docker - apache2:权限被拒绝:AH00072:make_sock:无法绑定到地址 0.0.0.0:80 没有可用的侦听套接字,正在关闭
问题描述
我正在尝试一个非常简单的教程,解释如何将 docker-compose 转换为 minishift (Minishift 和 Kompose。我尝试转换并推送 docker-compose.yml 示例
version: "2"
services:
redis-master:
image: k8s.gcr.io/redis:e2e
ports:
- "6379"
redis-slave:
image: gcr.io/google_samples/gb-redisslave:v1
ports:
- "6379"
environment:
- GET_HOSTS_FROM=dns
frontend:
image: gcr.io/google-samples/gb-frontend:v4
ports:
- "80:80"
environment:
- GET_HOSTS_FROM=dns
labels:
kompose.service.type: LoadBalancer
从这些日志中可以看出,我成功地撰写和推送:
C:\Users\Cast\docker-compose-to-minishift>kompose-windows-amd64 up --provider=openshift
[36mINFO[0m We are going to create OpenShift DeploymentConfigs, Services and PersistentVolumeClaims for your Dockerized application.
If you need different kind of resources, use the 'kompose convert' and 'oc create -f' commands instead.
[36mINFO[0m Deploying application in "myproject" namespace
[36mINFO[0m Successfully created Service: frontend
[36mINFO[0m Successfully created Service: redis-master
[36mINFO[0m Successfully created Service: redis-slave
[36mINFO[0m Successfully created DeploymentConfig: frontend
[36mINFO[0m Successfully created ImageStream: frontend
[36mINFO[0m Successfully created DeploymentConfig: redis-master
[36mINFO[0m Successfully created ImageStream: redis-master
[36mINFO[0m Successfully created DeploymentConfig: redis-slave
[36mINFO[0m Successfully created ImageStream: redis-slave
Your application has been deployed to OpenShift. You can run 'oc get dc,svc,is,pvc' for details.
C:\Users\Cast\docker-compose-to-minishift>oc get dc
NAME REVISION DESIRED CURRENT TRIGGERED BY
frontend 0 1 0 config,image(frontend:v4)
redis-master 1 1 1 config,image(redis-master:e2e)
redis-slave 1 1 1 config,image(redis-slave:v1)
然而,我无法访问 Web 应用程序并查看我发现“容器前端经常崩溃。它必须等待才能再次重新启动”的日志并单击详细信息:
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.17.0.13. Set the 'ServerName' directive globally to suppress this message
(13)Permission denied: AH00072: make_sock: could not bind to address [::]:80
(13)Permission denied: AH00072: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
AH00015: Unable to open logs
环顾四周,我发现有人建议将端口 80 更改为一些非 root 特权端口(例如 8080)。所以我在我的 docker-compose 中更改了它,手动删除了命名空间 myproject,在 OpenShift Web 控制台中重新创建了它,然后我尝试再次运行。具有相同消息的完全相同的异常。
如果它是相关的,我有另一个 cmd 窗口
C:\Users\Cast\docker-compose-to-minishift>kubectl proxy --port=8080
Starting to serve on 127.0.0.1:8080
我从 docker-compose 迁移到 minishift(老实说,第一次使用 Kompose 工具)是个初学者。
我的主要问题:如果我已经在 docker-compose 中将端口从 80:80 更改为 8080:8080,为什么我仍然会遇到同样的问题
frontend:
image: gcr.io/google-samples/gb-frontend:v4
ports:
- "8080:8080"
第二个问题:我必须检查什么才能看到为什么我不能启动 pront-end 服务?提供的例外情况非常有限。
*** 已编辑
由 kompose 转换的 docker-compose(仅前端文件)
前端图像流
apiVersion: v1
kind: ImageStream
metadata:
creationTimestamp: null
labels:
io.kompose.service: frontend
name: frontend
spec:
tags:
- annotations: null
from:
kind: DockerImage
name: gcr.io/google-samples/gb-frontend:v4
generation: null
importPolicy: {}
name: v4
status:
dockerImageRepository: ""
前端服务
apiVersion: v1
kind: Service
metadata:
annotations:
kompose.cmd: C:\tools\kompose-windows-amd64.exe convert --provider=openshift
kompose.service.type: LoadBalancer
kompose.version: 1.19.0 (f63a961c)
creationTimestamp: null
labels:
io.kompose.service: frontend
name: frontend
spec:
ports:
- name: "8080"
port: 8080
targetPort: 8080
selector:
io.kompose.service: frontend
type: LoadBalancer
status:
loadBalancer: {}
前端部署配置
apiVersion: v1
kind: DeploymentConfig
metadata:
annotations:
kompose.cmd: C:\tools\kompose-windows-amd64.exe convert --provider=openshift
kompose.service.type: LoadBalancer
kompose.version: 1.19.0 (f63a961c)
creationTimestamp: null
labels:
io.kompose.service: frontend
name: frontend
spec:
replicas: 1
selector:
io.kompose.service: frontend
strategy:
resources: {}
template:
metadata:
creationTimestamp: null
labels:
io.kompose.service: frontend
spec:
containers:
- env:
- name: GET_HOSTS_FROM
value: dns
image: ' '
name: frontend
ports:
- containerPort: 8080
resources: {}
restartPolicy: Always
test: false
triggers:
- type: ConfigChange
- imageChangeParams:
automatic: true
containerNames:
- frontend
from:
kind: ImageStreamTag
name: frontend:v4
type: ImageChange
status: {}
添加了所有日志(我删除了 Redis,只留下了 FrontEnd 服务,因为它是唯一的问题):
Windows PowerShell
Copyright (C) Microsoft Corporation. Todos os direitos reservados.
Experimente a nova plataforma cruzada PowerShell https://aka.ms/pscore6
PS C:\Windows\system32> cd C:\to_learn\docker-compose-to-minishift\first-try
PS C:\to_learn\docker-compose-to-minishift\first-try> kompose-windows-amd64 up --provider=openshift
[36mINFO[0m We are going to create OpenShift DeploymentConfigs, Services and PersistentVolumeClaims for your Dockerized application.
If you need different kind of resources, use the 'kompose convert' and 'oc create -f' commands instead.
[36mINFO[0m Deploying application in "myproject" namespace
[36mINFO[0m Successfully created Service: frontend
[36mINFO[0m Successfully created DeploymentConfig: frontend
[36mINFO[0m Successfully created ImageStream: frontend
Your application has been deployed to OpenShift. You can run 'oc get dc,svc,is,pvc' for details.
PS C:\to_learn\docker-compose-to-minishift\first-try> oc expose service/frontend
route.route.openshift.io/frontend exposed
PS C:\to_learn\docker-compose-to-minishift\first-try> minishift openshift service frontend --namespace=myproject
|-----------|----------|----------------------|-------------------------------------------------|--------|
| NAMESPACE | NAME | NODEPORT | ROUTE-URL | WEIGHT |
|-----------|----------|----------------------|-------------------------------------------------|--------|
| myproject | frontend | 192.168.99.101:30215 | http://frontend-myproject.192.168.99.101.nip.io | |
|-----------|----------|----------------------|-------------------------------------------------|--------|
PS C:\to_learn\docker-compose-to-minishift\first-try>
当我尝试在 Chrome中打开http://frontend-myproject.192.168.99.101.nip.io时:
Application is not available
The application is currently not serving requests at this endpoint. It may not have been started or is still starting.
...
已编辑(尝试部署另一个示例应用程序)
PS C:\to_learn\docker-compose-to-minishift\first-try> nslookup x.127.0.0.1.xip.io
Servidor: one.one.one.one
Address: 1.1.1.1
Não é resposta autoritativa:
Nome: x.127.0.0.1.xip.io
Address: 127.0.0.1
PS C:\to_learn\docker-compose-to-minishift\first-try> oc version
oc v3.11.0+0cbc58b
kubernetes v1.11.0+d4cacc0
features: Basic-Auth SSPI Kerberos SPNEGO
Server https://192.168.99.101:8443
kubernetes v1.11.0+d4cacc0
PS C:\to_learn\docker-compose-to-minishift\first-try> oc new-app --name='cotd' --labels name='cotd' php~https://github.com/devopswith-openshift/cotd.git -e SELECTOR=cats
--> Found image dc5aa55 (2 months old) in image stream "openshift/php" under tag "7.1" for "php"
Apache 2.4 with PHP 7.1
-----------------------
PHP 7.1 available as container is a base platform for building and running various PHP 7.1 applications and frameworks. PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts.
Tags: builder, php, php71, rh-php71
* A source build using source code from https://github.com/devopswith-openshift/cotd.git will be created
* The resulting image will be pushed to image stream tag "cotd:latest"
* Use 'start-build' to trigger a new build
* This image will be deployed in deployment config "cotd"
* Ports 8080/tcp, 8443/tcp will be load balanced by service "cotd"
* Other containers can access this service through the hostname "cotd"
--> Creating resources with label name=cotd ...
imagestream.image.openshift.io "cotd" created
buildconfig.build.openshift.io "cotd" created
deploymentconfig.apps.openshift.io "cotd" created
service "cotd" created
--> Success
Build scheduled, use 'oc logs -f bc/cotd' to track its progress.
Application is not exposed. You can expose services to the outside world by executing one or more of the commands below:
'oc expose svc/cotd'
Run 'oc status' to view your app.
PS C:\to_learn\docker-compose-to-minishift\first-try> oc expose svc/cotd
route.route.openshift.io/cotd exposed
PS C:\to_learn\docker-compose-to-minishift\first-try> oc status
In project myproject on server https://192.168.99.101:8443
http://cotd-myproject.192.168.99.101.nip.io to pod port 8080-tcp (svc/cotd)
dc/cotd deploys istag/cotd:latest <-
bc/cotd source builds https://github.com/devopswith-openshift/cotd.git on openshift/php:7.1
build #1 pending for 11 minutes
deployment #1 waiting on image or update
http://frontend-myproject.192.168.99.101.nip.io to pod port 8080 (svc/frontend)
dc/frontend deploys istag/frontend:v4
deployment #1 waiting on image or update
4 infos identified, use 'oc status --suggest' to see details.
PS C:\to_learn\docker-compose-to-minishift\first-try> oc status --suggest
In project myproject on server https://192.168.99.101:8443
http://cotd-myproject.192.168.99.101.nip.io to pod port 8080-tcp (svc/cotd)
dc/cotd deploys istag/cotd:latest <-
bc/cotd source builds https://github.com/devopswith-openshift/cotd.git on openshift/php:7.1
build #1 pending for 12 minutes
deployment #1 waiting on image or update
http://frontend-myproject.192.168.99.101.nip.io to pod port 8080 (svc/frontend)
dc/frontend deploys istag/frontend:v4
deployment #1 waiting on image or update
Info:
* dc/cotd has no readiness probe to verify pods are ready to accept traffic or ensure deployment is successful.
try: oc set probe dc/cotd --readiness ...
* dc/cotd has no liveness probe to verify pods are still running.
try: oc set probe dc/cotd --liveness ...
* dc/frontend has no readiness probe to verify pods are ready to accept traffic or ensure deployment is successful.
try: oc set probe dc/frontend --readiness ...
* dc/frontend has no liveness probe to verify pods are still running.
try: oc set probe dc/frontend --liveness ...
View details with 'oc describe <resource>/<name>' or list everything with 'oc get all'.
PS C:\to_learn\docker-compose-to-minishift\first-try>
构建待定状态
解决方案
当您使用像 bitnami 官方图像这样的非 root 容器时会发生这种情况。
当需要与主机网络绑定时,我们使用了user:root和network_mode: host。
apache:
image: bitnami/apache:2.4
container_name: "apache"
ports:
- 80:80
network_mode: host
privileged: true
user: root
environment:
DOCKER_HOST: "unix:///var/run/docker.sock"
env_file:
- .env
volumes:
- ./setup/apache/httpd.conf:/opt/bitnami/apache/conf/httpd.conf
推荐阅读
- openshift - Openshift 4 RBAC
- sql-server - 存储过程过度 - 插入多个表
- angular - Angular 的自定义表单数组的验证对于异步验证器保持为 PENDING
- wordpress - 是否需要在 Order 对象更新时调用 save 方法?
- unity3d - 如何从命令行构建 Unity 生成的 Xcode 项目
- python - 如何将浮点数元组转换为整数元组
- c# - CrmServiceClient 错误:2:无法连接到 CRM:找不到方法:OrganizationDetail.get_EnvironmentId()
- node.js - node.js 中的多线程与 express
- minecraft-forge - Forge 1.16.5 获得物品的攻击伤害
- python - 在 Python 中定义函数时的参数解包