I am facing an issue with mounting a host directory into docker container with both -v and --mount options.
Using mount:
docker run --mount type=bind,source=/home/myuser/docker_test/out_dir,target=/home/out_dir --user 12345:1000 -it docker-name:0.1 bash
docker: Error response from daemon: invalid mount config for type "bind": stat /home/myuser/docker_test/out_dir: permission denied.
But I am able to do stat on this directory.
stat /home/myuser/docker_test/out_dir
File: '/home/myuser/docker_test/out_dir'
Size: 4096 Blocks: 8 IO Block: 32768 directory
Device: 33h/51d Inode: 9275022755226025350 Links: 2
Access: (0770/drwxrwx---) Uid: (12345/ myuser) Gid: ( 1000/ hercules)
Access: 2022-12-01 02:12:54.430582000 -0500
Modify: 2022-12-01 02:12:38.239629000 -0500
Change: 2022-12-01 02:12:38.239629000 -0500
Birth: -
Using -v:
docker run -v /home/myuser/docker_test/out_dir:/home/out_dir --user 12345:1000 -it docker-name:0.1:0.1 bash
docker: Error response from daemon: error while creating mount source path '/home/myuser/docker_test/out_dir': mkdir /home/myuser/docker_test: permission denied.
ERRO[0000] error waiting for container: context canceled
I don't know why it's trying to do mkdir but /home/myuser/docker_test already exists and is writable for the current user.
Am I missing something here?
BTW - /home is a NFS mounted directory.
EDIT: mounting /tmp worked. So this means it is related to the NFS mounted directory /home.
EDIT 2
I am working on a network machine where I don’t have root (sudo) access.
The docker service is installed by root user.
/home/myuser/docker_test/out_dir has 700 (rwx------) permissions. If I change the permission to 755, it will work. But I can’t change the directory permissions.
My question is why stat is failing when the user starting the docker has the permissions to access the source directory?
Is the stat being called by the docker executable as some ‘other’ user?
Use:
sudo docker run -v /home/myuser/docker_test/out_dir:/home/out_dir --user 12345:1000 -it docker-name:0.1:0.1 bash
This is what my commend looks like
kubectl cp /Users/Documents/keycloak-deployment/import/realm-export-sdp.json sdp-steve/keycloak-7458697ddb-tbzp8:/tmp
And I got the error message as below:
rpc error: code = 2 desc = oci runtime error: exec failed: container_linux.go:235: starting container process caused "exec: \"tar\": executable file not found in $PATH"
error: Internal error occurred: error executing command in container: read unix #->/var/run/docker.sock: read: connection reset by peer
Does anyone know how to handle this error? Thank you in advance.
Your container image must have tar binary present for running kubectl cp subcommand. As a result, you are getting the following error:
"exec: \"tar\": executable file not found in $PATH
See the below snippet:
kubectl cp --help
Copy files and directories to and from containers.
Examples:
# !!!Important Note!!!
# Requires that the 'tar' binary is present in your container
# image. If 'tar' is not present, 'kubectl cp' will fail.
#
# For advanced use cases, such as symlinks, wildcard expansion or
# file mode preservation, consider using 'kubectl exec'.
You may check this page showing why tar is needed.
According to the documentation at: https://docs.docker.com/engine/reference/commandline/cli/#customize-the-default-output-format-for-commands
I want to customize the docker ps output so that it shows the IP of the containers in the table results.
What I've tried so far is:
$ cat ~/.docker/config.json
{
"psFormat": "table {{.ID}}\\t{{.Image}}\\t{{.IPAddress}}\\t{{.Ports}}\\t{{.Names}}"
}
but then it raises this error:
$ docker ps
Template parsing error: template: :1:33: executing "" at <.IPAddress>:
can't evaluate field IPAddress in type *formatter.ContainerContext
I also know that docker inspect accept a --format argument having kind of the same structure:
$ docker inspect -f '{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}} {{.Name}}' my-project_app_1
172.19.0.2 /my-project_app_1
So I also naively tried to copy/paste that format structure into the docker config.json file:
$ cat ~/.docker/config.json
{
"psFormat": "table {{.ID}}\\t{{.Image}}\\t{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}\\t{{.Ports}}\\t{{.Names}}"
}
but then this error shows up:
Template parsing error: template: :1:55: executing "" at <.NetworkSettings.Networks>:
can't evaluate field NetworkSettings in type *formatter.ContainerContext
Question
How would you get the IP of the container in the table formatted output of a custom docker ps command?
System info:
Ubuntu: 18.04.6 LTS
Kernel: 5.4.0-94-generic x86_64 GNU/Linux
Docker: Docker version 20.10.12, build e91ed57
Error: failed to start container "node-exporter": Error response from daemon: path /sys is mounted on /sys but it is not a shared or slave mount
shows that message here is the repository I took it from trying to make a node exporter to Grafana dashboard through Kubernetes pods followed this video and this repo
ERROR screenshot
Well for me (Docker-Desktop in MacOS) this command saved my day:
kubectl patch ds monitoring-prometheus-node-exporter --type "json" -p '[{"op": "remove", "path" : "/spec/template/spec/containers/0/volumeMounts/2/mountPropagation"}]'
credit: GitHub Issues
This work for me (Docker-Dektop in MacOs m1)
# Mount the node's root file system (/) at /host/root in the container
hostRootFsMount:
enabled: false
# Defines how new mounts in existing mounts on the node or in the container
# are propagated to the container or node, respectively. Possible values are
# None, HostToContainer, and Bidirectional. If this field is omitted, then
# None is used. More information on:
# https://kubernetes.io/docs/concepts/storage/volumes/#mount-propagation
mountPropagation: HostToContainer
I am very new to docker Kubernetes. I have made my cluster of 3 nodes now I am creating a YAML file for pod creation. I have taken the image from https://github.com/utkudarilmaz/docker-hping3 the image name is utkudarilmaz/hping3. Can someone help me to set the command or the docker file in the path? because I cannot understand the problem. I want to run my pod successfully working so, that I can utilize it.
My YAML file like
---
apiVersion: v1
kind: Pod
metadata:
name: second
labels:
app: web
spec:
containers:
- name: hping3
image: utkudarilmaz/hping3
command: ["hping3 [IP_ADDRESS"]
ports:
- containerPort: 80
nodeSelector:
disktype: ssd
if I do not specify [command] my pod status is CrashLoopBackOff. I have searched and found that My kubernetes pods keep crashing with "CrashLoopBackOff" but I can't find any log
I need a command to run the container continuously otherwise it goes in the cycle if I specify a command in YAML file like an above command: ["hping3 103.22.221.59"] and then when I run
kubectl exec –it second – hping3 [IP_ADDRESS]
I get
error: unable to upgrade connection: container not found ("hping3")
the output of kubectl decribe pod second
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 3m39s default-scheduler Successfully assigned default/second1 to netcs
Normal Pulled 3m35s kubelet Successfully pulled image "utkudarilmaz/hping3" in 2.714028668s
Normal Pulled 3m31s kubelet Successfully pulled image "utkudarilmaz/hping3" in 2.734426606s
Normal Pulled 3m15s kubelet Successfully pulled image "utkudarilmaz/hping3" in 2.61256593s
Normal Pulled 2m46s kubelet Successfully pulled image "utkudarilmaz/hping3" in 2.65727147s
Warning BackOff 2m11s (x5 over 3m4s) kubelet Back-off restarting failed container
Normal Pulling 2m4s (x5 over 3m38s) kubelet Pulling image "utkudarilmaz/hping3"
Normal Created 119s (x5 over 3m35s) kubelet Created container hping3
Warning Failed 119s (x5 over 3m35s) kubelet Error: failed to start container "hping3": Error response from daemon: OCI runtime create failed: container_linux.go:370: starting container process caused: exec: "hping3 103.22.221.59": executable file not found in $PATH: unknown
Normal Pulled 119s kubelet Successfully pulled image "utkudarilmaz/hping3" in 5.128803062s
Some Output of docker inspect $utkudarilmaz/hping3
"Mounts": [],
"Config": {
"Hostname": "104e9920881b",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"Tty": true,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Cmd": null,
"Image": "utkudarilmaz/hping3",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": [
"hping3"
],
"OnBuild": null,
"Labels": {
"desription": "hping3 tool building on Alpine:latest",
"version": "1.0"
my container will not continue running
when I try this command
command: [ "/bin/bash", "-c", "--" ]
args: [ "while true; do sleep 30; done;" ] from
https://stackoverflow.com/questions/31870222/how-can-i-keep-a-container-running-on-kubernetes/40093356
same error file not found in the path
First of all, you don't need to specify containerPort here as there is nothing listening on any tcp port in your hping3 container:
$ kubectl exec -ti second -- /bin/sh
/ # netstat -ntlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
In fact you don't even need to provide any command as hping3 is already defined as an ENTRYPOINT in this docker image and you don't really need to overwrite it. All you need in order to run your hping3 Pod is the following yaml manifest:
apiVersion: v1
kind: Pod
metadata:
name: second
spec:
containers:
- name: hping3
image: utkudarilmaz/hping3
args: ["IP-address"]
Yes, providing some args is obligatory in this case, otherwise your container will fall into CrashLoopBackOff state.
As you can read in the very brief description of the image in its README.md:
Usage:
docker pull utkudarilmaz/hping3:latest
docker run utkudarilmaz/hping3:latest [parameters] target_ip
providing target_ip is obligatory, but you don't have to provide anything else.
Although the above usage description doesn't say anything about running this image on kubernetes, such short description should be totally enough for us and we should be able to translate it "from docker to kubernetes language".
Take a look at the following section, titled Define a Command and Arguments for a Container, in the official kubernetes docs, especially this fragment:
When you override the default Entrypoint and Cmd, these rules apply:
If you do not supply command or args for a Container, the defaults defined in the Docker image are used.
If you supply a command but no args for a Container, only the supplied command is used. The default EntryPoint and the
default Cmd defined in the Docker image are ignored.
If you supply only args for a Container, the default Entrypoint defined in the Docker image is run with the args that
you supplied.
If you supply a command and args, the default Entrypoint and the default Cmd defined in the Docker image are ignored. Your
command is run with your args.
From the above we are particularly interested in the third point:
If you supply only args for a Container, the default Entrypoint defined in the Docker image is run with the args that
you supplied.
which means that in our kubernetes Pod definition we may supply only args and it's totally fine. As the ENTRYPOINT is already defined in the utkudarilmaz/hping3 image, there is no need to overwrite it by defining a command.
I was able to reproduce the error messsage you get only when trying to connect to hping3 container in CrashLoopBackOff state:
$ kubectl exec -ti second -- hping3 [IP-address]
error: unable to upgrade connection: container not found ("hping3")
But when it runs, kubectl exec works without any issues:
$ kubectl exec -ti second -- hping3 [IP-address]
HPING [IP-address] (eth0 [IP-address]): NO FLAGS are set, 40 headers + 0 data bytes
Btw. hyphens in your command look a bit strange and they are not exactly the same characters as - and are not interpreted correctly when copied from the code snippet in your question, leading to strange errors like the following:
Error from server (NotFound): pods "–it" not found
So please mind the exact characters that you use in your commands.
As to the explanation of the error message you see when you kubectl describe your Pod:
"hping3 [IP-address]": executable file not found in $PATH: unknown
it says clearly that an executable named "hping3 [IP-address]" (yes, name of a single file!) cannot be found in your $PATH and I'm sure you don't have executable with such name 😉
If you provide a command this way:
command: ["hping3 [IP-address]"]
keep in mind that the whole string between the double quotes is interpreted as a single command / executable. That's why it was trying to look for executable file named "hping3 [IP-address]" but for obvious reasons it couldn't find it.
As already mentioned in comments, the correct usage of the command field can be:
command: ["hping3","[IP-address]"]
but in your case you don't really need it.
I hope the above explanation was helpful.