我正在尝试使用 Docker 让 RabbitMQ 在 Nomad 中运行。然而,我偶然发现了一些与权限相关的问题。当尝试在 Nomad 中运行作业时,我要么收到此错误:
sed: preserving permissions for ‘/etc/rabbitmq/sedpR1m3w’: Operation not permitted
sed: preserving permissions for ‘/etc/rabbitmq/sedEc0Idz’: Operation not permitted
/usr/local/bin/docker-entrypoint.sh: line 250: /etc/rabbitmq/rabbitmq.conf: Permission denied
touch: cannot touch '/etc/rabbitmq/rabbitmq.conf': Permission denied
WARNING: '/etc/rabbitmq/rabbitmq.conf' is not writable, but environment variables have been provided which request that we write to it
We have copied it to '/tmp/rabbitmq.conf' so it can be amended to work around the problem, but it is recommended that the read-only source file should be modified and the environment variables removed instead.
/usr/local/bin/docker-entrypoint.sh: line 250: /tmp/rabbitmq.conf: Permission denied
或者这个错误:
chmod: changing permissions of '/var/lib/rabbitmq/.erlang.cookie': Operation not permitted
我设置了卷,以便可以保留 RabbitMQ 数据。这些卷指向网络上其他位置的 Windows Server 机器上的 SMB 共享。 我已将以下内容添加到
/etc/ftstab
以进行自动安装:
//DC02/Nomad /mnt/winshare cifs credentials=/home/linuxnomad/.smbcreds,uid=995,gid=993,file_mode=0777,dir_mode=0777 0 0
这就是工作规范的样子:
job "rabbitmq03" {
datacenters = ["techtest"]
type = "service"
constraint {
attribute = "${attr.kernel.name}"
value = "linux"
}
constraint {
attribute = "${attr.unique.hostname}"
value = "nomadlinux03"
}
group "rabbitmq" {
network {
mode = "cni/prod"
hostname = "RabbitMqNOMAD03"
}
service {
name = "${JOB}"
port = 5672
address_mode = "alloc"
check {
type = "http"
port = 15672
path = "/api/health/checks/local-alarms"
interval = "3s"
timeout = "2s"
address_mode = "alloc"
header {
Authorization = ["Basic Z3Vlc3Q6Z3Vlc3Q="]
}
}
}
task "rabbitmq" {
driver = "docker"
config {
privileged = false
image = "rabbitmq:3.8.12-management"
auth_soft_fail = true
volumes = [
"/mnt/winshare/RabbitMQ03/data:/var/lib/rabbitmq/mnesia",
"/mnt/winshare/RabbitMQ03/config:/etc/rabbitmq",
"/mnt/winshare/RabbitMQ03/log:/var/log/rabbitmq"
]
}
env {
HOSTNAME = "RabbitMqNOMAD"
RABBITMQ_DEFAULT_USER = "guest"
RABBITMQ_DEFAULT_PASS = "guest"
RABBITMQ_ERLANG_COOKIE = "testsecret"
}
resources {
cpu = 1001
memory = 6144
}
}
}
}
我确实确保使用Nomad用户权限挂载SMB共享,所以我的期望是它没问题,但也许我遗漏了一些东西?
我确实确保使用 Nomad 用户权限挂载 SMB 共享
您正在运行一个 docker 容器。 Nomad 用户权限无关紧要,只要能访问 docker daemon 即可。
也许我错过了什么?
Samba 和 cifs 有自己的权限,你是在强制
uid=995,gid=993,file_mode=0777,dir_mode=0777
。
研究 docker 容器以及什么是用户虚拟化。您的错误与 Nomad 无关。研究 samba 权限以及您正在运行的特定 docker 容器和应用程序,即rabbitmq:3.8.12-management docker continaer,了解它期望的权限。