尝试在 Airflow 上运行 DockerOperator 时权限被拒绝

时间:2021-05-28 15:15:16

标签: macos docker airflow

我在 Mac OS X Catalina 上通过 Docker Desktop 2.0.0.3 运行 Airflow 1.10.12。在我的 DAG 中,我有类似的内容:

DockerOperator(
    api_version='1.21',
    docker_url='unix://var/run/docker.sock',
    command='/bin/sleep 30',
    image='centos:latest',
    network_mode='bridge',
    task_id='docker_op_tester',
    dag=dag,
)

在我的 docker-compose 文件中:

scheduler:
    image: apache/airflow:1.10.12-python3.8
    restart: always
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - ....etc

当我运行 DAG 时,它在 DockerOperator 中失败:

    [2021-05-28 15:12:47,157] {taskinstance.py:1150} ERROR - ('Connection aborted.', PermissionError(13, 'Permission denied'))
Traceback (most recent call last):
  File "/home/airflow/.local/lib/python3.8/site-packages/urllib3/connectionpool.py", line 670, in urlopen
    httplib_response = self._make_request(
  File "/home/airflow/.local/lib/python3.8/site-packages/urllib3/connectionpool.py", line 392, in _make_request
    conn.request(method, url, **httplib_request_kw)
  File "/usr/local/lib/python3.8/http/client.py", line 1255, in request
    self._send_request(method, url, body, headers, encode_chunked)
  File "/usr/local/lib/python3.8/http/client.py", line 1301, in _send_request
    self.endheaders(body, encode_chunked=encode_chunked)
  File "/usr/local/lib/python3.8/http/client.py", line 1250, in endheaders
    self._send_output(message_body, encode_chunked=encode_chunked)
  File "/usr/local/lib/python3.8/http/client.py", line 1010, in _send_output
    self.send(msg)
  File "/usr/local/lib/python3.8/http/client.py", line 950, in send
    self.connect()
  File "/home/airflow/.local/lib/python3.8/site-packages/docker/transport/unixconn.py", line 43, in connect
    sock.connect(self.unix_socket)
PermissionError: [Errno 13] Permission denied

我环顾四周,尝试了一些方法,包括一些残酷的 chmod 777...,但似乎没有任何效果。有什么想法吗?

1 个答案:

答案 0 :(得分:0)

默认情况下,official 映像以 50000 个用户运行,并且该用户不在能够运行 docker 命令所需的 docker 组中。

您有几个选项(但其中一些仅在 2.0.2+ 版本的气流中可用:

  1. 在您的主机中创建一个 uid = 50000 的用户并将其添加到 docker 组。虽然这有点黑客

  2. root 用户身份运行图像(但我认为这个图像只能与 2.0.2+ 的 Airflow 图像一起运行。 此处示例:How to configure docker-compose.yml to up a container as root

  3. 以您的“主机”用户身份运行映像(如果您的“主机”用户已添加到 docker 组) - 这可能涉及将参数传递给 docker-compose 命令,或创建 .env 文件,如中所述https://airflow.apache.org/docs/apache-airflow/stable/start/docker.html#initializing-environment

相关问题
最新问题