以下情况正在发生。
- 我使用 terraform 管理我的 AWS 基础设施。
- 我使用脚本和远程执行设置软件基础架构
- 我上传以下脚本:
TARGET_DEPLOYMENT_DIR=/home/ubuntu/deployment
export XDG_RUNTIME_DIR=/run/user/$UID
[[ "$( file -s /dev/nvme1n1 | grep 'ext4' )" == "" ]] && mkfs -t ext4 /dev/nvme1n1
mkdir /data
# mount volume to /data
mount /dev/nvme1n1 /data
chown -R ubuntu /data
ls $TARGET_DEPLOYMENT_DIR
cd $TARGET_DEPLOYMENT_DIR
yes | apt-get install python3.7
sudo -u ubuntu python3 obtain_assets.py
yes | apt-get remove docker docker-engine docker.io containerd runc
yes | apt-get update
yes | apt-get install apt-transport-https ca-certificates curl gnupg-agent software-properties-common
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add -
yes | add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
yes | apt-get update
# install rootless support for docker -> docker-ce-rootless-extras
yes | apt-get install docker-ce docker-ce-cli containerd.io docker-ce-rootless-extras uidmap
curl -L "https://github.com/docker/compose/releases/download/1.28.4/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose
# the following 2 sysctl options need to be set to run docker rootless
# enabling user namespaces
sysctl kernel.unprivileged_userns_clone=1
# making ports above 443 unprivileged
sysctl net.ipv4.ip_unprivileged_port_start=443
# allowing mount in user namespaces
modprobe overlay permit_mounts_in_userns=1
# to setup docker rootless we disable the original docker
systemctl disable --now docker.service
# use the script provided by docker-ce-rootless-extras to install docker rootless as a non-root user
sudo -u ubuntu dockerd-rootless-setuptool.sh install
# use user specific socket instead of default docker socket
echo 'export DOCKER_HOST=unix:///run/user/1000/docker.sock' >> /home/ubuntu/.bashrc
# to store data not in the default docker position but in mounted EBS /data we create symbolic link
sudo -u ubuntu systemctl --user start docker
# to launch the daemon on system startup
sudo -u ubuntu systemctl --user enable docker
loginctl enable-linger $(whoami)
# we remove default docker/volumes directory and replace it with symbolic link to EBS volume
rm -r /home/ubuntu/.local/share/docker/volumes
ln -s /data /home/ubuntu/.local/share/docker/volumes
- 我使用以下命令从 terraform 执行此脚本:
provisioner "remote-exec" {
connection {
type = "ssh"
host = var.public_ip
user = "ubuntu"
private_key = var.config.ssh_private_key
}
inline = [
"sudo /bin/bash ${var.config.target_deployment_dir}/instance-setup.sh ${var.config.target_deployment_dir}",
]
}
- 我收到以下错误:
module.software.null_resource.upload_soft (remote-exec): [INFO] systemd not detected, dockerd-rootless.sh needs to be started manually:
module.software.null_resource.upload_soft (remote-exec): PATH=/usr/bin:/sbin:/usr/sbin:$PATH dockerd-rootless.sh
module.software.null_resource.upload_soft (remote-exec): [INFO] Creating CLI context "rootless"
module.software.null_resource.upload_soft (remote-exec): Successfully created context "rootless"
module.software.null_resource.upload_soft (remote-exec): [INFO] Make sure the following environment variables are set (or add them to ~/.bashrc):
module.software.null_resource.upload_soft (remote-exec): # WARNING: systemd not found. You have to remove XDG_RUNTIME_DIR manually on every logout.
module.software.null_resource.upload_soft (remote-exec): export XDG_RUNTIME_DIR=/home/ubuntu/.docker/run
module.software.null_resource.upload_soft (remote-exec): export PATH=/usr/bin:$PATH
module.software.null_resource.upload_soft (remote-exec): export DOCKER_HOST=unix:///home/ubuntu/.docker/run/docker.sock
module.software.null_resource.upload_soft (remote-exec): Failed to connect to bus: No such file or directory
module.software.null_resource.upload_soft (remote-exec): Failed to connect to bus: No such file or directory
module.software.null_resource.upload_soft (remote-exec): rm: cannot remove '/home/ubuntu/.local/share/docker/volumes': No such file or directory
module.software.null_resource.upload_soft (remote-exec): ln: failed to create symbolic link '/home/ubuntu/.local/share/docker/volumes': No such file or directory
最初,脚本中的所有命令都在“remote-exec”的“内联”块中执行,并且有效。然后我将命令移动到 instance-setup.sh 从需要以超级用户身份运行的命令中删除了“sudo”,将“sudo -u ubutnu”添加到需要以“ubuntu”用户身份执行的命令中并运行整个脚本为“sudo”。它会抛出这些错误。所以基本上 docker rootless 没有正确安装。你有任何想法如何解决这个问题吗?