构建 docker 容器时 gcsfuse 无法挂载
Posted
技术标签:
【中文标题】构建 docker 容器时 gcsfuse 无法挂载【英文标题】:gcsfuse cannot mount when building a docker container 【发布时间】:2018-10-16 09:02:53 【问题描述】:我正在尝试在docker build 期间在我的容器中安装一个存储块。我读过其他线程,here、here 并理解这可能是一个特权问题。可以通过在docker run 进程中添加--privileged 标志来解决,但我想在构建阶段立即安装桶。
附加到容器,检查fuse 和gcsfuse 是否都已安装。 GOOGLE_APPLICATION_CREDENTIALS 已设置,访问 Google API 没问题。这是我遇到的错误。
Opening GCS connection...
Opening bucket...
Mounting file system...
daemonize.Run: readFromProcess: sub-process: mountWithArgs: mountWithConn: Mount: mount: running fusermount: exit status 1
stderr:
fusermount: fuse device not found, try 'modprobe fuse' first
Dockerfile
FROM gcr.io/google-appengine/python
.
.
.
ENV GCSFUSE_REPO=gcsfuse-jessie
RUN apt-get update && apt-get install -y ca-certificates \
&& echo "deb http://packages.cloud.google.com/apt $GCSFUSE_REPO main" > /etc/apt/sources.list.d/gcsfuse.list \
&& curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add - \
&& apt-get update && apt-get install -y gcsfuse
# Config fuse
RUN chmod a+r /etc/fuse.conf
RUN perl -i -pe 's/#user_allow_other/user_allow_other/g' /etc/fuse.conf
# Alter permission
RUN chmod a+w mount-folder
RUN gcsfuse -o --implicit-dirs bucket mount-folder
【问题讨论】:
您应该将此案例移至 ServerFault。 【参考方案1】:要使用 gcsfuse 安装 bucker,您需要使用 --privileged 标志运行 docker。现在的问题是,“在这种情况下如何构建一个没有任何错误的 docker 镜像”?
设想:
在 Dockerfile 中,您有以下行:
RUN chmod +x launcher.sh
USER ubuntu
RUN mkdir db
RUN gcsfuse mybucket /home/username/mypath
EXPOSE 8000
CMD ["python3.6","manage.py","runmodwsgi"]
你看
Step 8/12 : USER ubuntu
---> Running in 0d880396010b
Removing intermediate container 0d880396010b
---> 390ed28965e1
Step 9/12 : RUN mkdir mypath
---> Running in b1f657562f24
Removing intermediate container b1f657562f24
---> 002ca425ac4c
Step 10/12 : RUN gcsfuse mybucket /home/username/mypath
---> Running in cae87fd47c1d
Using mount point: /home/username/mypath
Opening GCS connection...
Opening bucket...
Mounting file system...
daemonize.Run: readFromProcess: sub-process: mountWithArgs: mountWithConn: Mount: mount: running fusermount: exit status 1
stderr:
fusermount: fuse device not found, try 'modprobe fuse' first
The command '/bin/sh -c gcsfuse database_simrut /home/ubuntu/db' returned a non-zero code: 1
解决方案: 删除线
RUN gcsfuse mybucket /home/username/mypath
从 Dockerfile 并创建一个启动器脚本,而不是具有以下内容:
#!/bin/bash
gcsfuse mybucket /home/username/mypath
python3.6 manage.py runmodwsgi
你的新 docker 应该是这样的:
RUN chown $USER:$USER $HOME
RUN chmod +x launcher.sh
USER ubuntu
RUN mkdir db
EXPOSE 8000
CMD ["./launcher.sh"]
输出:
Step 8/11 : USER ubuntu
---> Running in 83c0e73295c2
Removing intermediate container 83c0e73295c2
---> fad81733c14d
Step 9/11 : RUN mkdir mypath
---> Running in 5d83416f035e
Removing intermediate container 5d83416f035e
---> 4575ba28dc44
Step 10/11 : EXPOSE 8000
---> Running in 081dc094c046
Removing intermediate container 081dc094c046
---> 546c8edd43c3
Step 11/11 : CMD ["./launcher.sh"]
---> Running in 6780900e1b2d
Removing intermediate container 6780900e1b2d
---> 9ef9fd5af68c
Successfully built 9ef9fd5af68c
【讨论】:
以上是关于构建 docker 容器时 gcsfuse 无法挂载的主要内容,如果未能解决你的问题,请参考以下文章
在非特权的基于 Ubuntu 的 Docker 容器中使用 gcsfuse 拒绝权限
使用 gcsfuse-mounted Bucket 中的数据在 Google Cloud 实例上运行 Docker