我正在研究一个在Docker Swarm Mode群集中处理常见部署任务的构建步骤。作为此是我们和其他人的常见问题ve分享了这个构建步骤作为BitBucket管道:
管道需要使用 docker 命令与远程Docker安装一起使用。但是,这无效,因为在管道运行时找不到Docker可执行文件。
我们的测试存储库管线的以下内容是正确的:
- Docker选项设置为true:
选项:
Docker:是的
- 启用了Docker服务的构建步骤:
main:
- 步:
服务:
- Docker:是的
- Docker在存储库本身中的工作正常,但在管道中不正常。
- 管道日志显示了将码头路径安装到管道容器中:
docker容器运行\
- volume =/opt/atlassian/pipelines/agent/build:/opt/opt/atlassian/pipelines/agent/build \ \
- volume =/opt/atlassian/pipelines/agent/ssh:/opt/opt/atlassian/pipelines/agent/ssh:ro \
- 音量=/usr/local/bin/docker:/usr/local/bin/docker:ro \
-VOLUME =/opt/atlassian/pipelines/agent/build/buctbucket/pipelines/oferated/pipeline/pipes:/opt/atlassian/pipelines/pipelines/agent/agent/agent/build/.bitbucket/pipelines/pipelines/generated/generated/pipeline/pipeline/pipeses \ \ \\\\\\\\\\\\\\\\\\\\\\\\\\\\\
-volume =/opt/opt/atlassian/pipelines/agent/build/.bitbucket/pipelines/oferated/pipeline/pipely/pipes/swarm-secret-pipe:/plassian/pipelines/pipelines/agent/agent/agent/agent/.bitbucket/.bitbucket/pipelines/pipelines/生成的/管道/管道/匹配/群体销售\ \
-workdir = $(pwd)\
-label = org.bitbucket.pipelines.system = true \
radiergummi/swarm-secret-pipe:1.3.7@sha256:BAF05B25B38F2A59B044E07F4AD0707065DE90257A000137A0E1E1E1E1EB71CBE1CBE1A438E5
该管道是非常标准的,并使用了最近的高山图像。在这方面没什么特别的。 路径永远不会被覆盖。现在,对于有趣的部分:如果我做 ls/usr/local/bin/docker 在管道内,它将显示一个空目录:
ls /usr/local/bin
total 16K
drwxr-xr-x 1 root root 4.0K May 13 13:06 .
drwxr-xr-x 1 root root 4.0K Apr 4 16:06 ..
drwxr-xr-x 2 root root 4.0K Apr 29 09:30 docker
ls /usr/local/bin/docker
total 8K
drwxr-xr-x 2 root root 4.0K Apr 29 09:30 .
drwxr-xr-x 1 root root 4.0K May 13 13:06 ..
ls: /usr/local/bin/docker/docker: No such file or directory
据我了解,我了解管道和docker,/usr/本地/bin/docker 应该是docker二进制文件。相反,由于某种原因,它似乎是一个空目录。
这里发生了什么?
我还看了其他官方的管道。他们没有做任何不同的事情,但似乎正在使用docker命令(例如。 “ Nofollow Noreferrer”> Azure管道)。
I'm working on a build step that handles common deployment tasks in a Docker Swarm Mode cluster. As this is a common problem for us and for others, we've shared this build step as a BitBucket pipe: https://bitbucket.org/matchory/swarm-secret-pipe/
The pipe needs to use the docker command to work with a remote Docker installation. This doesn't work, however, because the docker executable cannot be found when the pipe runs.
The following holds true for our test repository pipeline:
- The docker option is set to true:
options:
docker: true
- The docker service is enabled for the build step:
main:
- step:
services:
- docker: true
- Docker works fine in the repository pipeline itself, but not within the pipe.
- Pipeline log shows the docker path being mounted into the pipe container:
docker container run \
--volume=/opt/atlassian/pipelines/agent/build:/opt/atlassian/pipelines/agent/build \
--volume=/opt/atlassian/pipelines/agent/ssh:/opt/atlassian/pipelines/agent/ssh:ro \
--volume=/usr/local/bin/docker:/usr/local/bin/docker:ro \
--volume=/opt/atlassian/pipelines/agent/build/.bitbucket/pipelines/generated/pipeline/pipes:/opt/atlassian/pipelines/agent/build/.bitbucket/pipelines/generated/pipeline/pipes \
--volume=/opt/atlassian/pipelines/agent/build/.bitbucket/pipelines/generated/pipeline/pipes/matchory/swarm-secret-pipe:/opt/atlassian/pipelines/agent/build/.bitbucket/pipelines/generated/pipeline/pipes/matchory/swarm-secret-pipe \
--workdir=$(pwd) \
--label=org.bitbucket.pipelines.system=true \
radiergummi/swarm-secret-pipe:1.3.7@sha256:baf05b25b38f2a59b044e07f4ad07065de90257a000137a0e1eb71cbe1a438e5
The pipe is pretty standard and uses a recent Alpine image; nothing special in that regard. The PATH is never overwritten. Now for the fun part: If I do ls /usr/local/bin/docker inside the pipe, it shows an empty directory:
ls /usr/local/bin
total 16K
drwxr-xr-x 1 root root 4.0K May 13 13:06 .
drwxr-xr-x 1 root root 4.0K Apr 4 16:06 ..
drwxr-xr-x 2 root root 4.0K Apr 29 09:30 docker
ls /usr/local/bin/docker
total 8K
drwxr-xr-x 2 root root 4.0K Apr 29 09:30 .
drwxr-xr-x 1 root root 4.0K May 13 13:06 ..
ls: /usr/local/bin/docker/docker: No such file or directory
As far as I understand pipelines and Docker, /usr/local/bin/docker should be the docker binary file. Instead, it appears to be an empty directory for some reason.
What is going on here?
I've also looked at other, official, pipes. They don't do anything differently, but seem to be using the docker command just fine (eg. the Azure pipe).
发布评论
评论(1)
与Bitbucket支持交谈后,我解决了这个问题。事实证明,如果更改了Docker上下文,则任何Docker命令都会直接发送到远程Docker二进制文件,该docker二进制(在我们的服务上)生活在与Bitbucket Pipelines中不同的路径上!
当我们在使用管道之前更改docker上下文时,安装在管道中的docker实例仍然具有远程上下文集,但是管道在另一个地方搜索docker二进制文件,
no这样的文件或目录错误。tl; dr:在将控件传递给管道之前,请务必还原默认的docker主机/上下文,例如:
After talking to BitBucket support, I solved the issue. As it turns out, if the docker context is changed, any docker command is sent straight to the remote docker binary, which (on our services) lives at a different path than in BitBucket Pipelines!
As we changed the docker context before using the pipe, and the docker instance mounted into the pipe still has the remote context set, but the pipe searches for the docker binary at another place, the
No such file or directoryerror is thrown.TL;DR: Always restore the default docker host/context before passing control to a pipe, e.g.: