prometheus 与 k8s pv:打开查询日志文件时出错”file=/prometheus/queries.active err="open /prometheus/queries.a
Posted
技术标签:
【中文标题】prometheus 与 k8s pv:打开查询日志文件时出错”file=/prometheus/queries.active err="open /prometheus/queries.active: 权限被拒绝【英文标题】:prometheus with k8s pv: Error opening query log file" file=/prometheus/queries.active err="open /prometheus/queries.active: permission denied 【发布时间】:2021-11-08 03:10:26 【问题描述】:我正在尝试使用 k8s 中的持久卷在 pod 中启动 prometheus。
当我启动 pod 时,我看到:
level=info ts=2021-09-12T13:58:13.120Z caller=main.go:390 msg="No time or size retention was set so using the default time retention" duration=15d
level=info ts=2021-09-12T13:58:13.120Z caller=main.go:428 msg="Starting Prometheus" version="(version=2.29.1, branch=HEAD, revision=dcb07e8eac34b5ea37cd229545000b857f1c1637)"
level=info ts=2021-09-12T13:58:13.120Z caller=main.go:433 build_context="(go=go1.16.7, user=root@364730518a4e, date=20210811-14:48:27)"
level=info ts=2021-09-12T13:58:13.121Z caller=main.go:434 host_details="(Linux 5.4.0-1029-aws #30-Ubuntu SMP Tue Oct 20 10:06:38 UTC 2020 x86_64 prometheus-deployment-7f8fb5f467-wst2l (none))"
level=info ts=2021-09-12T13:58:13.122Z caller=main.go:435 fd_limits="(soft=1048576, hard=1048576)"
level=info ts=2021-09-12T13:58:13.122Z caller=main.go:436 vm_limits="(soft=unlimited, hard=unlimited)"
level=error ts=2021-09-12T13:58:13.122Z caller=query_logger.go:87 component=activeQueryTracker msg="Error opening query log file" file=/prometheus/queries.active err="open /prometheus/queries.active: permission denied"
panic: Unable to create mmap-ed active query log
我发现了同样的问题,但它在 docker 中 Error opening query log file
我的 pod 配置:
apiVersion: apps/v1
kind: Deployment
metadata:
name: prometheus-deployment
namespace: default
labels:
app: prometheus-server
spec:
replicas: 1
selector:
matchLabels:
app: prometheus-server
template:
spec:
containers:
- name: prometheus
image: prom/prometheus:latest
imagePullPolicy: "IfNotPresent"
args:
- "--config.file=/etc/prometheus/prometheus.yml"
- "--storage.tsdb.path=/prometheus/"
ports:
- containerPort: 9090
volumeMounts:
- name: prometheus-config-volume
mountPath: /etc/prometheus/
- name: prometheus-storage-volume
mountPath: /prometheus/
volumes:
- name: prometheus-storage-volume
persistentVolumeClaim:
claimName: prometheus-pv-claim
- name: prometheus-config-volume
configMap:
defaultMode: 420
name: prometheus-server-conf
【问题讨论】:
【参考方案1】:我遇到了同样的问题。您需要在规范中提供安全上下文。
securityContext:
fsGroup: 65534
runAsGroup: 65534
runAsNonRoot: true
runAsUser: 65534
【讨论】:
以上是关于prometheus 与 k8s pv:打开查询日志文件时出错”file=/prometheus/queries.active err="open /prometheus/queries.a的主要内容,如果未能解决你的问题,请参考以下文章
快速搭建云原生开发环境(k8s+pv+prometheus+grafana)