在IBM Cloud Kubernetes中创建PVC安装时的只读错误

时间:2018-03-01 04:29:55

标签: kubernetes ibm-cloud nexus3

我正在尝试将Nexus3部署为IBM Cloud Service中的Kubernetes pod。我收到此错误,可能是因为PVC仅作为只读用户安装。我曾经在Postgres中遇到过这个问题,但我不记得如何解决它:

mkdir: cannot create directory '../sonatype-work/nexus3/log': Permission denied
mkdir: cannot create directory '../sonatype-work/nexus3/tmp': Permission denied
Java HotSpot(TM) 64-Bit Server VM warning: Cannot open file ../sonatype-work/nexus3/log/jvm.log due to No such file or directory

Warning:  Cannot open log file: ../sonatype-work/nexus3/log/jvm.log
Warning:  Forcing option -XX:LogFile=/tmp/jvm.log
Unable to update instance pid: Unable to create directory /nexus-data/instances
/nexus-data/log/karaf.log (No such file or directory)
Unable to update instance pid: Unable to create directory /nexus-data/instances

这些是PVC和POD yaml:

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: nexus-pvc
  annotations:
    volume.beta.kubernetes.io/storage-class: "ibmc-file-retain-bronze"
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 20Gi

apiVersion: v1
kind: Pod
metadata:
  name: nexus
  labels:
    name: nexus
spec:
  containers:
    - name: nexus
      image: sonatype/nexus3
      ports:
        - containerPort: 8081
      volumeMounts:
        - name: nexus-data
          mountPath: /nexus-data
        - name: tz-config
          mountPath: /etc/localtime
  volumes:
  - name: nexus-data
    persistentVolumeClaim:
      claimName: nexus-pvc
  - name: tz-config
    hostPath:
      path: /usr/share/zoneinfo/Europe/Madrid

2 个答案:

答案 0 :(得分:0)

nexus3 Dockerfile的结构使其以非root用户身份运行。但是,NFS文件存储要求root用户访问和写入它。有几种方法可以解决这个问题。一,您可以重构Dockerfile以临时将非root用户添加到root并更改卷装入权限。以下是有关的说明:https://console.bluemix.net/docs/containers/cs_storage.html#nonroot

另一种选择是运行initContainer(https://kubernetes.io/docs/concepts/workloads/pods/init-containers/),在主容器运行之前更改装载路径所有权。 initContainer看起来像这样:

initContainers:
      - name: permissionsfix
        image: ubuntu:latest
        command: ["/bin/sh", "-c"]
        args:
          - >
            chown 1000:1000 /mount;
        volumeMounts:
        - name: volume
          mountPath: /mount

答案 1 :(得分:0)

文件存储存在这些权限问题。不要使用基于文件的卷,而是使用基于块的卷。

安装 block storage plugin 并更新您的资源以使用新的可用存储类。用法示例:

        <!-- Define our template -->
        <ng-template #myTemplate> World! </ng-template>

        Hello
        <!-- Render the template in this outlet -->
        <ng-container [ngTemplateOutlet]="myTemplate"></ng-container>
相关问题
最新问题