我试图以非root用户身份运行nginx容器
我正在尝试配置nginx.conf文件,然后将其放入k8s configmap中,但是当容器启动时,它会不断抛出诸如
“ pid”指令在此处是不允许的 /etc/nginx/conf.d/nginx-kibana.conf:4
以及随后的所有
我需要在配置中修复或调整什么,还是需要在nginx-deployment.yaml中调整volume:
这是我的nginx.conf
error_log /tmp/error.log;
# The pidfile will be written to /var/run unless this is set.
pid /tmp/nginx.pid;
worker_processes 1;
events {
worker_connections 1024;
}
http {
# Set an array of temp and cache file options that will otherwise default to
# restricted locations accessible only to root.
client_body_temp_path /tmp/client_body;
fastcgi_temp_path /tmp/fastcgi_temp;
proxy_temp_path /tmp/proxy_temp;
scgi_temp_path /tmp/scgi_temp;
uwsgi_temp_path /tmp/uwsgi_temp;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
index index.html index.htm index.php;
default_type application/octet-stream;
server {
listen 8080 default_server;
listen [::]:8080 default_server ipv6only=on;
server_name localhost;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# the UI will send the request with query string pageId to kibana to load a specific page
# e.g: iframe src="/kibana/page?pageId=dashboard"
# set proxy_pass to root kibana does not see the query params, so we have to go to /app/kibana
location ^~ /${KIBANA_PATH}/page {
proxy_pass http://127.0.0.1:5601/app/kibana/${ESC}is_args${ESC}args;
proxy_http_version 1.1;
proxy_set_header Upgrade ${ESC}http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host ${ESC}host;
proxy_cache_bypass ${ESC}http_upgrade;
}
# have to re-write URLs for kibana to strip out the /kibana part
location /${KIBANA_PATH}/ {
proxy_pass http://127.0.0.1:5601/;
proxy_http_version 1.1;
proxy_set_header Upgrade ${ESC}http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host ${ESC}host;
proxy_cache_bypass ${ESC}http_upgrade;
}
}
}
这是我将configmap安装到容器上的方式
securityContext:
fsGroup: 2000
runAsUser: 2000
volumes:
- name: nginxconfigmap-volume
configMap:
name: my-nginx-configmap
containers:
- name: nginx
image: nginx:stable
ports:
- containerPort: 8080
name: http
protocol: TCP
livenessProbe:
httpGet:
scheme: HTTP
path: /
port: 8080
initialDelaySeconds: 5
periodSeconds: 10
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 3
readinessProbe:
httpGet:
scheme: HTTP
path: /
port: 8080
initialDelaySeconds: 5
periodSeconds: 10
timeoutSeconds: 5
successThreshold: 2
failureThreshold: 6
volumeMounts:
- mountPath: /etc/nginx/conf.d
name: nginxconfigmap-volume
答案 0 :(得分:0)
如果我将卷安装路径修改为
volumeMounts:
- mountPath: /etc/nginx
name: nginxconfigmap-volume
然后我得到这个错误 2019/10/23 02:50:49 [emerg] 1#1:open()“ /etc/nginx/nginx.conf”失败(2:没有此类文件或目录) nginx:[emerg] open()“ /etc/nginx/nginx.conf”失败(2:无此类文件或目录)
不确定如何进行
答案 1 :(得分:0)
文件nginx.conf位于路径/etc/nginx中,而不位于/etc/nginx/conf.d中。您遇到的错误与nginx有关,与kubernetes无关。更改路径以正确加载您的nginx配置。
答案 2 :(得分:0)
解决了两个问题。 首先,我必须确保将conf文件命名为nginx.conf而不是nginx-kibana.conf
其次,必须确保将安装路径设置为 mountPath:/ etc / nginx