在Windows主机上使用Docker设置Gitlab,问题与共享文件夹

TLDR;

有谁知道如何解决“失败断言所有权”/ var / opt / gitlab / git-data“是git”错误?

背景:

我想在WindowsServer2012R2上运行Docker工具箱(版本17.04.0-ce,build 4845c56)设置Gitlab Docker 。

问题/问题

我无法使共享文件夹在服务器的D驱动器上正常工作。 我读到,我需要将文件夹添加到VirtualBox虚拟机,我通过VB GUI中的设置/共享文件夹菜单。 我为path“D:\ data \ gitlab”设置了一个名为“gitlab”的名称,然后选中自动挂载,设为永久性,并将其设置为完全访问。

VM共享文件夹设置

我启动了docker机器,运行“docker-machine ssh $ machine-name”。 我注意到没有/ media目录,因此我在主目录(/ home / docker / gitlab)中添加了一个文件夹,然后使用以下在几个论坛中find的命令装载共享文件夹: 

sudo mount -t vboxsf gitlab /home/docker/gitlab

在这一点上,我可以添加文件到Windows主机目录或Docker虚拟机,它似乎工作正常,testing文件显示。

现在,当我启动Gitlab Docker镜像时,我使用以下从其文档修改的命令: 

 docker run --detach --hostname gitlab.example.com --publish 80:80 --name gitlab --volume /home/docker/gitlab:/etc/gitlab:Z --volume /home/docker/gitlab/logs:/var/log/gitlab:Z --volume /home/docker/gitlab/data:/var/opt/gitlab:Z gitlab/gitlab-ce

现在我知道它似乎写入共享驱动器,因为所有这些文件都生成,但它几秒钟后崩溃,我收到以下错误日志。

运行Gitlab Docker时生成的文件

错误日志: 

 Thank you for using GitLab Docker Image! Current version: gitlab-ce=9.3.6-ce.0 Configure GitLab for your system by editing /etc/gitlab/gitlab.rb file And restart this container to reload settings. To do it use docker exec: docker exec -it gitlab vim /etc/gitlab/gitlab.rb docker restart gitlab For a comprehensive list of configuration options please see the Omnibus GitLab readme https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/README.md If this container fails to start due to permission problems try to fix it by executing: docker exec -it gitlab update-permissions docker restart gitlab Installing gitlab.rb config... Generating ssh_host_rsa_key... Generating public/private rsa key pair. Your identification has been saved in /etc/gitlab/ssh_host_rsa_key. Your public key has been saved in /etc/gitlab/ssh_host_rsa_key.pub. The key fingerprint is: SHA256:GyFlf9tl7ZuEbuE+dwZUYiyahdsRzpC1T7kwyUvoD+o root@gitlab.example.com The key's randomart image is: +---[RSA 2048]----+ | o .+oo | | o .o*+o+.o| | . . o*@+oo+| | . o+o.Oo= | | S o o++..| | + oo + o| | o .+ + | | . o. .o| | E .o..| +----[SHA256]-----+ Generating ssh_host_ecdsa_key... Generating public/private ecdsa key pair. Your identification has been saved in /etc/gitlab/ssh_host_ecdsa_key. Your public key has been saved in /etc/gitlab/ssh_host_ecdsa_key.pub. The key fingerprint is: SHA256:Kb99jG8EtMuTSdIuqBT3GLeD1D0wwTEcQhKgVJUlBjs root@gitlab.example.com The key's randomart image is: +---[ECDSA 256]---+ | .o+=*=+=+ | |.. oo..=.. | |. E . * . | | o + +.B | | +.BS* * | | . +o= B . | | . . .o = | | . o. + | | . .+. | +----[SHA256]-----+ Generating ssh_host_ed25519_key... Generating public/private ed25519 key pair. Your identification has been saved in /etc/gitlab/ssh_host_ed25519_key. Your public key has been saved in /etc/gitlab/ssh_host_ed25519_key.pub. The key fingerprint is: SHA256:lVxpu0UoyNPWVY6D9c+m/bUTyvKP6vuR4cTOYwQ0j+U root@gitlab.example.com The key's randomart image is: +--[ED25519 256]--+ | . o +.=o..| | +.=o@o.+ | | o+=.Eo o| | . + .o.| | SB +| | B o= | | .Oo +| | ..o+.+| | .+*+.oo| +----[SHA256]-----+ Preparing services... Starting services... Configuring GitLab package... /opt/gitlab/embedded/bin/runsvdir-start: line 24: ulimit: pending signals: cannot modify limit: Operation not permitted /opt/gitlab/embedded/bin/runsvdir-start: line 34: ulimit: max user processes: cannot modify limit: Operation not permitted /opt/gitlab/embedded/bin/runsvdir-start: line 37: /proc/sys/fs/file-max: Read-only file system Configuring GitLab... ================================================================================ Error executing action `run` on resource 'ruby_block[directory resource: /var/opt/gitlab/git-data]' ================================================================================ Mixlib::ShellOut::ShellCommandFailed ------------------------------------ Failed asserting that ownership of "/var/opt/gitlab/git-data" was git ---- Begin output of set -x && [ "$(stat --printf='%U' $(readlink -f /var/opt/gitlab/git-data))" = 'git' ] ---- STDOUT: STDERR: + readlink -f /var/opt/gitlab/git-data + stat --printf=%U /var/opt/gitlab/git-data + [ UNKNOWN = git ] ---- End output of set -x && [ "$(stat --printf='%U' $(readlink -f /var/opt/gitlab/git-data))" = 'git' ] ---- Ran set -x && [ "$(stat --printf='%U' $(readlink -f /var/opt/gitlab/git-data))" = 'git' ] returned 1 Cookbook Trace: --------------- /opt/gitlab/embedded/cookbooks/cache/cookbooks/gitlab/libraries/storage_directory_helper.rb:124:in `validate_command' /opt/gitlab/embedded/cookbooks/cache/cookbooks/gitlab/libraries/storage_directory_helper.rb:112:in `block in validate' /opt/gitlab/embedded/cookbooks/cache/cookbooks/gitlab/libraries/storage_directory_helper.rb:111:in `each_index' /opt/gitlab/embedded/cookbooks/cache/cookbooks/gitlab/libraries/storage_directory_helper.rb:111:in `validate' /opt/gitlab/embedded/cookbooks/cache/cookbooks/gitlab/libraries/storage_directory_helper.rb:87:in `validate!' /opt/gitlab/embedded/cookbooks/cache/cookbooks/gitlab/definitions/storage_directory.rb:35:in `block (3 levels) in from_file' Resource Declaration: --------------------- # In /opt/gitlab/embedded/cookbooks/cache/cookbooks/gitlab/definitions/storage_directory.rb 26: ruby_block "directory resource: #{params[:path]}" do 27: block do 28: # Ensure the directory exists 29: storage_helper.ensure_directory_exists(params[:path]) 30: 31: # Ensure the permissions are set 32: storage_helper.ensure_permissions_set(params[:path]) 33: 34: # Error out if we have not achieved the target permissions 35: storage_helper.validate!(params[:path]) 36: end 37: not_if { storage_helper.validate(params[:path]) } 38: end 39: end Compiled Resource: ------------------ # Declared in /opt/gitlab/embedded/cookbooks/cache/cookbooks/gitlab/definitions/storage_directory.rb:26:in `block in from_file' ruby_block("directory resource: /var/opt/gitlab/git-data") do params {:path=>"/var/opt/gitlab/git-data", :owner=>"git", :group=>nil, :mode=>"0700", :name=>"/var/opt/gitlab/git-data"} action [:run] retries 0 retry_delay 2 default_guard_interpreter :default block_name "directory resource: /var/opt/gitlab/git-data" declared_type :ruby_block cookbook_name "gitlab" recipe_name "gitlab-shell" block #<Proc:0x000000054a99a8@/opt/gitlab/embedded/cookbooks/cache/cookbooks/gitlab/definitions/storage_directory.rb:27> not_if { #code block } end Platform: --------- x86_64-linux

有谁知道如何解决“失败断言所有权”/ var / opt / gitlab / git-data“是git”错误? 我对Docker / Gitlab的设置还是有点新的,所以很可能我忽略了一些简单的东西。 我已经花了几个小时search这个,看起来其他人也有很多问题让共享文件夹从Windows使用Docker工具箱工作,所以希望这也可以帮助其他人。

背景

对于我们这些没有本地docker的世界来说,一种解决scheme(也许不是最好的)就是使用vdi驱动器和共享文件夹。 vdi驱动器可以安装在我们想要的驱动器上(如果您不想使用C驱动器,这一点非常重要),并且可以让Gitlab docker能够随意播放任何东西,所以这就是我们要存储的地方持续的卷。 缺点是vdi不像简单的共享文件夹那样透明,因此对于备份,共享文件夹使事情变得更简单/透明。

放弃

我不是这方面的专家,所以请谨慎使用我所说的一丝盐。

执行步骤

在任何你想要的驱动器上创build一个新的vdi驱动器和共享文件夹

  1. closures你想用于gitlab的docker机器
  2. 在virtualbox中,进入docker-machine上的设置,然后selectStorage ,然后点击Add Hard Disk图标,然后点击Create new disk
  3. selectVDI(VirtualBox Disk Image) ,然后单击下一步
  4. selectdynamic分配 ,然后单击下一步
  5. 点击带有绿色胡萝卜符号的文件夹,select要存储vdi的名称和位置,然后selectvdi可以增加到的最大大小,然后单击“ 创build”
  6. 现在在设置菜单中,切换到共享文件夹 ,然后单击添加新的共享文件夹图标
  7. 创build一个gitlabbackups文件夹到你想要的地方,然后selectAuto-mountMake Permanent

现在分区并格式化驱动器

  1. 启动/进入docker机(在cmd提示符下使用VBox窗口或docker-machine ssh <your docker machine name>
  2. 运行fdisk -l列出可用的驱动器,如果你只安装了一个额外的vdi驱动器,你应该看到类似/ dev / sdb
  3. 接下来的步骤是不可逆的 ,所以可以自行执行:input命令fdisk /dev/sdb然后n为新分区, p为主分区, 1
  4. 现在格式化新的分区(你也可能需要sudo): mkfs.ext4 /dev/sdb1

在第二个VDI上运行持久性卷并在共享文件夹中运行备份

示例Dockerfile: 

 FROM gitlab/gitlab-ce:latest RUN apt-get update RUN apt-get install -y cron # Add a cron job to backup everyday RUN echo "0 5 * * * /opt/gitlab/bin/gitlab-rake gitlab:backup:create STRATEGY=copy CRON=1" | crontab - # For an unknown reason, the cron job won't actually run unless cron is restarted CMD service cron restart && \ /assets/wrapper

示例docker-compose.yml: 

 version: "3.0" services: gitlab: build: . restart: always ports: - "80:80" volumes: # These volumes are on the vdi we created above - "/mnt/sdb1/etc/gitlab/:/etc/gitlab" - "/mnt/sdb1/var/log/gitlab:/var/log/gitlab" - "/mnt/sdb1/var/opt/gitlab:/var/opt/gitlab" # This volume sits in the shared folder defined above - "/gitlabbackups:/var/opt/gitlab/backups" cap_add: # These seem to be necessary for the mounted drive to work properly # https://docs.docker.com/engine/reference/run/#runtime-privilege-and-linux-capabilities - SYS_ADMIN - DAC_READ_SEARCH

因为自动挂载vdi似乎有问题,例如使用一个启动脚本(假设你使用了一个D驱动器,只需根据需要replace<…>内的任何东西),示例run.bat: 

 @cd /d D:\<path to docker-compose.yml, assuming it's on the D drive> @docker-machine start <docker machine name> @FOR /f "tokens=*" %%i IN ('docker-machine env <docker machine name>') DO @%%i @docker-machine ssh <docker machine name> sudo mount /dev/sdb1 /mnt/sdb1 @docker-compose build @docker-compose up -d @REM If the docker machine was completely off, running only 'docker-compose up -d' will @REM not mount the volumes properly. Stopping and restarting the container results in @REM the volumes mounting properly. @docker stop <gitlab container name> @docker start <gitlab container name> @pause

注意:通过运行docker docker-compose up一次,然后docker ps -a来检查它,可以findgitlab容器的名字,但是它通常遵循约定<directory compose file is in>_<name in the compose file, eg gitlab here>_1

假设一切顺利,你可以根据自己的情况更改上面<…>中的内容,那么你应该可以运行batch file,让gitlab启动并运行,以便将所有内容存储在备用驱动器上,vdi中的持久工作文件(以解决VBox POSIX的限制)以及透明地存储在共享文件夹中的备份。

希望这可以帮助那些无法使用本地docker工具的其他可怜的灵魂。

    Interesting Posts

    增加Docker Toolbox上的磁盘空间

    docker工具箱在窗口然后docker运行hello-world获得x509:由未知权威签名的证书