Cannot run the image in Kubernetes
deltaag opened this issue · 9 comments
deltaag commented
I am trying to spin up the image in Rancher 2.0.0 Kubernetes as a deployment but am getting this error message:
sudo: effective uid is not 0, is /usr/bin/sudo on a file system with the 'nosuid' option set or an NFS file system without root privileges?
Kubernetes version: v1.10.1
Wodby/mariadb:10.2-3.1.3
csandanov commented
Sounds like Rancher changes the default user of the container, we run everything from non-root mysql user
deltaag commented
There is a sudo line here:
mariadb/10/docker-entrypoint.sh
Line 9 in c252acc
I am wondering if that is causing the issue.
deltaag commented
Rancher community response: Rancher works above kubernetes. I am not convinced that rancher will change user or other such stuff... that is the scheduler and the kube-manager.
csandanov commented
There's the sudo command in entrypoint but it should be there, sudoers files allows running this script for the default mysql user.
Runs well with just docker:
$ docker run --rm -ti -e MYSQL_ROOT_PASSWORD=password wodby/mariadb:10.2-3.1.3
Initializing database
PLEASE REMEMBER TO SET A PASSWORD FOR THE MariaDB root USER !
To do so, start the server, then issue the following commands:
'/usr/bin/mysqladmin' -u root password 'new-password'
'/usr/bin/mysqladmin' -u root -h password 'new-password'
Alternatively you can run:
'/usr/bin/mysql_secure_installation'
which will also give you the option of removing the test
databases and anonymous user created by default. This is
strongly recommended for production servers.
See the MariaDB Knowledgebase at http://mariadb.com/kb or the
MySQL manual for more instructions.
Please report any problems at http://mariadb.org/jira
The latest information about MariaDB is available at http://mariadb.org/.
You can find additional information about the MySQL part at:
http://dev.mysql.com
Consider joining MariaDB's strong and vibrant community:
https://mariadb.org/get-involved/
Database initialized
MySQL init process in progress...
2018-05-17 10:45:48 140191196965768 [Note] mysqld (mysqld 10.2.14-MariaDB) starting as process 107 ...
2018-05-17 10:45:48 140191196965768 [Note] InnoDB: Mutexes and rw_locks use GCC atomic builtins
2018-05-17 10:45:48 140191196965768 [Note] InnoDB: Uses event mutexes
2018-05-17 10:45:48 140191196965768 [Note] InnoDB: Compressed tables use zlib 1.2.11
2018-05-17 10:45:48 140191196965768 [Note] InnoDB: Using Linux native AIO
2018-05-17 10:45:48 140191196965768 [Note] InnoDB: Number of pools: 1
2018-05-17 10:45:48 140191196965768 [Note] InnoDB: Using SSE2 crc32 instructions
2018-05-17 10:45:48 140191196965768 [Note] InnoDB: Initializing buffer pool, total size = 1G, instances = 4, chunk size = 128M
2018-05-17 10:45:48 140191196965768 [Note] InnoDB: Completed initialization of buffer pool
2018-05-17 10:45:48 140189721828072 [Note] InnoDB: If the mysqld execution user is authorized, page cleaner thread priority can be changed. See the man page of setpriority().
2018-05-17 10:45:48 140191196965768 [Note] InnoDB: Highest supported file format is Barracuda.
2018-05-17 10:45:49 140191196965768 [Note] InnoDB: 128 out of 128 rollback segments are active.
2018-05-17 10:45:49 140191196965768 [Note] InnoDB: Creating shared tablespace for temporary tables
2018-05-17 10:45:49 140191196965768 [Note] InnoDB: Setting file './ibtmp1' size to 12 MB. Physically writing the file full; Please wait ...
2018-05-17 10:45:49 140191196965768 [Note] InnoDB: File './ibtmp1' size is now 12 MB.
2018-05-17 10:45:49 140191196965768 [Note] InnoDB: Waiting for purge to start
MySQL init process in progress...
2018-05-17 10:45:49 140191196965768 [Note] InnoDB: 5.7.21 started; log sequence number 1619994
2018-05-17 10:45:49 140189750827752 [Note] InnoDB: Loading buffer pool(s) from /var/lib/mysql/ib_buffer_pool
2018-05-17 10:45:49 140191196965768 [Note] Plugin 'FEEDBACK' is disabled.
2018-05-17 10:45:49 140191196965768 [Warning] 'user' entry 'root@a3e0d5faf9b7' ignored in --skip-name-resolve mode.
2018-05-17 10:45:49 140191196965768 [Warning] 'user' entry '@a3e0d5faf9b7' ignored in --skip-name-resolve mode.
2018-05-17 10:45:49 140191196965768 [Warning] 'proxies_priv' entry '@% root@a3e0d5faf9b7' ignored in --skip-name-resolve mode.
2018-05-17 10:45:49 140189750827752 [Note] InnoDB: Buffer pool(s) load completed at 180517 10:45:49
2018-05-17 10:45:49 140191196965768 [Note] Reading of all Master_info entries succeded
2018-05-17 10:45:49 140191196965768 [Note] Added new Master_info '' to hash table
2018-05-17 10:45:49 140191196965768 [Note] mysqld: ready for connections.
Version: '10.2.14-MariaDB' socket: '/var/run/mysqld/mysqld.sock' port: 0 MariaDB Server
2018-05-17 10:45:51 140189741632232 [Warning] 'proxies_priv' entry '@% root@a3e0d5faf9b7' ignored in --skip-name-resolve mode.
2018-05-17 10:45:51 140189741312744 [Note] mysqld (initiated by: unknown): Normal shutdown
2018-05-17 10:45:51 140189741312744 [Note] Event Scheduler: Purging the queue. 0 events
2018-05-17 10:45:51 140189751298792 [Note] InnoDB: FTS optimize thread exiting.
2018-05-17 10:45:51 140189741312744 [Note] InnoDB: Starting shutdown...
2018-05-17 10:45:51 140189750827752 [Note] InnoDB: Dumping buffer pool(s) to /var/lib/mysql/ib_buffer_pool
2018-05-17 10:45:51 140189750827752 [Note] InnoDB: Buffer pool(s) dump completed at 180517 10:45:51
2018-05-17 10:45:53 140189741312744 [Note] InnoDB: Shutdown completed; log sequence number 1620022
2018-05-17 10:45:53 140189741312744 [Note] InnoDB: Removed temporary tablespace data file: "ibtmp1"
2018-05-17 10:45:53 140189741312744 [Note] mysqld: Shutdown complete
MySQL init process done. Ready for start up.
2018-05-17 10:45:53 139638714366856 [Note] mysqld (mysqld 10.2.14-MariaDB) starting as process 1 ...
2018-05-17 10:45:53 139638714366856 [Note] InnoDB: Mutexes and rw_locks use GCC atomic builtins
2018-05-17 10:45:53 139638714366856 [Note] InnoDB: Uses event mutexes
2018-05-17 10:45:53 139638714366856 [Note] InnoDB: Compressed tables use zlib 1.2.11
2018-05-17 10:45:53 139638714366856 [Note] InnoDB: Using Linux native AIO
2018-05-17 10:45:53 139638714366856 [Note] InnoDB: Number of pools: 1
2018-05-17 10:45:53 139638714366856 [Note] InnoDB: Using SSE2 crc32 instructions
2018-05-17 10:45:53 139638714366856 [Note] InnoDB: Initializing buffer pool, total size = 1G, instances = 4, chunk size = 128M
2018-05-17 10:45:53 139638714366856 [Note] InnoDB: Completed initialization of buffer pool
2018-05-17 10:45:53 139637239229160 [Note] InnoDB: If the mysqld execution user is authorized, page cleaner thread priority can be changed. See the man page of setpriority().
2018-05-17 10:45:53 139638714366856 [Note] InnoDB: Highest supported file format is Barracuda.
2018-05-17 10:45:54 139638714366856 [Note] InnoDB: 128 out of 128 rollback segments are active.
2018-05-17 10:45:54 139638714366856 [Note] InnoDB: Creating shared tablespace for temporary tables
2018-05-17 10:45:54 139638714366856 [Note] InnoDB: Setting file './ibtmp1' size to 12 MB. Physically writing the file full; Please wait ...
2018-05-17 10:45:54 139638714366856 [Note] InnoDB: File './ibtmp1' size is now 12 MB.
2018-05-17 10:45:54 139638714366856 [Note] InnoDB: Waiting for purge to start
2018-05-17 10:45:54 139638714366856 [Note] InnoDB: 5.7.21 started; log sequence number 1620022
2018-05-17 10:45:54 139637268228840 [Note] InnoDB: Loading buffer pool(s) from /var/lib/mysql/ib_buffer_pool
2018-05-17 10:45:54 139638714366856 [Note] Plugin 'FEEDBACK' is disabled.
2018-05-17 10:45:54 139637268228840 [Note] InnoDB: Buffer pool(s) load completed at 180517 10:45:54
2018-05-17 10:45:54 139638714366856 [Note] Server socket created on IP: '0.0.0.0'.
2018-05-17 10:45:54 139638714366856 [Warning] 'proxies_priv' entry '@% root@a3e0d5faf9b7' ignored in --skip-name-resolve mode.
2018-05-17 10:45:54 139638714366856 [Note] Reading of all Master_info entries succeded
2018-05-17 10:45:54 139638714366856 [Note] Added new Master_info '' to hash table
2018-05-17 10:45:54 139638714366856 [Note] mysqld: ready for connections.
Version: '10.2.14-MariaDB' socket: '/var/run/mysqld/mysqld.sock' port: 3306 MariaDB Serverdeltaag commented
I can confirm it runs in docker.
deltaag commented
I can neither run wodby/drupal-php:7.1-dev-4.4.2 nor wodby/drupal-nginx:8-1.13-4.1.0
davidsteinberger commented
I ran into the same problem. Is there any way to get this image to run on ranger 2 K8?
davidsteinberger commented
I looked up the K8 documentation. I think AllowPrivilegeEscalation is what we are looking for here.
To change that in Ranger 2 go to your workload, click on Edit -> Show advanced options -> Security & Host Config and set Privileged to No and Privilege Escalation to Yes.
deltaag commented
Thanks @davidsteinberger that is the solution.