1001
        memory = 6144
      }
    }
  }
}

我确实确保使用Nomad用户权限挂载SMB共享,所以我的期望是它没问题,但也许我遗漏了一些东西?

rabbitmq smb nomad
1个回答
0
投票

我确实确保使用 Nomad 用户权限挂载 SMB 共享

您正在运行一个 docker 容器。 Nomad 用户权限无关紧要,只要能访问 docker daemon 即可。

也许我错过了什么?

Samba 和 cifs 有自己的权限,你是在强制

uid=995,gid=993,file_mode=0777,dir_mode=0777

研究 docker 容器以及什么是用户虚拟化。您的错误与 Nomad 无关。研究 samba 权限以及您正在运行的特定 docker 容器和应用程序,即rabbitmq:3.8.12-management docker continaer,了解它期望的权限。

© www.soinside.com 2019 - 2024. All rights reserved.