travis上的Elasticsearch docker失败,文件夹访问被拒绝

时间:2018-10-19 17:49:50

标签: elasticsearch docker-compose travis-ci

我在travis上使用Elasticsearch docker映像时遇到麻烦。

给出此docker-compose.yml文件:

version: '2'
services:
  elasticsearch:
    image: docker.elastic.co/elasticsearch/elasticsearch:6.4.2
    ports:
      - "9200:9200"
    environment:
      - "discovery.type=single-node"
      - "transport.host=127.0.0.1"
      - "xpack.security.enabled=false"
    volumes:
      - ./elasticsearch/data:/usr/share/elasticsearch/data
  kibana:
    image: docker.elastic.co/kibana/kibana:6.4.2
    ports:
      - "5601:5601"
    depends_on:
      - elasticsearch
    environment:
      - "ELASTICSEARCH_URL: http://elasticsearch:9200"

以及以下.travis.yml文件:

before_install:
- docker-compose up -d
- docker-compose logs -f &
- wget -q --waitretry=1 --retry-connrefused -T 10 -O - http://127.0.0.1:9200
[...more stuff here...]

Elasticsearch引擎无法启动,但出现以下异常:

elasticsearch_1  | [2018-10-19T08:09:23,574][INFO ][o.e.n.Node               ] [] initializing ...
elasticsearch_1  | [2018-10-19T08:09:23,627][WARN ][o.e.b.ElasticsearchUncaughtExceptionHandler] [] uncaught exception in thread [main]
elasticsearch_1  | org.elasticsearch.bootstrap.StartupException: java.lang.IllegalStateException: Failed to create node environment
elasticsearch_1  |  at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:140) ~[elasticsearch-6.4.2.jar:6.4.2]
elasticsearch_1  |  at org.elasticsearch.bootstrap.Elasticsearch.execute(Elasticsearch.java:127) ~[elasticsearch-6.4.2.jar:6.4.2]
elasticsearch_1  |  at org.elasticsearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:86) ~[elasticsearch-6.4.2.jar:6.4.2]
elasticsearch_1  |  at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:124) ~[elasticsearch-cli-6.4.2.jar:6.4.2]
elasticsearch_1  |  at org.elasticsearch.cli.Command.main(Command.java:90) ~[elasticsearch-cli-6.4.2.jar:6.4.2]
elasticsearch_1  |  at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:93) ~[elasticsearch-6.4.2.jar:6.4.2]
elasticsearch_1  |  at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:86) ~[elasticsearch-6.4.2.jar:6.4.2]
elasticsearch_1  | Caused by: java.lang.IllegalStateException: Failed to create node environment
elasticsearch_1  |  at org.elasticsearch.node.Node.<init>(Node.java:277) ~[elasticsearch-6.4.2.jar:6.4.2]
elasticsearch_1  |  at org.elasticsearch.node.Node.<init>(Node.java:256) ~[elasticsearch-6.4.2.jar:6.4.2]
elasticsearch_1  |  at org.elasticsearch.bootstrap.Bootstrap$5.<init>(Bootstrap.java:213) ~[elasticsearch-6.4.2.jar:6.4.2]
elasticsearch_1  |  at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:213) ~[elasticsearch-6.4.2.jar:6.4.2]
elasticsearch_1  |  at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:326) ~[elasticsearch-6.4.2.jar:6.4.2]
elasticsearch_1  |  at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:136) ~[elasticsearch-6.4.2.jar:6.4.2]
elasticsearch_1  |  ... 6 more
elasticsearch_1  | Caused by: java.nio.file.AccessDeniedException: /usr/share/elasticsearch/data/nodes
elasticsearch_1  |  at sun.nio.fs.UnixException.translateToIOException(UnixException.java:90) ~[?:?]
elasticsearch_1  |  at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:111) ~[?:?]
elasticsearch_1  |  at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:116) ~[?:?]
elasticsearch_1  |  at sun.nio.fs.UnixFileSystemProvider.createDirectory(UnixFileSystemProvider.java:385) ~[?:?]
elasticsearch_1  |  at java.nio.file.Files.createDirectory(Files.java:682) ~[?:?]
elasticsearch_1  |  at java.nio.file.Files.createAndCheckIsDirectory(Files.java:789) ~[?:?]
elasticsearch_1  |  at java.nio.file.Files.createDirectories(Files.java:775) ~[?:?]
elasticsearch_1  |  at org.elasticsearch.env.NodeEnvironment.<init>(NodeEnvironment.java:203) ~[elasticsearch-6.4.2.jar:6.4.2]
elasticsearch_1  |  at org.elasticsearch.node.Node.<init>(Node.java:274) ~[elasticsearch-6.4.2.jar:6.4.2]
elasticsearch_1  |  at org.elasticsearch.node.Node.<init>(Node.java:256) ~[elasticsearch-6.4.2.jar:6.4.2]
elasticsearch_1  |  at org.elasticsearch.bootstrap.Bootstrap$5.<init>(Bootstrap.java:213) ~[elasticsearch-6.4.2.jar:6.4.2]
elasticsearch_1  |  at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:213) ~[elasticsearch-6.4.2.jar:6.4.2]
elasticsearch_1  |  at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:326) ~[elasticsearch-6.4.2.jar:6.4.2]
elasticsearch_1  |  at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:136) ~[elasticsearch-6.4.2.jar:6.4.2]
elasticsearch_1  |  ... 6 more

请注意上面的Caused by: java.nio.file.AccessDeniedException。文件夹./elasticsearch/data存在,并且像往常一样归属于travis:travis

我需要帮助在这里找到根本原因,并找到一种解决方案,希望它不涉及使用chownchmod蛮力地实施权限,并且也可以在我的本地计算机上使用(例如没有硬编码的uid。

2 个答案:

答案 0 :(得分:1)

默认情况下,Docker容器始终以root用户身份运行。结果,所有正在运行的进程,共享卷,文件夹,文件将归root用户所有。

如果您不手动创建共享文件夹,则docker将创建它,并将由root用户拥有:

$ ls -la
total 16
drwxrwxr-x  3 ubuntu ubuntu 4096 Oct 19 23:02 .
drwxrwxr-x 14 ubuntu ubuntu 4096 Oct 19 21:57 ..
-rw-rw-r--  1 ubuntu ubuntu  534 Oct 19 21:58 docker-compose.yaml
drwxr-xr-x  3 root   root   4096 Oct 19 23:02 elasticsearch

$ ls -laR elasticsearch
elasticsearch:
total 12
drwxr-xr-x 3 root   root   4096 Oct 19 23:02 .
drwxrwxr-x 3 ubuntu ubuntu 4096 Oct 19 23:02 ..
drwxr-xr-x 2 root   root   4096 Oct 19 23:02 data

elasticsearch/data:
total 8
drwxr-xr-x 2 root root 4096 Oct 19 23:02 .
drwxr-xr-x 3 root root 4096 Oct 19 23:02 ..

这就是为什么您拥有java.nio.file.AccessDeniedException

如果我们在用户启动容器之前(在./elasticsearch/data命令之前)创建了具有启动Docker容器的用户权限的docker-compose up文件夹,则可以避免。对于您的特定情况是:

before_install:
- mkdir -p elasticsearch/data
- docker-compose up -d
- docker-compose logs -f &
- wget -q --waitretry=1 --retry-connrefused -T 10 -O - http://127.0.0.1:9200
[...more stuff here...]

答案 1 :(得分:0)

当我意识到对Docker卷的理解从根本上是错误的时,我解决了这个问题。我以为为了保留数据,我需要将数据文件夹映射到本地文件系统。但实际上,所需要做的就是将其映射到Docker数据卷!这样做完全避开了许可问题。

在显示解决方案之前,我只想说我已经调查了本地映射./elasticsearch/data文件夹的用户映射问题。我发现的是:在travis主机上,该文件夹如下所示:

$ ls -la ./elasticsearch/data
total 8
drwxrwxr-x 2 travis travis 4096 Oct 20 18:21 .
drwxrwxr-x 3 travis travis 4096 Oct 20 18:21 ..
-rw-rw-r-- 1 travis travis    0 Oct 20 18:21 .gitkeep

在ES容器内部:

elasticsearch_1  | total 8
elasticsearch_1  | drwxrwxr-x 2          2000 2000 4096 Oct 20 18:16 .
elasticsearch_1  | drwxrwxr-x 1 elasticsearch root 4096 Sep 26 14:20 ..
elasticsearch_1  | -rw-rw-r-- 1          2000 2000    0 Oct 20 18:16 .gitkeep

其中uid 2000是主机的travis用户。除了我手动更改chown内容外,我不确定自从此时改变课程以来需要做什么。

就我而言,更好的解决方案是创建一个docker数据容器并将其映射到ES数据文件夹。这样,我可以重建ES映像而不会丢失数据。 docker-compose.yml文件的更改方式如下:

version: '2'
services:
  elasticsearch:
    image: docker.elastic.co/elasticsearch/elasticsearch:6.4.2
    ports:
      - "9200:9200"
    environment:
      - "discovery.type=single-node"
      - "transport.host=127.0.0.1"
      - "xpack.security.enabled=false"
    volumes:
      - "esdata:/usr/share/elasticsearch/data"
  kibana:
    image: docker.elastic.co/kibana/kibana:6.4.2
    ports:
      - "5601:5601"
    depends_on:
      - elasticsearch
    environment:
      - "ELASTICSEARCH_URL: http://elasticsearch:9200"
volumes:
  esdata:

就是这样!现在,该版本可以在本地和travis上运行。

相关问题
最新问题