rabbitmq 由于权限错误,无法在非本地Docker容器中创建日志文件

goqiplq2  于 2022-11-08  发布在  RabbitMQ
关注(0)|答案(1)|浏览(1276)

我在多个不同的Docker容器中创建日志文件时遇到问题(rabbitmq容器,rabbit mongodb BE,和我的2个异步任务调度器服务)在我的服务器上,因为权限错误。我相信这可能与我运行docker容器的架构有关,原因是,当它们在我的mac m1上运行时,我没有问题(arm 64?),但是当我试图在我的服务器(amd 64?)上运行它们时,每个容器都无法创建日志文件。我将使用rabbitmq容器和mongodb容器作为示例:
对接合成:

rabbit:
    hostname: rabbit
    image: "rabbitmq:3-management"
    volumes:
      - ./data/rabbitmq_logs:/var/log/rabbitmq
    env_file:
      - .env
    ports:
      - "15672:15672"
      - "5672:5672"

  rabbit_mongodb:
    image: mongo:latest
    volumes:
      - ./data/rabbit_mongodb_logs:/var/log/mongodb
    command: 
      - '--logpath'
      - '/var/log/mongodb/rabbit_mongodb_log.log'
    ports:
      - "27017:27017"

.环境:

RABBITMQ_LOG_BASE=/var/log/rabbitmq
RABBITMQ_LOGS=${RABBITMQ_LOG_BASE}/rabbit_log.log
RABBITMQ_SASL_LOGS=${RABBITMQ_LOG_BASE}/rabbit_sasl_log.log

mongodb错误日志:

rabbit_mongodb_1  | {"t":{"$date":"2021-11-04T16:22:14.797Z"},"s":"F",  "c":"CONTROL",  "id":20574,   "ctx":"-","msg":"Error during global initialization","attr":{"error":{"code":38,"codeName":"FileNotOpen","errmsg":"Can't initialize rotatable log file :: caused by :: Failed to open /var/log/mongodb/rabbit_mongodb_log.log"}}}
cntautomation-private_rabbit_mongodb_1 exited with code 1

rabbitmq错误日志:

rabbit_1          | 2021-11-04 16:22:28.227565+00:00 [info] <0.222.0> Feature flags: list of feature flags found:
rabbit_1          | 2021-11-04 16:22:28.327521+00:00 [info] <0.222.0> Feature flags:   [ ] implicit_default_bindings
rabbit_1          | 2021-11-04 16:22:28.327573+00:00 [info] <0.222.0> Feature flags:   [ ] maintenance_mode_status
rabbit_1          | 2021-11-04 16:22:28.327596+00:00 [info] <0.222.0> Feature flags:   [ ] quorum_queue
rabbit_1          | 2021-11-04 16:22:28.327623+00:00 [info] <0.222.0> Feature flags:   [ ] stream_queue
rabbit_1          | 2021-11-04 16:22:28.327726+00:00 [info] <0.222.0> Feature flags:   [ ] user_limits
rabbit_1          | 2021-11-04 16:22:28.327744+00:00 [info] <0.222.0> Feature flags:   [ ] virtual_host_metadata
rabbit_1          | 2021-11-04 16:22:28.327768+00:00 [info] <0.222.0> Feature flags: feature flag states written to disk: yes
rabbit_1          | 2021-11-04 16:22:30.826617+00:00 [noti] <0.44.0> Application syslog exited with reason: stopped
rabbit_1          | 2021-11-04 16:22:30.826709+00:00 [noti] <0.222.0> Logging: switching to configured handler(s); following messages may not be visible in this log output
rabbit_1          |
rabbit_1          | BOOT FAILED
rabbit_1          | ===========
rabbit_1          | failed to open log file at '/var/log/rabbitmq/rabbit@rabbit_upgrade.log', reason: permission denied
rabbit_1          |
rabbit_1          | 2021-11-04 16:22:31.039651+00:00 [erro] <0.222.0>
rabbit_1          | 2021-11-04 16:22:31.039651+00:00 [erro] <0.222.0> BOOT FAILED
rabbit_1          | 2021-11-04 16:22:31.039651+00:00 [erro] <0.222.0> ===========
rabbit_1          | 2021-11-04 16:22:31.039651+00:00 [erro] <0.222.0> failed to open log file at '/var/log/rabbitmq/rabbit@rabbit_upgrade.log', reason: permission denied
rabbit_1          | 2021-11-04 16:22:31.039651+00:00 [erro] <0.222.0>
rabbit_1          | 2021-11-04 16:22:32.043686+00:00 [erro] <0.221.0>   crasher:
rabbit_1          | 2021-11-04 16:22:32.043686+00:00 [erro] <0.221.0>     initial call: application_master:init/4
rabbit_1          | 2021-11-04 16:22:32.043686+00:00 [erro] <0.221.0>     pid: <0.221.0>
rabbit_1          | 2021-11-04 16:22:32.043686+00:00 [erro] <0.221.0>     registered_name: []
rabbit_1          | 2021-11-04 16:22:32.043686+00:00 [erro] <0.221.0>     exception exit: {{cannot_log_to_file,
rabbit_1          | 2021-11-04 16:22:32.043686+00:00 [erro] <0.221.0>                          "/var/log/rabbitmq/rabbit@rabbit_upgrade.log",eacces},
rabbit_1          | 2021-11-04 16:22:32.043686+00:00 [erro] <0.221.0>                      {rabbit,start,[normal,[]]}}
rabbit_1          | 2021-11-04 16:22:32.043686+00:00 [erro] <0.221.0>       in function  application_master:init/4 (application_master.erl, line 142)
rabbit_1          | 2021-11-04 16:22:32.043686+00:00 [erro] <0.221.0>     ancestors: [<0.220.0>]
rabbit_1          | 2021-11-04 16:22:32.043686+00:00 [erro] <0.221.0>     message_queue_len: 1
rabbit_1          | 2021-11-04 16:22:32.043686+00:00 [erro] <0.221.0>     messages: [{'EXIT',<0.222.0>,normal}]
rabbit_1          | 2021-11-04 16:22:32.043686+00:00 [erro] <0.221.0>     links: [<0.220.0>,<0.44.0>]
rabbit_1          | 2021-11-04 16:22:32.043686+00:00 [erro] <0.221.0>     dictionary: []
rabbit_1          | 2021-11-04 16:22:32.043686+00:00 [erro] <0.221.0>     trap_exit: true
rabbit_1          | 2021-11-04 16:22:32.043686+00:00 [erro] <0.221.0>     status: running
rabbit_1          | 2021-11-04 16:22:32.043686+00:00 [erro] <0.221.0>     heap_size: 610
rabbit_1          | 2021-11-04 16:22:32.043686+00:00 [erro] <0.221.0>     stack_size: 29
rabbit_1          | 2021-11-04 16:22:32.043686+00:00 [erro] <0.221.0>     reductions: 177
rabbit_1          | 2021-11-04 16:22:32.043686+00:00 [erro] <0.221.0>   neighbours:
rabbit_1          | 2021-11-04 16:22:32.043686+00:00 [erro] <0.221.0>
rabbit_1          | 2021-11-04 16:22:32.067915+00:00 [noti] <0.44.0> Application rabbit exited with reason: {{cannot_log_to_file,"/var/log/rabbitmq/rabbit@rabbit_upgrade.log",eacces},{rabbit,start,[normal,[]]}}
rabbit_1          | {"Kernel pid terminated",application_controller,"{application_start_failure,rabbit,{{cannot_log_to_file,\"/var/log/rabbitmq/rabbit@rabbit_upgrade.log\",eacces},{rabbit,start,[normal,[]]}}}"}
rabbit_1          | Kernel pid terminated (application_controller) ({application_start_failure,rabbit,{{cannot_log_to_file,"/var/log/rabbitmq/rabbit@rabbit_upgrade.log",eacces},{rabbit,start,[normal,[]]}}})
rabbit_1          |
rabbit_1          | Crash dump is being written to: /var/log/rabbitmq/erl_crash.dump...cntautomation-private_rabbit_1 exited with code 0

同样,当在我的本地开发服务器(mac m1)上启动时没有问题,但是当试图在服务器(aws lightsail示例)上启动时,我遇到了这些问题。这是发生在我的大多数服务上的。我对正确管理权限不是很熟悉,所以有没有一些解决方法可以使用,或者我完全遗漏了一些东西?
任何帮助都将不胜感激。谢谢!
最新消息:
更有可能的情况是,正在创建的已装入卷是以root用户身份创建的:

drwxr-xr-x 8 root   root   4096 Nov  4 22:32 data

并且数据目录中的所有日志目录也都为root设置了权限。
进入任务调度服务时,我看到创建的日志目录具有以下权限:

drwxr-xr-x  2 root   root    4096 Nov  4 22:32 logs

但在我的Mac电脑上,它有:

drwxr-xr-x  9 nobody nogroup  288 Nov  4 21:40 logs

这就是我在Dockerfile中设置的所有权和在Docker-compose文件中设置的服务的用户。

worker:
    build: 
      context: ./services/website
      dockerfile: Dockerfile.celery
    user: nobody
    entrypoint: celery -A src.celery.celery:celery worker --loglevel INFO
    volumes:
      - ./data/worker_logs:/usr/src/app/logs
    env_file:
      - .env
    environment:
      - DEPLOYMENT_TYPE=development
      - LOG_FILE=./logs/worker_logs.log
    depends_on:
      - rabbit
      - web
      - rabbit_mongodb
    restart: on-failure:10
FROM python:3.9.7

WORKDIR /usr/src/app

COPY ./requirements.txt .
RUN pip install -r requirements.txt

COPY . .

RUN chown nobody:nogroup ./
RUN ln -s /run/shm /dev/shm

RUN mkdir -p /usr/src/app/logs
RUN chown nobody:nogroup /usr/src/app/logs

看起来Docker容器正在从服务器获取已挂载卷的权限,但它在我的Mac上没有这样做。我该如何为我的Docker容器设置权限并正确管理这些已挂载卷?注意,AWS Lightsail示例的默认用户是“ubuntu”。

rabbitmq

1条答案

按热度按时间
6tdlim6h

6tdlim6h1#

看起来你的rabbitMQ目录没有权限。在我的例子中,它在/opt/rabbitmq中,我这样解决它:

chmod 666 -R /opt/rabbitmq
赞(0)分享  回复(0)举报  2022-11-08
我来回答

相关问题

    查看更多
    微信公众号

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新问答

    更多
    • 蜀ICP备13028337号-1 大数据知识库 https://www.saoniuhuo.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com