Invalid settings supplied for DEFAULT_LOCAL_TMP: Unable to create local directories(/.ansible)

最近在k8s中使用ansible相关的镜像跑了一个Job。对应的Job为这个Job里面挂载了之前已经生成好的ConfigMap。Job对应的镜像是别的同事给的。jobData := &unstructured.Unstructured{Object: map[string]interface{}{"apiVersion": "batch/v1","kind":"Job","metadata

katy的小乖

1555人浏览 · 2021-02-19 09:53:08

katy的小乖 · 2021-02-19 09:53:08 发布

最近在k8s中使用ansible相关的镜像跑了一个Job。

对应的Job为

这个Job里面挂载了之前已经生成好的ConfigMap。Job对应的镜像是别的同事给的。

jobData := &unstructured.Unstructured{
		Object: map[string]interface{}{
			"apiVersion": "batch/v1",
			"kind":       "Job",
			"metadata": map[string]interface{}{
				"name":      jobName,
				"namespace": ns,
			},
			"spec": map[string]interface{}{
				//"ttlSecondsAfterFinished": ttl,
				//"backoffLimit":            backOffLimit,
				//"completions":             completions,
				//"parallelism":             parallelism,
				"template": map[string]interface{}{
					"spec": map[string]interface{}{
						"restartPolicy": "OnFailure",
						"containers": []map[string]interface{}{
							{
								"name": clusterId + "-cm",
								"image": "registry.local/katy/demo:0.3",
								"command": []string{
									"/bin/bash", "-c", "ansible-playbook playbooks/prerequisites.yml playbooks/deploy_cluster.yml",

								},
								"volumeMounts": []map[string]interface{}{
									{
										"name":      clusterId + "-cm",
										"mountPath": mountPath,
									},
								},
							},
						},
						"volumes": []map[string]interface{}{
							{
								"name": clusterId + "-cm",
								"configMap": map[string]interface{}{
									"name": clusterId + "-cm",
									"items": map[string]string{
										"key":  "hosts",
										"path": mountPath,
									},
								},
							},
						},
					},
				},
			},
		},
	}

当这个Job创建成功后，对应的pod就一直报错

Unhandled error:
 Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/ansible/config/manager.py", line 572, in update_config_data
	value, origin = self.get_config_value_and_origin(config, configfile)
  File "/usr/lib/python2.7/site-packages/ansible/config/manager.py", line 516, in get_config_value_and_origin
	value = ensure_type(value, defs[config].get('type'), origin=origin)
  File "/usr/lib/python2.7/site-packages/ansible/config/manager.py", line 122, in ensure_type
	makedirs_safe(value, 0o700)
  File "/usr/lib/python2.7/site-packages/ansible/utils/path.py", line 95, in makedirs_safe
	raise AnsibleError("Unable to create local directories(%s): %s" % (to_native(rpath), to_native(e)))
AnsibleError: Unable to create local directories(/.ansible/tmp): [Errno 13] Permission denied: '/.ansible'


Traceback (most recent call last):
  File "/usr/bin/ansible-playbook", line 62, in <module>
	import ansible.constants as C
  File "/usr/lib/python2.7/site-packages/ansible/constants.py", line 175, in <module>
	config = ConfigManager()
  File "/usr/lib/python2.7/site-packages/ansible/config/manager.py", line 291, in __init__
	self.update_config_data()
  File "/usr/lib/python2.7/site-packages/ansible/config/manager.py", line 584, in update_config_data
	raise AnsibleError("Invalid settings supplied for %s: %s\n" % (config, to_native(e)), orig_exc=e)
ansible.errors.AnsibleError: Invalid settings supplied for DEFAULT_LOCAL_TMP: Unable to create local directories(/.ansible/tmp): [Errno 13] Permission denied: '/.ansible'

解决

根据错误描述是没有权限创建/.ansible/tmp目录，这个目录是ansible默认的配置文件ansible.cfg文件中默认的值。

因此得想办法创建这个~/.ansible/tmp目录。

通过给Job中的container挂载一个~/.ansible/tmp目录就可以解决这个问题。

最后完整的Job为

jobData := &unstructured.Unstructured{
		Object: map[string]interface{}{
			"apiVersion": "batch/v1",
			"kind":       "Job",
			"metadata": map[string]interface{}{
				"name":      jobName,
				"namespace": ns,
				"labels": map[string]string{
					"cluster-name": clusterName,
					"cluster-id":   clusterId,
					"dc-id":        dcId,
					"zone-id":      zoneId,
					"master-vip":   masterVip,
					"sign":         jobLabel,
				},
			},
			"spec": map[string]interface{}{
				//"ttlSecondsAfterFinished": ttl,
				//"backoffLimit":            backOffLimit,
				//"completions":             completions,
				//"parallelism":             parallelism,
				"template": map[string]interface{}{
					"spec": map[string]interface{}{
						"restartPolicy": "OnFailure",
						"containers": []map[string]interface{}{
							{
								"name": clusterId + "-cm",
								"image": "registry.local/katy/demo:0.3",
								"command": []string{
									"/bin/bash", "-c", "ansible-playbook playbooks/prerequisites.yml playbooks/deploy_cluster.yml",

								},
								"volumeMounts": []map[string]interface{}{
									{
										"name":      clusterId + "-cm",
										"mountPath": mountPath,
									},
									{
										"name":"ansible-cfg",
										"mountPath": "~/.ansible/tmp",
									},
								},
							},
						},
						"volumes": []map[string]interface{}{
							{
								"name": clusterId + "-cm",
								"configMap": map[string]interface{}{
									"name": clusterId + "-cm",
									"items": map[string]string{
										"key":  "hosts",
										"path": mountPath,
									},
								},
							},
							{
									"name":"ansible-cfg",
									"mountPath": "~/.ansible/tmp",
							},
						},
					},
				},
			},
		},
	}

emmm 只要给了正确的权限，上面的挂载可以不要了。
按照赋予权限，就不会再报权限问题了，上面提到的挂载也可以不要了

K8S/Kubernetes

K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容

更多推荐

【深度】阿里巴巴万级规模 K8s 集群全局高可用体系之美

作者 | 韩堂、柘远、沉醉来源 | 阿里巴巴云原生公众号前言台湾作家林清玄在接受记者采访的时候，如此评价自己 30 多年写作生涯：“第一个十年我才华横溢，‘贼光闪现’，令周边黯然失色；第二个十年，我终于‘宝光现形’，不再去抢风头，反而与身边的美丽相得益彰；进入第三个十年，繁华落尽见真醇，我进入了‘醇光初现’的阶段，真正体味到了境界之美”。长夜有穷，真水无香。领略过了 K8s“身在江

K8S/Kubernetes

如何基于 K8s 构建下一代 DevOps 平台？

作者 | 孙健波（天元）导读：当前云原生 DevOps 体系现状如何？面临哪些挑战？如何通过 OAM 解决云原生 DevOps 场景下的诸多问题？云原生开发应用模型 OAM(Open Application Model) 社区核心成员孙健波将为大家一一解答，并分享如何基于 OAM 和 Kubernetes 打造无限能力的下一代 DevOps 平台。什么是 DevOps？为什么基于 Kub