测试Ansible角色时,我的systemd服务无法启动。这是我得到的错误,
TASK [memcached : Packages Present] ********************************************
changed: [localhost] => (item=[u'memcached', u'libmemcached'])
TASK [memcached : Service Enabled] *********************************************
fatal: [localhost]: FAILED! => {"changed": false, "msg": "Could not find the requested service memcached: host"}
我的.drone.yml
pipeline:
build:
image: samdoran/centos7-ansible
privileged: true
commands:
- echo 'sslverify=0' >> /etc/yum.conf
- yum install -y redhat-lsb-core python-devel openldap-devel git gcc gcc-c++ python2-pip
- pip install -U pip tox
- tox
我的docker-compose.yml
version: '2'
services:
drone-server:
image: drone/drone:0.8
ports:
- 8000:8000
- 9000
volumes:
- /var/lib/drone:/var/lib/drone/
- /etc/ssl/certs/ca-bundle.crt:/etc/ssl/certs/ca-certificates.crt
restart: always
environment:
- DRONE_OPEN=true
- DRONE_HOST=https://example.server
- DRONE_ADMIN=drone
- DRONE_VOLUME=/etc/ssl/certs/ca-bundle.crt:/etc/ssl/certs/ca-certificates.crt
- DRONE_GOGS_GIT_USERNAME=drone
- DRONE_GOGS_GIT_PASSWORD=XXXXXXXX
- DRONE_GOGS=true
- DRONE_GOGS_URL=https://example.gogs
- DRONE_SECRET=${DRONE_SECRET}
drone-agent:
image: drone/agent:0.8
command: agent
restart: always
depends_on:
- drone-server
volumes:
- /var/run/docker.sock:/var/run/docker.sock
environment:
- DRONE_SERVER=drone-server:9000
- DRONE_SECRET=${DRONE_SECRET}
- DOCKER_API_VERSION=1.24
我尝试手动执行memcached安装,从我的fedora工作站启动一个基础centos:7 docker容器,并且当--privileged时,服务按预期启动。无人机码头工人正在RHEL 7主机上运行。我已经在Drone界面中将存储库设置为trusted。
答案 0 :(得分:0)
将/sys/fs/cgroup
的只读权限添加到volumes
部分:
- /sys/fs/cgroup:/sys/fs/cgroup:ro
完整的解释here。
答案 1 :(得分:0)
事实证明,问题与如何实现entrycommands有关,如果你覆盖它没有像预期那样初始化的命令。因此,解决方法是启动容器,分离,然后将命令发送到正在运行的容器。
---
pipeline:
system:
image: cyberpunkspike/docker-centos7-ansible:latest
labels:
com.amtrustna.it.infr.serv.system: "true"
cap_add:
- SYS_ADMIN
volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro
init: /usr/lib/systemd/systemd
detach: true
exec:
image: docker
volumes:
- /var/run/docker.sock:/var/run/docker.sock
commands:
- CONTAINER_ID="$(docker ps -qf "label=com.amtrustna.it.infr.serv.system")"
- test -n "$CONTAINER_ID" || { echo "Container Not Found"; exit 1 ;}
- docker exec -t "$CONTAINER_ID" sh -c "export TERM=xterm-256color; cd $PWD && tox"
答案 2 :(得分:0)
有时你可以通过用systemctl.py替换init-command来删除整个特权/系统内容。它甚至可以为您提供不同的错误诊断。