我在多个不同的Docker容器中创建日志文件时遇到问题(rabbitmq容器,rabbit mongodb BE,和我的2个异步任务调度器服务)在我的服务器上,因为权限错误。我相信这可能与我运行docker容器的架构有关,原因是,当它们在我的mac m1上运行时,我没有问题(arm 64?),但是当我试图在我的服务器(amd 64?)上运行它们时,每个容器都无法创建日志文件。我将使用rabbitmq容器和mongodb容器作为示例:
对接合成:
rabbit:
hostname: rabbit
image: "rabbitmq:3-management"
volumes:
- ./data/rabbitmq_logs:/var/log/rabbitmq
env_file:
- .env
ports:
- "15672:15672"
- "5672:5672"
rabbit_mongodb:
image: mongo:latest
volumes:
- ./data/rabbit_mongodb_logs:/var/log/mongodb
command:
- '--logpath'
- '/var/log/mongodb/rabbit_mongodb_log.log'
ports:
- "27017:27017"
.环境:
RABBITMQ_LOG_BASE=/var/log/rabbitmq
RABBITMQ_LOGS=${RABBITMQ_LOG_BASE}/rabbit_log.log
RABBITMQ_SASL_LOGS=${RABBITMQ_LOG_BASE}/rabbit_sasl_log.log
mongodb错误日志:
rabbit_mongodb_1 | {"t":{"$date":"2021-11-04T16:22:14.797Z"},"s":"F", "c":"CONTROL", "id":20574, "ctx":"-","msg":"Error during global initialization","attr":{"error":{"code":38,"codeName":"FileNotOpen","errmsg":"Can't initialize rotatable log file :: caused by :: Failed to open /var/log/mongodb/rabbit_mongodb_log.log"}}}
cntautomation-private_rabbit_mongodb_1 exited with code 1
rabbitmq错误日志:
rabbit_1 | 2021-11-04 16:22:28.227565+00:00 [info] <0.222.0> Feature flags: list of feature flags found:
rabbit_1 | 2021-11-04 16:22:28.327521+00:00 [info] <0.222.0> Feature flags: [ ] implicit_default_bindings
rabbit_1 | 2021-11-04 16:22:28.327573+00:00 [info] <0.222.0> Feature flags: [ ] maintenance_mode_status
rabbit_1 | 2021-11-04 16:22:28.327596+00:00 [info] <0.222.0> Feature flags: [ ] quorum_queue
rabbit_1 | 2021-11-04 16:22:28.327623+00:00 [info] <0.222.0> Feature flags: [ ] stream_queue
rabbit_1 | 2021-11-04 16:22:28.327726+00:00 [info] <0.222.0> Feature flags: [ ] user_limits
rabbit_1 | 2021-11-04 16:22:28.327744+00:00 [info] <0.222.0> Feature flags: [ ] virtual_host_metadata
rabbit_1 | 2021-11-04 16:22:28.327768+00:00 [info] <0.222.0> Feature flags: feature flag states written to disk: yes
rabbit_1 | 2021-11-04 16:22:30.826617+00:00 [noti] <0.44.0> Application syslog exited with reason: stopped
rabbit_1 | 2021-11-04 16:22:30.826709+00:00 [noti] <0.222.0> Logging: switching to configured handler(s); following messages may not be visible in this log output
rabbit_1 |
rabbit_1 | BOOT FAILED
rabbit_1 | ===========
rabbit_1 | failed to open log file at '/var/log/rabbitmq/rabbit@rabbit_upgrade.log', reason: permission denied
rabbit_1 |
rabbit_1 | 2021-11-04 16:22:31.039651+00:00 [erro] <0.222.0>
rabbit_1 | 2021-11-04 16:22:31.039651+00:00 [erro] <0.222.0> BOOT FAILED
rabbit_1 | 2021-11-04 16:22:31.039651+00:00 [erro] <0.222.0> ===========
rabbit_1 | 2021-11-04 16:22:31.039651+00:00 [erro] <0.222.0> failed to open log file at '/var/log/rabbitmq/rabbit@rabbit_upgrade.log', reason: permission denied
rabbit_1 | 2021-11-04 16:22:31.039651+00:00 [erro] <0.222.0>
rabbit_1 | 2021-11-04 16:22:32.043686+00:00 [erro] <0.221.0> crasher:
rabbit_1 | 2021-11-04 16:22:32.043686+00:00 [erro] <0.221.0> initial call: application_master:init/4
rabbit_1 | 2021-11-04 16:22:32.043686+00:00 [erro] <0.221.0> pid: <0.221.0>
rabbit_1 | 2021-11-04 16:22:32.043686+00:00 [erro] <0.221.0> registered_name: []
rabbit_1 | 2021-11-04 16:22:32.043686+00:00 [erro] <0.221.0> exception exit: {{cannot_log_to_file,
rabbit_1 | 2021-11-04 16:22:32.043686+00:00 [erro] <0.221.0> "/var/log/rabbitmq/rabbit@rabbit_upgrade.log",eacces},
rabbit_1 | 2021-11-04 16:22:32.043686+00:00 [erro] <0.221.0> {rabbit,start,[normal,[]]}}
rabbit_1 | 2021-11-04 16:22:32.043686+00:00 [erro] <0.221.0> in function application_master:init/4 (application_master.erl, line 142)
rabbit_1 | 2021-11-04 16:22:32.043686+00:00 [erro] <0.221.0> ancestors: [<0.220.0>]
rabbit_1 | 2021-11-04 16:22:32.043686+00:00 [erro] <0.221.0> message_queue_len: 1
rabbit_1 | 2021-11-04 16:22:32.043686+00:00 [erro] <0.221.0> messages: [{'EXIT',<0.222.0>,normal}]
rabbit_1 | 2021-11-04 16:22:32.043686+00:00 [erro] <0.221.0> links: [<0.220.0>,<0.44.0>]
rabbit_1 | 2021-11-04 16:22:32.043686+00:00 [erro] <0.221.0> dictionary: []
rabbit_1 | 2021-11-04 16:22:32.043686+00:00 [erro] <0.221.0> trap_exit: true
rabbit_1 | 2021-11-04 16:22:32.043686+00:00 [erro] <0.221.0> status: running
rabbit_1 | 2021-11-04 16:22:32.043686+00:00 [erro] <0.221.0> heap_size: 610
rabbit_1 | 2021-11-04 16:22:32.043686+00:00 [erro] <0.221.0> stack_size: 29
rabbit_1 | 2021-11-04 16:22:32.043686+00:00 [erro] <0.221.0> reductions: 177
rabbit_1 | 2021-11-04 16:22:32.043686+00:00 [erro] <0.221.0> neighbours:
rabbit_1 | 2021-11-04 16:22:32.043686+00:00 [erro] <0.221.0>
rabbit_1 | 2021-11-04 16:22:32.067915+00:00 [noti] <0.44.0> Application rabbit exited with reason: {{cannot_log_to_file,"/var/log/rabbitmq/rabbit@rabbit_upgrade.log",eacces},{rabbit,start,[normal,[]]}}
rabbit_1 | {"Kernel pid terminated",application_controller,"{application_start_failure,rabbit,{{cannot_log_to_file,\"/var/log/rabbitmq/rabbit@rabbit_upgrade.log\",eacces},{rabbit,start,[normal,[]]}}}"}
rabbit_1 | Kernel pid terminated (application_controller) ({application_start_failure,rabbit,{{cannot_log_to_file,"/var/log/rabbitmq/rabbit@rabbit_upgrade.log",eacces},{rabbit,start,[normal,[]]}}})
rabbit_1 |
rabbit_1 | Crash dump is being written to: /var/log/rabbitmq/erl_crash.dump...cntautomation-private_rabbit_1 exited with code 0
同样,当在我的本地开发服务器(mac m1)上启动时没有问题,但是当试图在服务器(aws lightsail示例)上启动时,我遇到了这些问题。这是发生在我的大多数服务上的。我对正确管理权限不是很熟悉,所以有没有一些解决方法可以使用,或者我完全遗漏了一些东西?
任何帮助都将不胜感激。谢谢!
最新消息:
更有可能的情况是,正在创建的已装入卷是以root用户身份创建的:
drwxr-xr-x 8 root root 4096 Nov 4 22:32 data
并且数据目录中的所有日志目录也都为root设置了权限。
进入任务调度服务时,我看到创建的日志目录具有以下权限:
drwxr-xr-x 2 root root 4096 Nov 4 22:32 logs
但在我的Mac电脑上,它有:
drwxr-xr-x 9 nobody nogroup 288 Nov 4 21:40 logs
这就是我在Dockerfile中设置的所有权和在Docker-compose文件中设置的服务的用户。
worker:
build:
context: ./services/website
dockerfile: Dockerfile.celery
user: nobody
entrypoint: celery -A src.celery.celery:celery worker --loglevel INFO
volumes:
- ./data/worker_logs:/usr/src/app/logs
env_file:
- .env
environment:
- DEPLOYMENT_TYPE=development
- LOG_FILE=./logs/worker_logs.log
depends_on:
- rabbit
- web
- rabbit_mongodb
restart: on-failure:10
FROM python:3.9.7
WORKDIR /usr/src/app
COPY ./requirements.txt .
RUN pip install -r requirements.txt
COPY . .
RUN chown nobody:nogroup ./
RUN ln -s /run/shm /dev/shm
RUN mkdir -p /usr/src/app/logs
RUN chown nobody:nogroup /usr/src/app/logs
看起来Docker容器正在从服务器获取已挂载卷的权限,但它在我的Mac上没有这样做。我该如何为我的Docker容器设置权限并正确管理这些已挂载卷?注意,AWS Lightsail示例的默认用户是“ubuntu”。
1条答案
按热度按时间6tdlim6h1#
看起来你的rabbitMQ目录没有权限。在我的例子中,它在/opt/rabbitmq中,我这样解决它: