无法使 AWS SAM hello world 工作(Python)

无法使 AWS SAM hello world 工作(Python)

我正在努力AWS SAM 本地使用 Python 时我遇到了一些我怀疑是与 Docker 相关的问题。

我在 Fish shell 中运行的命令(完整记录在此) 是:

$ mkdir sam-helloworld
$ cd sam-helloworld/
$ virtualenv venv
$ source venv/bin/activate.fish
$ pip install aws-sam-cli
$ sam init --runtime python3.7
$ cd sam-app
$ sam build
$ sam local invoke HelloWorldFunction --event events/event.json

最后一个命令失败并显示以下消息:

Invoking app.lambda_handler (python3.7)
2019-09-15 12:11:16 Found credentials in AWS_CREDENTIAL_FILE.

Fetching lambci/lambda:python3.7 Docker container image......
Mounting /home/evan/Downloads/sam-helloworld/sam-app/.aws-sam/build/HelloWorldFunction as /var/task:ro,delegated inside runtime container
Traceback (most recent call last):
  File "/home/evan/Downloads/sam-helloworld/venv/lib/python3.7/site-packages/docker/api/client.py", line 261, in _raise_for_status
    response.raise_for_status()
  File "/home/evan/Downloads/sam-helloworld/venv/lib/python3.7/site-packages/requests/models.py", line 940, in raise_for_status
    raise HTTPError(http_error_msg, response=self)
requests.exceptions.HTTPError: 400 Client Error: Bad Request for url: http+docker://localhost/v1.35/containers/51af2a1c32718a46e283c28e18445706d22be43989a7da476a2798e2b168f191/start

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/home/evan/Downloads/sam-helloworld/venv/bin/sam", line 10, in <module>
    sys.exit(cli())
  File "/home/evan/Downloads/sam-helloworld/venv/lib/python3.7/site-packages/click/core.py", line 764, in __call__
    return self.main(*args, **kwargs)
  File "/home/evan/Downloads/sam-helloworld/venv/lib/python3.7/site-packages/click/core.py", line 717, in main
    rv = self.invoke(ctx)
  File "/home/evan/Downloads/sam-helloworld/venv/lib/python3.7/site-packages/click/core.py", line 1137, in invoke
    return _process_result(sub_ctx.command.invoke(sub_ctx))
  File "/home/evan/Downloads/sam-helloworld/venv/lib/python3.7/site-packages/click/core.py", line 1137, in invoke
    return _process_result(sub_ctx.command.invoke(sub_ctx))
  File "/home/evan/Downloads/sam-helloworld/venv/lib/python3.7/site-packages/click/core.py", line 956, in invoke
    return ctx.invoke(self.callback, **ctx.params)
  File "/home/evan/Downloads/sam-helloworld/venv/lib/python3.7/site-packages/click/core.py", line 555, in invoke
    return callback(*args, **kwargs)
  File "/home/evan/Downloads/sam-helloworld/venv/lib/python3.7/site-packages/click/decorators.py", line 64, in new_func
    return ctx.invoke(f, obj, *args, **kwargs)
  File "/home/evan/Downloads/sam-helloworld/venv/lib/python3.7/site-packages/click/core.py", line 555, in invoke
    return callback(*args, **kwargs)
  File "/home/evan/Downloads/sam-helloworld/venv/lib/python3.7/site-packages/samcli/lib/telemetry/metrics.py", line 94, in wrapped
    raise exception  # pylint: disable=raising-bad-type
  File "/home/evan/Downloads/sam-helloworld/venv/lib/python3.7/site-packages/samcli/lib/telemetry/metrics.py", line 65, in wrapped
    return_value = func(*args, **kwargs)
  File "/home/evan/Downloads/sam-helloworld/venv/lib/python3.7/site-packages/samcli/commands/local/invoke/cli.py", line 58, in cli
    parameter_overrides)  # pragma: no cover
  File "/home/evan/Downloads/sam-helloworld/venv/lib/python3.7/site-packages/samcli/commands/local/invoke/cli.py", line 102, in do_cli
    stderr=context.stderr)
  File "/home/evan/Downloads/sam-helloworld/venv/lib/python3.7/site-packages/samcli/commands/local/lib/local_lambda.py", line 93, in invoke
    self.local_runtime.invoke(config, event, debug_context=self.debug_context, stdout=stdout, stderr=stderr)
  File "/home/evan/Downloads/sam-helloworld/venv/lib/python3.7/site-packages/samcli/local/lambdafn/runtime.py", line 86, in invoke
    self._container_manager.run(container)
  File "/home/evan/Downloads/sam-helloworld/venv/lib/python3.7/site-packages/samcli/local/docker/manager.py", line 98, in run
    container.start(input_data=input_data)
  File "/home/evan/Downloads/sam-helloworld/venv/lib/python3.7/site-packages/samcli/local/docker/container.py", line 189, in start
    real_container.start()
  File "/home/evan/Downloads/sam-helloworld/venv/lib/python3.7/site-packages/docker/models/containers.py", line 400, in start
    return self.client.api.start(self.id, **kwargs)
  File "/home/evan/Downloads/sam-helloworld/venv/lib/python3.7/site-packages/docker/utils/decorators.py", line 19, in wrapped
    return f(self, resource_id, *args, **kwargs)
  File "/home/evan/Downloads/sam-helloworld/venv/lib/python3.7/site-packages/docker/api/container.py", line 1093, in start
    self._raise_for_status(res)
  File "/home/evan/Downloads/sam-helloworld/venv/lib/python3.7/site-packages/docker/api/client.py", line 263, in _raise_for_status
    raise create_api_error_from_http_exception(e)
  File "/home/evan/Downloads/sam-helloworld/venv/lib/python3.7/site-packages/docker/errors.py", line 31, in create_api_error_from_http_exception
    raise cls(e, response=response, explanation=explanation)
docker.errors.APIError: 400 Client Error: Bad Request ("OCI runtime create failed: container_linux.go:345: starting container process caused "chdir to cwd (\"/var/task\") set in config.json failed: permission denied": unknown")

我正在运行 Arch Linux。我已通过命令确认groups我已加入该docker组(并且已重新启动)。特别是,命令docker run hello-worlddocker run -it ubuntu /bin/bash工作均按预期进行,因此我认为该问题与 SAM 有关。

运行docker info结果如下:

Client:
 Debug Mode: false

Server:
 Containers: 15
  Running: 1
  Paused: 0
  Stopped: 14
 Images: 26
 Server Version: 19.03.2-ce
 Storage Driver: overlay2
  Backing Filesystem: extfs
  Supports d_type: true
  Native Overlay Diff: false
 Logging Driver: json-file
 Cgroup Driver: cgroupfs
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: inactive
 Runtimes: runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: d50db0a42053864a270f648048f9a8b4f24eced3.m
 runc version: 425e105d5a03fabd737a126ad93d62a9eeede87f
 init version: fec3683
 Security Options:
  seccomp
   Profile: default
 Kernel Version: 5.2.14-arch2-1-ARCH
 Operating System: Arch Linux
 OSType: linux
 Architecture: x86_64
 CPUs: 4
 Total Memory: 7.651GiB
 Name: ArchScythe
 ID: 7SPH:CCQO:G626:GSME:AKSJ:3PCN:RXNG:K3DE:5PXO:CDYU:CQFD:4KBA
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 Registry: https://index.docker.io/v1/
 Labels:
 Experimental: false
 Insecure Registries:
  127.0.0.0/8
 Live Restore Enabled: false

我尝试过的方法包括更改权限/var/run/docker.sock、以 root 身份运行所有程序(抱歉)、-v向 SAM 添加标志、通过 LinuxBrew 而不是 pip 安装 SAM 等等。仍然没有成功。知道我做错了什么吗?

(我不确定是否应该在这里或 Stack Overflow 上发布此内容;如果这样更合适,版主可以随意迁移。)

答案1

几个小时后 --- 原来是权限问题。AWS SAM 正在尝试将目录挂载.aws-sam/build/var/task容器内的目录中,但 docker 用户没有读取挂载目录的权限,因为在我的主目录中,文件默认对其他文件没有权限。

为了解决这个问题,我执行了

find .aws-sam/build/ -type d -print0 | xargs -0 chmod o+rx
find .aws-sam/build/ -type f -print0 | xargs -0 chmod o+r

运行后sam build。这将公开构建工件,之后命令sam local invoke HelloWorldFunction --event events/event.json将按预期工作。

虽然至少我现在可以重新开始工作了,但这有点不妥,所以我并不完全满意。如果其他人能找到更好的方法来解决这个问题,我会接受那个答案。

相关内容