我使用 NFS 挂载/etc/prometheus/prometheus.yml通过 Ansible 向 prom/prometheus docker 映像提供(默认)配置文件。部署容器后,我在容器日志中收到以下错误,并且容器在几秒钟后重新启动。
level=error ts=2020-10-28T16:01:04.432Z caller=main.go:290 msg="Error loading config (--config.file=/etc/prometheus/prometheus.yml)" err="open /etc/prometheus/prometheus.yml: permission denied"
我可以浏览 Docker 主机(Raspberry Pi 4)上已安装的文件系统,触摸文件并以prometheus.yml启动容器的用户身份进行读取。
以下是我的剧本中的相关任务,从 CLI 部署容器时问题是相同的没有远程文件系统安装到 at 的 playbook /mnt/prometheus,并作为卷传递到容器 at/etc/prometheus
docker run -p 9090:9090 -v /mnt/prometheus:/etc/prometheus prom/prometheus
普罗米修斯/任务/main.yml(become: yes在调用该角色的剧本中设置)
- name: "Create mountpoint"
file:
path: "{{ prometheus_mount_path }}"
state: directory
mode: 0777
owner: root
group: users
- name: "Mount nfs drive for prometheus filesystem"
mount:
path: "{{ prometheus_mount_path }}"
src: "{{ nfs_server }}:{{ prometheus_nfs_path }}"
state: mounted
fstype: nfs
- name: "Create prometheus.yml in mountpoint from template"
template:
src: prometheus.yml.j2
dest: "{{ prometheus_mount_path }}/prometheus.yml"
- name: "Deploy prometheus container"
docker_container:
name: prometheus
image: prom/prometheus:latest
restart_policy: always
state: started
network_mode: host
hostname: prometheus
# exposed_ports: 9090
published_ports: 9090:9090
user: 995:1002
mounts:
volumes:
- "{{ prometheus_mount_path }}:/etc/prometheus"
comparisons:
'*': ignore
env: strict
知道什么会导致或如何解决permission denied容器中的问题吗?
编辑:我通过向 docker 提供一个本地目录来与容器共享而不是 NFS 挂载进行测试。这已成功与容器共享,并且容器已启动。指向 NFS 问题,但我还没有弄清楚。