时间戳

首页 > 解决方案 > apache2:权限被拒绝:AH00072:make_sock:无法绑定到地址 0.0.0.0:80 没有可用的侦听套接字,正在关闭

docker - apache2:权限被拒绝:AH00072:make_sock:无法绑定到地址 0.0.0.0:80 没有可用的侦听套接字,正在关闭

问题描述

我正在尝试一个非常简单的教程,解释如何将 docker-compose 转换为 minishift (Minishift 和 Kompose。我尝试转换并推送 docker-compose.yml 示例

version: "2"

services:

  redis-master:
    image: k8s.gcr.io/redis:e2e 
    ports:
      - "6379"

  redis-slave:
    image: gcr.io/google_samples/gb-redisslave:v1
    ports:
      - "6379"
    environment:
      - GET_HOSTS_FROM=dns

  frontend:
    image: gcr.io/google-samples/gb-frontend:v4
    ports:
      - "80:80"
    environment:
      - GET_HOSTS_FROM=dns
    labels:
      kompose.service.type: LoadBalancer

从这些日志中可以看出,我成功地撰写和推送:

C:\Users\Cast\docker-compose-to-minishift>kompose-windows-amd64 up --provider=openshift
[36mINFO[0m We are going to create OpenShift DeploymentConfigs, Services and PersistentVolumeClaims for your Dockerized application.
If you need different kind of resources, use the 'kompose convert' and 'oc create -f' commands instead.

[36mINFO[0m Deploying application in "myproject" namespace
[36mINFO[0m Successfully created Service: frontend
[36mINFO[0m Successfully created Service: redis-master
[36mINFO[0m Successfully created Service: redis-slave
[36mINFO[0m Successfully created DeploymentConfig: frontend
[36mINFO[0m Successfully created ImageStream: frontend
[36mINFO[0m Successfully created DeploymentConfig: redis-master
[36mINFO[0m Successfully created ImageStream: redis-master
[36mINFO[0m Successfully created DeploymentConfig: redis-slave
[36mINFO[0m Successfully created ImageStream: redis-slave

Your application has been deployed to OpenShift. You can run 'oc get dc,svc,is,pvc' for details.

C:\Users\Cast\docker-compose-to-minishift>oc get dc
NAME           REVISION   DESIRED   CURRENT   TRIGGERED BY
frontend       0          1         0         config,image(frontend:v4)
redis-master   1          1         1         config,image(redis-master:e2e)
redis-slave    1          1         1         config,image(redis-slave:v1)

然而,我无法访问 Web 应用程序并查看我发现“容器前端经常崩溃。它必须等待才能再次重新启动”的日志并单击详细信息:

AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.17.0.13. Set the 'ServerName' directive globally to suppress this message
(13)Permission denied: AH00072: make_sock: could not bind to address [::]:80
(13)Permission denied: AH00072: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
AH00015: Unable to open logs

环顾四周,我发现有人建议将端口 80 更改为一些非 root 特权端口(例如 8080)。所以我在我的 docker-compose 中更改了它,手动删除了命名空间 myproject,在 OpenShift Web 控制台中重新创建了它,然后我尝试再次运行。具有相同消息的完全相同的异常。

如果它是相关的,我有另一个 cmd 窗口

C:\Users\Cast\docker-compose-to-minishift>kubectl proxy --port=8080
Starting to serve on 127.0.0.1:8080

我从 docker-compose 迁移到 minishift(老实说,第一次使用 Kompose 工具)是个初学者。

我的主要问题:如果我已经在 docker-compose 中将端口从 80:80 更改为 8080:8080,为什么我仍然会遇到同样的问题

  frontend:
    image: gcr.io/google-samples/gb-frontend:v4
    ports:
      - "8080:8080"

第二个问题:我必须检查什么才能看到为什么我不能启动 pront-end 服务?提供的例外情况非常有限。

*** 已编辑

由 kompose 转换的 docker-compose(仅前端文件)

前端图像流

apiVersion: v1
kind: ImageStream
metadata:
  creationTimestamp: null
  labels:
    io.kompose.service: frontend
  name: frontend
spec:
  tags:
  - annotations: null
    from:
      kind: DockerImage
      name: gcr.io/google-samples/gb-frontend:v4
    generation: null
    importPolicy: {}
    name: v4
status:
  dockerImageRepository: ""

前端服务

apiVersion: v1
kind: Service
metadata:
  annotations:
    kompose.cmd: C:\tools\kompose-windows-amd64.exe convert --provider=openshift
    kompose.service.type: LoadBalancer
    kompose.version: 1.19.0 (f63a961c)
  creationTimestamp: null
  labels:
    io.kompose.service: frontend
  name: frontend
spec:
  ports:
  - name: "8080"
    port: 8080
    targetPort: 8080
  selector:
    io.kompose.service: frontend
  type: LoadBalancer
status:
  loadBalancer: {}

前端部署配置

apiVersion: v1
kind: DeploymentConfig
metadata:
  annotations:
    kompose.cmd: C:\tools\kompose-windows-amd64.exe convert --provider=openshift
    kompose.service.type: LoadBalancer
    kompose.version: 1.19.0 (f63a961c)
  creationTimestamp: null
  labels:
    io.kompose.service: frontend
  name: frontend
spec:
  replicas: 1
  selector:
    io.kompose.service: frontend
  strategy:
    resources: {}
  template:
    metadata:
      creationTimestamp: null
      labels:
        io.kompose.service: frontend
    spec:
      containers:
      - env:
        - name: GET_HOSTS_FROM
          value: dns
        image: ' '
        name: frontend
        ports:
        - containerPort: 8080
        resources: {}
      restartPolicy: Always
  test: false
  triggers:
  - type: ConfigChange
  - imageChangeParams:
      automatic: true
      containerNames:
      - frontend
      from:
        kind: ImageStreamTag
        name: frontend:v4
    type: ImageChange
status: {}

添加了所有日志(我删除了 Redis,只留下了 FrontEnd 服务,因为它是唯一的问题):

Windows PowerShell
Copyright (C) Microsoft Corporation. Todos os direitos reservados.

Experimente a nova plataforma cruzada PowerShell https://aka.ms/pscore6

PS C:\Windows\system32> cd C:\to_learn\docker-compose-to-minishift\first-try
PS C:\to_learn\docker-compose-to-minishift\first-try> kompose-windows-amd64 up --provider=openshift
[36mINFO[0m We are going to create OpenShift DeploymentConfigs, Services and PersistentVolumeClaims for your Dockerized application.
If you need different kind of resources, use the 'kompose convert' and 'oc create -f' commands instead.

[36mINFO[0m Deploying application in "myproject" namespace
[36mINFO[0m Successfully created Service: frontend
[36mINFO[0m Successfully created DeploymentConfig: frontend
[36mINFO[0m Successfully created ImageStream: frontend

Your application has been deployed to OpenShift. You can run 'oc get dc,svc,is,pvc' for details.
PS C:\to_learn\docker-compose-to-minishift\first-try> oc expose service/frontend
route.route.openshift.io/frontend exposed
PS C:\to_learn\docker-compose-to-minishift\first-try> minishift openshift service frontend --namespace=myproject
|-----------|----------|----------------------|-------------------------------------------------|--------|
| NAMESPACE |   NAME   |       NODEPORT       |                    ROUTE-URL                    | WEIGHT |
|-----------|----------|----------------------|-------------------------------------------------|--------|
| myproject | frontend | 192.168.99.101:30215 | http://frontend-myproject.192.168.99.101.nip.io |        |
|-----------|----------|----------------------|-------------------------------------------------|--------|
PS C:\to_learn\docker-compose-to-minishift\first-try>

当我尝试在 Chrome中打开http://frontend-myproject.192.168.99.101.nip.io时:

Application is not available
The application is currently not serving requests at this endpoint. It may not have been started or is still starting.
...

已编辑(尝试部署另一个示例应用程序)

PS C:\to_learn\docker-compose-to-minishift\first-try>  nslookup x.127.0.0.1.xip.io
Servidor:  one.one.one.one
Address:  1.1.1.1

Não é resposta autoritativa:
Nome:    x.127.0.0.1.xip.io
Address:  127.0.0.1

PS C:\to_learn\docker-compose-to-minishift\first-try> oc version
oc v3.11.0+0cbc58b
kubernetes v1.11.0+d4cacc0
features: Basic-Auth SSPI Kerberos SPNEGO

Server https://192.168.99.101:8443
kubernetes v1.11.0+d4cacc0
PS C:\to_learn\docker-compose-to-minishift\first-try>  oc new-app --name='cotd' --labels name='cotd' php~https://github.com/devopswith-openshift/cotd.git -e SELECTOR=cats
--> Found image dc5aa55 (2 months old) in image stream "openshift/php" under tag "7.1" for "php"

    Apache 2.4 with PHP 7.1
    -----------------------
    PHP 7.1 available as container is a base platform for building and running various PHP 7.1 applications and frameworks. PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts.

    Tags: builder, php, php71, rh-php71

    * A source build using source code from https://github.com/devopswith-openshift/cotd.git will be created
      * The resulting image will be pushed to image stream tag "cotd:latest"
      * Use 'start-build' to trigger a new build
    * This image will be deployed in deployment config "cotd"
    * Ports 8080/tcp, 8443/tcp will be load balanced by service "cotd"
      * Other containers can access this service through the hostname "cotd"

--> Creating resources with label name=cotd ...
    imagestream.image.openshift.io "cotd" created
    buildconfig.build.openshift.io "cotd" created
    deploymentconfig.apps.openshift.io "cotd" created
    service "cotd" created
--> Success
    Build scheduled, use 'oc logs -f bc/cotd' to track its progress.
    Application is not exposed. You can expose services to the outside world by executing one or more of the commands below:
     'oc expose svc/cotd'
    Run 'oc status' to view your app.
PS C:\to_learn\docker-compose-to-minishift\first-try> oc expose svc/cotd
route.route.openshift.io/cotd exposed
PS C:\to_learn\docker-compose-to-minishift\first-try> oc status
In project myproject on server https://192.168.99.101:8443

http://cotd-myproject.192.168.99.101.nip.io to pod port 8080-tcp (svc/cotd)
  dc/cotd deploys istag/cotd:latest <-
    bc/cotd source builds https://github.com/devopswith-openshift/cotd.git on openshift/php:7.1
      build #1 pending for 11 minutes
    deployment #1 waiting on image or update

http://frontend-myproject.192.168.99.101.nip.io to pod port 8080 (svc/frontend)
  dc/frontend deploys istag/frontend:v4
    deployment #1 waiting on image or update


4 infos identified, use 'oc status --suggest' to see details.
PS C:\to_learn\docker-compose-to-minishift\first-try> oc status --suggest
In project myproject on server https://192.168.99.101:8443

http://cotd-myproject.192.168.99.101.nip.io to pod port 8080-tcp (svc/cotd)
  dc/cotd deploys istag/cotd:latest <-
    bc/cotd source builds https://github.com/devopswith-openshift/cotd.git on openshift/php:7.1
      build #1 pending for 12 minutes
    deployment #1 waiting on image or update

http://frontend-myproject.192.168.99.101.nip.io to pod port 8080 (svc/frontend)
  dc/frontend deploys istag/frontend:v4
    deployment #1 waiting on image or update

Info:
  * dc/cotd has no readiness probe to verify pods are ready to accept traffic or ensure deployment is successful.
    try: oc set probe dc/cotd --readiness ...
  * dc/cotd has no liveness probe to verify pods are still running.
    try: oc set probe dc/cotd --liveness ...
  * dc/frontend has no readiness probe to verify pods are ready to accept traffic or ensure deployment is successful.
    try: oc set probe dc/frontend --readiness ...
  * dc/frontend has no liveness probe to verify pods are still running.
    try: oc set probe dc/frontend --liveness ...

View details with 'oc describe <resource>/<name>' or list everything with 'oc get all'.
PS C:\to_learn\docker-compose-to-minishift\first-try>

构建待定状态

cotd-myproject

标签: dockerkubernetesdocker-composeapache2openshift

解决方案

当您使用像 bitnami 官方图像这样的非 root 容器时会发生这种情况。

当需要与主机网络绑定时,我们使用了user:rootnetwork_mode: host

  apache:
    image: bitnami/apache:2.4
    container_name: "apache"
    ports:
      - 80:80
    network_mode: host
    privileged: true
    user: root
    environment:
      DOCKER_HOST: "unix:///var/run/docker.sock"
    env_file:
      - .env
    volumes:
      - ./setup/apache/httpd.conf:/opt/bitnami/apache/conf/httpd.conf

推荐阅读