Chronos无法运行私有Docker容器

时间:2016-12-12 20:52:02

标签: mesos marathon dcos

我在使用DC / OS安装的localhost上玩游戏。虽然一切正常,但我似乎无法在私人仓库中运行码头图像。我使用python与chronos进行通信:

@celery.task(name='add-job', soft_time_limit=5)
def add_job(job_id):
    job_document = mongo.jobs.find_one({
        '_id': job_id
    })

    if job_document:
        worker_document = mongo.workers.find_one({
            '_id': job_document['workerId']
        })

        if worker_document:
            job = {
                'async': True,
                'name': job_document['_id'],
                'owner': 'owner@gmail.com',
                'command': "python /code/run.py",
                "disabled": False,
                "shell": True,
                "cpus": worker_document['cpus'],
                "disk": worker_document['disk'],
                "mem": worker_document['memory'],
                'schedule': 'R1//PT300S',# start now,
                "epsilon": "PT60M",
                "container": {
                    "type": "DOCKER",
                    "forcePullImage": True,
                    "image": "quay.io/username/container",
                    "network": "HOST",
                    "volumes": [{
                        "containerPath": "/images/",
                        "hostPath": "/images/",
                        "mode": "RW"
                    }]
                },
                "uris": [
                    "file:///images/docker.tar.gz"
                ]
            }
            return chronos_client.add(job)
        else:
            return 'worker not found'
    else:
        return 'job not found'

使用公共映像(alpine:latest)可以正常运行作业,但是在dcos安装中没有任何错误就会失败。

作业被执行但是立即失败。 chronos中作业的错误日志如下所示:

I1212 12:39:11.141639 25058 fetcher.cpp:498] Fetcher Info: {"cache_directory":"\/tmp\/mesos\/fetch\/slaves\/61d6d037-c9f5-482b-a441-11d85554461b-S1\/root","items":[{"action":"BYPASS_CACHE","uri":{"cache":false,"executable":false,"extract":false,"value":"file:\/\/\/images\/docker.tar.gz"}}],"sandbox_directory":"\/var\/lib\/mesos\/slave\/slaves\/61d6d037-c9f5-482b-a441-11d85554461b-S1\/docker\/links\/7029bbea-4c3d-439a-8720-411f6fe40eb9","user":"root"}
I1212 12:39:11.143575 25058 fetcher.cpp:409] Fetching URI 'file:///images/docker.tar.gz'
I1212 12:39:11.143587 25058 fetcher.cpp:250] Fetching directly into the sandbox directory
I1212 12:39:11.143602 25058 fetcher.cpp:187] Fetching URI 'file:///images/docker.tar.gz'
I1212 12:39:11.143612 25058 fetcher.cpp:167] Copying resource with command:cp '/images/docker.tar.gz' '/var/lib/mesos/slave/slaves/61d6d037-c9f5-482b-a441-11d85554461b-S1/docker/links/7029bbea-4c3d-439a-8720-411f6fe40eb9/docker.tar.gz'
I1212 12:39:11.146726 25058 fetcher.cpp:547] Fetched 'file:///images/docker.tar.gz' to '/var/lib/mesos/slave/slaves/61d6d037-c9f5-482b-a441-11d85554461b-S1/docker/links/7029bbea-4c3d-439a-8720-411f6fe40eb9/docker.tar.gz'

标准输出是空的。作为具有相同设置的应用程序直接在马拉松内部执行,身份验证可以正常运行并且我的图像已下载&执行。这是chronos不支持的东西吗?它应该......我的意思是,它有docker命令......

更新:深入研究代理日志我发现了这个:

Failed to run 'docker -H unix:///var/run/docker.sock pull quay.io/username/container': exited with status 1; stderr='Error: Status 403 trying to pull repository username/container: "{\"error\": \"Permission Denied\"}"

我在代理本身上使用它的config.json文件尝试了存档,并且可以在从命令行触发时下载。我似乎无法理解为什么chronos没有正确使用它。我无法找到关于如何将我的凭据放在此之外的任何其他参考资料。

2 个答案:

答案 0 :(得分:4)

事实证明...... uris param已弃用,取而代之的是fetch。我从头开始使用应用于chronos的马拉松配置,并在看到这个时仔细观察日志:{'message': 'Tried to add both uri (deprecated) and fetch parameters on aBPepwhG5z33e4teG', 'status': 'Bad Request'}。然后我将我的uris参数改为:

"fetch": [{
    "uri": "/images/docker.tar.gz",
    "extract": true,
    "executable": false,
    "cache": false
}]

......它有效。

答案 1 :(得分:0)

你的帖子看起来有点像this one,结果证明是卷的问题。

相关问题
最新问题