文档建议反馈控制台
首页
学习
活动
专区
圈层
工具
MCP广场
文章/答案/技术大牛
发布
社区首页 >问答首页 >Prometheus operator“打开查询日志文件错误:权限被拒绝”

Prometheus operator“打开查询日志文件错误:权限被拒绝”
EN

Stack Overflow用户
提问于 2020-10-31 20:50:40
回答 1查看 4.6K关注 0票数 1

我试图在Kubernetes上运行Prometheus operator,但在Rancher-RBD上尝试持久化数据后,出现错误:

代码语言:javascript
复制
level=info ts=2020-10-31T12:40:33.171Z caller=main.go:353 msg="Starting Prometheus" version="(version=2.22.0, branch=HEAD, revision=0a7fdd3b76960808c3a91d92267c3d815c1bc354)"
level=info ts=2020-10-31T12:40:33.171Z caller=main.go:358 build_context="(go=go1.15.3, user=root@6321101b2c50, date=20201015-12:29:59)"
level=info ts=2020-10-31T12:40:33.171Z caller=main.go:359 host_details="(Linux 4.14.35-1902.3.2.el7uek.x86_64 #2 SMP Tue Jul 30 03:59:02 GMT 2019 x86_64 prometheus-prometheus-0 (none))"
level=info ts=2020-10-31T12:40:33.171Z caller=main.go:360 fd_limits="(soft=1048576, hard=1048576)"
level=info ts=2020-10-31T12:40:33.171Z caller=main.go:361 vm_limits="(soft=unlimited, hard=unlimited)"
level=error ts=2020-10-31T12:40:33.173Z caller=query_logger.go:87 component=activeQueryTracker msg="Error opening query log file" file=/prometheus/queries.active err="open /prometheus/queries.active: permission denied"
panic: Unable to create mmap-ed active query log
goroutine 1 [running]:
github.com/prometheus/prometheus/promql.NewActiveQueryTracker(0x7fff711299c3, 0xb, 0x14, 0x30867c0, 0xc000e6f050, 0x30867c0)
    /app/promql/query_logger.go:117 +0x4cf
main.main()
    /app/cmd/prometheus/main.go:388 +0x536c

这是我的操作员部署:

代码语言:javascript
复制
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app.kubernetes.io/component: controller
    app.kubernetes.io/name: prometheus-operator
    app.kubernetes.io/version: v0.43.0
  name: prometheus-operator
  namespace: monitorings
spec:
  replicas: 1
  selector:
    matchLabels:
      app.kubernetes.io/component: controller
      app.kubernetes.io/name: prometheus-operator
  template:
    metadata:
      labels:
        app.kubernetes.io/component: controller
        app.kubernetes.io/name: prometheus-operator
        app.kubernetes.io/version: v0.43.0
    spec:
      containers:
      - args:
        - --kubelet-service=kube-system/kubelet
        - --logtostderr=true
        - --prometheus-config-reloader=quay.io/prometheus-operator/prometheus-config-reloader:v0.43.0
        image: quay.io/prometheus-operator/prometheus-operator:v0.43.0
        name: prometheus-operator
        ports:
        - containerPort: 8080
          name: http
        resources:
          limits:
            cpu: 200m
            memory: 200Mi
          requests:
            cpu: 100m
            memory: 100Mi
        securityContext:
          allowPrivilegeEscalation: false
      nodeSelector:
        beta.kubernetes.io/os: linux
      securityContext:
        runAsNonRoot: true
        runAsUser: 65534
      serviceAccountName: prometheus-operator

我试图添加一个initContainers来更改权限,但问题已经存在:

代码语言:javascript
复制
apiVersion: monitoring.coreos.com/v1
kind: Prometheus
metadata:
  name: prometheus
  labels:
    app: strimzi
spec:
  replicas: 1
  serviceAccountName: prometheus-server
  podMonitorSelector:
    matchLabels:
      app: strimzi
  resources:
    requests:
      memory: 400Mi
  enableAdminAPI: false
  ruleSelector:
    matchLabels:
      role: alert-rules
      app: strimzi
  alerting:
    alertmanagers:
    - namespace: monitorings
      name: alertmanager
      port: alertmanager
  additionalScrapeConfigs:
    name: additional-scrape-configs
    key: prometheus-additional.yaml
  imagePullSecrets:
        - name: nexuspullsecret
  initContainers:
    - name: init
      image: debian:stable
      command:  ["chmod", "-R", "777", "/mnt"]
      volumeMounts:
      - name: prometheus-prometheus-db
        mountPath: /mnt
        subPath: prometheus
  storage:
    volumeClaimTemplate:
      spec:
        storageClassName: rancher-rbd
        name: prometheus-prometheus-db
        resources:
          requests:
            storage: 10Gi
kubernetes
prometheus-operator
EN

回答 1

Stack Overflow用户

回答已采纳

发布于 2020-11-01 13:28:44

我像这样修改了我的initContainers,它可以工作了:

代码语言:javascript
复制
  initContainers:
      - name: "init-datapath"
        image: debian:stable
        command: ["chown", "-R", "65534:65534", "/data"]
        command: ["/bin/chmod","-R","777","/data"]
        volumeMounts:
        - name: prometheus-prometheus-db
          mountPath: /data
          subPath: ""

  storage:
    volumeClaimTemplate:
      spec:
        storageClassName: rancher-rbd
        name: prometheus-prometheus-db
        resources:
          requests:
            storage: 10Gi
票数 3
EN
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:

https://stackoverflow.com/questions/64621872

复制
相关文章

相似问题

领券

腾讯云开发者

扫码关注腾讯云开发者

扫码关注腾讯云开发者

领取腾讯云代金券

热门产品

热门推荐

更多推荐

Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有 

深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 粤公网安备44030502008569号

腾讯云计算(北京)有限责任公司 京ICP证150476号 |  京ICP备11018762号

问题归档专栏文章快讯文章归档关键词归档开发者手册归档开发者手册 Section 归档