我正在使用 Bamboo 作为托管 docker 环境(DIND)的 CI 解决方案。
它运行一个这样的docker容器:
/usr/bin/docker run
--volume /home/bamboo/bamboo-agent-home/xml-data/build-dir/INFRA-CFDNS-JOB1:/home/bamboo/bamboo-agent-home/xml-data/build-dir/INFRA-CFDNS-JOB1
--volume /home/bamboo/bamboo-agent-home/temp:/home/bamboo/bamboo-agent-home/temp
--detach
--net=host
-name 0c6c0665-e388-46eb-a379-19a52289b4942621443 internals/terraform:0.13.5
tail -f /dev/null
但是,当它在容器内部的路径上运行脚本时/home/bamboo/bamboo-agent-home/xml-data/build-dir/INFRA-CFDNS-JOB1,操作失败,提示文件系统是只读的。从 Bamboo 运行器(在 Kubernetes 中)执行操作,文件系统不是只读的。
RO目录的权限:drwxr-xr-x
Mount 显示以下内容:
10.24.71.11:zpool-127609/data/conductor/agents/0 on /home/bamboo/bamboo-agent-home type nfs (rw,relatime,vers=3,rsize=1048576,wsize=1048576,namlen=255,hard,proto=tcp,timeo=600,retrans=2,sec=sys,mountaddr=10.24.71.11,mountvers=3,mountport=34755,mountproto=udp,local_lock=none,addr=10.24.71.11)
输出docker inspect
$ docker inspect 26fbb042f8aeaa047e4bd4b0d0dec5b3520437ea899ebc3e0d8646737aea032f
[
{
"Id": "26fbb042f8aeaa047e4bd4b0d0dec5b3520437ea899ebc3e0d8646737aea032f",
"Created": "2020-12-20T15:37:35.25732282Z",
"Path": "tail",
"Args": [
"-f",
"/dev/null"
],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 352,
"ExitCode": 0,
"Error": "",
"StartedAt": "2020-12-20T15:37:36.622954493Z",
"FinishedAt": "0001-01-01T00:00:00Z"
},
"Image": "sha256:2a709b31dd875f77cea0c605b7175157d33fe274d532dd1b3c539f1be4659d7b",
"ResolvConfPath": "/var/lib/docker/containers/26fbb042f8aeaa047e4bd4b0d0dec5b3520437ea899ebc3e0d8646737aea032f/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/26fbb042f8aeaa047e4bd4b0d0dec5b3520437ea899ebc3e0d8646737aea032f/hostname",
"HostsPath": "/var/lib/docker/containers/26fbb042f8aeaa047e4bd4b0d0dec5b3520437ea899ebc3e0d8646737aea032f/hosts",
"LogPath": "/var/lib/docker/containers/26fbb042f8aeaa047e4bd4b0d0dec5b3520437ea899ebc3e0d8646737aea032f/26fbb042f8aeaa047e4bd4b0d0dec5b3520437ea899ebc3e0d8646737aea032f-json.log",
"Name": "/0c6c0665-e388-46eb-a379-19a52289b4942621443",
"RestartCount": 0,
"Driver": "overlay2",
"Platform": "linux",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "",
"ExecIDs": null,
"HostConfig": {
"Binds": [
"/home/bamboo/bamboo-agent-home/temp:/home/bamboo/bamboo-agent-home/temp",
"/home/bamboo/bamboo-agent-home/xml-data/build-dir/INFRA-CFDNS-JOB1:/home/bamboo/bamboo-agent-home/xml-data/build-dir/INFRA-CFDNS-JOB1"
],
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {}
},
"NetworkMode": "host",
"PortBindings": {},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"CapAdd": null,
"CapDrop": null,
"CgroupnsMode": "host",
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "private",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"ConsoleSize": [
0,
0
],
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": [],
"BlkioDeviceReadBps": null,
"BlkioDeviceWriteBps": null,
"BlkioDeviceReadIOps": null,
"BlkioDeviceWriteIOps": null,
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DeviceCgroupRules": null,
"DeviceRequests": null,
"KernelMemory": 0,
"KernelMemoryTCP": 0,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": null,
"OomKillDisable": false,
"PidsLimit": null,
"Ulimits": null,
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0,
"MaskedPaths": [
"/proc/asound",
"/proc/acpi",
"/proc/kcore",
"/proc/keys",
"/proc/latency_stats",
"/proc/timer_list",
"/proc/timer_stats",
"/proc/sched_debug",
"/proc/scsi",
"/sys/firmware"
],
"ReadonlyPaths": [
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
]
},
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/6247c08730bf6dfb7634c22d6650da79a941c6c6a2ad4e9c991feef19b2ab419-init/diff:/var/lib/docker/overlay2/f7ef8ae82689487bb85524d1bbd5fd0b1f526af1d0c3d718f4b7ec72a0f143f8/diff:/var/lib/docker/overlay2/278687b3bc49308491343d07768291489402b3ff490d17c397143a143e45f42c/diff:/var/lib/docker/overlay2/43946435acfcba389353825c00e86c37a0d606b828ca64004a6d1a108b34bbbd/diff:/var/lib/docker/overlay2/891133274fba0c06b2c58ab8f801f673a25ae41113de2acd4e8c9a2f21ebd447/diff",
"MergedDir": "/var/lib/docker/overlay2/6247c08730bf6dfb7634c22d6650da79a941c6c6a2ad4e9c991feef19b2ab419/merged",
"UpperDir": "/var/lib/docker/overlay2/6247c08730bf6dfb7634c22d6650da79a941c6c6a2ad4e9c991feef19b2ab419/diff",
"WorkDir": "/var/lib/docker/overlay2/6247c08730bf6dfb7634c22d6650da79a941c6c6a2ad4e9c991feef19b2ab419/work"
},
"Name": "overlay2"
},
"Mounts": [
{
"Type": "bind",
"Source": "/home/bamboo/bamboo-agent-home/xml-data/build-dir/INFRA-CFDNS-JOB1",
"Destination": "/home/bamboo/bamboo-agent-home/xml-data/build-dir/INFRA-CFDNS-JOB1",
"Mode": "",
"RW": true,
"Propagation": "rprivate"
},
{
"Type": "bind",
"Source": "/home/bamboo/bamboo-agent-home/temp",
"Destination": "/home/bamboo/bamboo-agent-home/temp",
"Mode": "",
"RW": true,
"Propagation": "rprivate"
}
],
"Config": {
"Hostname": "kubernetes-agent-pfr8v",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Cmd": [
"tail",
"-f",
"/dev/null"
],
"Image": "internals/terraform:0.13.5",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": null,
"Labels": {
"com.hashicorp.terraform.version": "0.13.5"
}
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "098b24e38ccc775cef09cab73f189c92ac489fc031e7f4defd02d17e15e43e3d",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {},
"SandboxKey": "/var/run/docker/netns/default",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "",
"Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "",
"IPPrefixLen": 0,
"IPv6Gateway": "",
"MacAddress": "",
"Networks": {
"host": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "824095738e152e8b2da3ef5e2e958ca70881672f8e2e9eb8d7c52f587b63353c",
"EndpointID": "3c2d497790b255b4c0ea9af0ac836e64a5e2406576e4f4788ff04ff23efeab0c",
"Gateway": "",
"IPAddress": "",
"IPPrefixLen": 0,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "",
"DriverOpts": null
}
}
}
}
]
有人能想到我的它会变成只读的吗?
答案1
这种行为与我遇到的情况类似。请检查https://jira.atlassian.com/browse/BAM-20951