I manage to build a container from DockerHub, shell it with Sudo, successfully installed some software, and even run it with Sudo. However, when I try to shell it as an unprivileged user, it gives me an error. Could someone help me in this? Thank you.
The error is as follows:
> singularity shell miniconda4
Increasing verbosity level (2)
Singularity version: 2.4.2-dist
Exec'ing: /usr/lib/x86_64-linux-gnu/singularity/cli/shell.exec
Evaluating args: 'miniconda4'
VERBOSE: Set messagelevel to: 2
VERBOSE: Initialize configuration file: /etc/singularity/singularity.conf
VERBOSE: Initializing Singularity Registry
VERBOSE: Invoking the user namespace
VERBOSE: Not virtualizing USER namespace: running as SUID
VERBOSE: No autofs bug path in configuration, skipping
VERBOSE: Using session directory: /var/lib/singularity/mnt/session
VERBOSE: Mounting overlay with options: lowerdir=/var/lib/singularity/mnt/container,upperdir=/var/lib/singularity/mnt/overlay/upper,workdir=/var/lib/singularity/mnt/overlay/work
VERBOSE: Running all mount components
VERBOSE: Binding '/etc/localtime' to '/var/lib/singularity/mnt/final//etc/localtime'
VERBOSE: Binding '/etc/hosts' to '/var/lib/singularity/mnt/final//etc/hosts'
VERBOSE: Bind-mounting host /proc
VERBOSE: Mounting /sys
VERBOSE: Bind mounting /dev
VERBOSE: Mounting home directory source into session directory: /home/AD/praposo -> /var/lib/singularity/mnt/session/home/AD/praposo
VERBOSE: Failed to create parent directory /var/lib/singularity/mnt/final/home/AD/praposo
ERROR : Failed creating home directory in container /var/lib/singularity/mnt/final/home/AD/praposo: Operation not supported
ABORT : Retval = 255
For those who are having the same problem, the answer is simple: Just type the command '--writable' when calling the 'singularity shell' command.
It allows any user to create directories. And in this case, I think singularity was trying to mount a home directory when it had no permission to do it (but I'm not sure..). Maybe someone would like to answer what really is the problem here..
Related
I've got Gitlab installed on Kubernetes using Helm and try to get Auto DevOps working but I'm getting the following issue from the Auto DevOps pipeline:
Executing "step_script" stage of the job script 00:01
$ if [[ -z "$CI_COMMIT_TAG" ]]; then # collapsed multi-line command
$ /build/build.sh
Logging in to GitLab Container Registry with CI credentials...
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
Building Dockerfile-based application...
Attempting to pull a previously built image for use with --cache-from...
Cannot connect to the Docker daemon at tcp://localhost:2375. Is the docker daemon running?
Cannot connect to the Docker daemon at tcp://localhost:2375. Is the docker daemon running?
No previously cached image found. The docker build will proceed without using a cached image
Cannot connect to the Docker daemon at tcp://localhost:2375. Is the docker daemon running?
Cleaning up file based variables 00:00
ERROR: Job failed: command terminated with exit code 1
I've read abt the issues with Docker-in-Docker, but I couldn't get it to work.
I also tried setting the DOCKER_HOST: tcp://docker:2375/ variable, but I still get the same error.
Cannot connect to the Docker daemon at tcp://docker:2375/. Is the docker daemon running?
My Gitlab Runner Helm values looks like this:
gitlabUrl: https://gitlab.mydomain.com
privileged: true
rbac:
create: true
runnerRegistrationToken: mytoken
runners:
config: |
[[runners]]
executor = "docker"
privileged = true
environment = ["DOCKER_TLS_CERTDIR="]
[runners.docker]
tls_verify = false
privileged = true
I tried using the Auto-DevOps .gitlab-ci.yml template.
My cluster is integrated into Gitlab using the cluster certificate method and running simple CI/CD like
test_project:
stage: test
script:
- npm run test
Works fine
I tried docker:18.09.7, docker:19.03.1 and docker:latest (and the corresponding -dind services, with or without setting DOCKER_HOST: tcp://docker:2375/)
I don't know what I'm missing.
// Update
I got this issue resolved with help from the Gitlab Support.
My issue was that I had to use [runners.kubernetes] config and set privileged to true there. I was only setting it in [runners.docker] as I thought that Kubernetes Gitlab Runners would that config.
I've been trying to initiate my pipeline on gitlab CI/CD for a demo project. I've installed gitlab-runner in my windows local machine and gave the executor type as "Shell". And I've successfully integrated the gitlab-runner with my gitlab project. But whenever I pushed any changes to repo, the pipeline started and end up in "pshw" not found in %PATH error.
This is error which I'm getting every time
ERROR: Job failed (system failure): prepare environment: failed to start process: exec: "pwsh": executable file not found in %PATH%. Check https://docs.gitlab.com/runner/shells/index.html#shell-profile-loading for more information
Can anyone help me to resolve this issue and explain what and why I'm getting this error.
Thanks in advance
When choosing the shell option, the gitlab runner installer uses pwsh as the executor. It generates a config.toml that looks like
[[runners]]
name = "some name"
url = "http://someurl.com/"
token = "some-token"
executor = "shell"
shell = "pwsh"
The problem is that pwsh isn't a valid windows command (on my installs). Changing pwsh to powershell and restarting gitlab-runner service fixed the problem for me.
Go to the installation directory of GitLab Runner e.g. C:\Automation\GitLab-Runner. Here you will see config.toml file, open with notepad and replace "pwsh" with "powershell" as below:
From:
[[runners]]
name = "PT-Runner"
url = "https://gitlab.com"
executor = "shell"
shell = **"pwsh"**
To:
[[runners]]
name = "PT-Runner"
url = "https://gitlab.com"
executor = "shell"
shell = **"powershell"**
I'm running my minikube cluster in thw windows laptop computer and trying to setup argo workflows and argo-cli, I already installed the argo-workflow but when I try executing argo commands, it gives me an error :
FATA[0000] invalid configuration: no configuration has been provided
But I see --kubeconfig flag can be used to configure this this setting in argo, I tried the following command to execute with --kubeconfig
argo version --kubeconfig "/mnt/c/Users/madur/.kube/config"
Still I'm getting following error
FATA[0000] invalid configuration: [unable to read client-cert /mnt/c/Users/madur/.kube/C:\Users\madur\.minikube\profiles\minikube\client.crt for minikube due to open /mnt/c/Users/madur/.kube/C:\Users\madur\.minikube\profiles\minikube\client.crt: no such file or directory, unable to read client-key /mnt/c/Users/madur/.kube/C:\Users\madur\.minikube\profiles\minikube\client.key for minikube due to open /mnt/c/Users/madur/.kube/C:\Users\madur\.minikube\profiles\minikube\client.key: no such file or directory, unable to read certificate-authority /mnt/c/Users/madur/.kube/C:\Users\madur\.minikube\ca.crt for minikube due to open /mnt/c/Users/madur/.kube/C:\Users\madur\.minikube\ca.crt: no such file or directory]
My kubeconfig file is loacted at /mnt/c/Users/madur/.kube/config becauseI'm using WSL in windows.
Can anyone help me to resolve this issue ?
Thanks.
When using WSL, you should use the Linux filesystem for files.
I have an issue with Ansible Tower 3.7.0 (ansible 2.9.7) when using the Copy module I receive this error message:
TASK [Copy Installation Directory For CentOS 7] ********************************
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: If you are using a module and expect the file to exist on the remote, see the remote_src option
fatal: [devmachine]: FAILED! => {"changed": false, "msg": "Could not find or access '/var/lib/awx/projects/xagt_install/Test_Directory' on the Ansible Controller.\nIf you are using a module and expect the file to exist on the remote, see the remote_src option"}
However, that directory path does exist:
[root#tower xagt_install]# pwd
/var/lib/awx/projects/xagt_install
[root#tower xagt_install]# ls -Alh
drwxr-xr-x. 2 awx awx 98 Jun 17 12:57 Test_Directory
Here is the task/play:
- name: Copy Installation Directory For CentOS 7
copy:
src: /var/lib/awx/projects/xagt_install/Test_Directory
dest: /tmp/
remote_src: no
when: (ansible_facts['distribution'] == "CentOS" and ansible_facts['distribution_major_version'] == "7" and 'xagt' in ansible_facts.packages)
It appears the "Test_Directory" has the appropriate permissions. Anyone have an idea as to why this module is reporting it cannot "find or access" the directory?
Disabling: Settings --> Jobs --> Enable Job Isolation fixed my issue and the Copy module works.
I assume if I left the Job Isolation enabled then I would need to store directories in /tmp in order for the Copy module to access them?
I have a CakePHP Application with codeception-plugin for testing.'
Locally I run it in a ddev docker environment and everything works fine.
Trying to run automated tests with gitlab-ci gives me following error:
Running with gitlab-runner 11.1.0 (081978aa)
on shared runner 601c0f11
Using Docker executor with image kevinliteon/cakephp:php7 ...
Starting service mysql:latest ...
Pulling docker image mysql:latest ...
Using docker image sha256:6a834f03bd02bb88cdbe0e289b9cd6056f1d42fa94792c524b4fddc474dab628 for mysql:latest ...
Waiting for services to be up and running...
*** WARNING: Service runner-601c0f11-project-94-concurrent-0-mysql-0 probably didn't start properly.
Health check error:
service "runner-601c0f11-project-94-concurrent-0-mysql-0-wait-for-service" timeout
Health check container logs:
Service container logs:
2018-10-04T12:12:18.904025613Z Initializing database
2018-10-04T12:12:18.925096235Z 2018-10-04T12:12:18.919745Z 0 [Warning] [MY-011070] [Server] 'Disabling symbolic links using --skip-symbolic-links (or equivalent) is the default. Consider not using this option as it' is deprecated and will be removed in a future release.
2018-10-04T12:12:18.925195518Z 2018-10-04T12:12:18.919970Z 0 [System] [MY-013169] [Server] /usr/sbin/mysqld (mysqld 8.0.12) initializing of server in progress as process 30
2018-10-04T12:12:50.330736417Z 2018-10-04T12:12:50.330487Z 5 [Warning] [MY-010453] [Server] root#localhost is created with an empty password ! Please consider switching off the --initialize-insecure option.
*********
Pulling docker image kevinliteon/cakephp:php7 ...
Using docker image sha256:bd4a83b02647ad93a356b343d2ce5ae3a9a1177aea2cd76c61b009abc7df8990 for kevinliteon/cakephp:php7 ...
Running on runner-601c0f11-project-94-concurrent-0 via d7f4a5e71b47...
Fetching changes...
Removing vendor/
HEAD is now at 92cb022 test
Checking out 92cb0223 as deployment...
Skipping Git submodules setup
Checking cache for default...
Successfully extracted cache
$ vendor/bin/codecept run Unit
Codeception PHP Testing Framework v2.3.9
Powered by PHPUnit 6.5.13 by Sebastian Bergmann and contributors.
In Db.php line 308:
Db: SQLSTATE[HY000] [2002] Connection refused while creating PDO connection
My gitlab-ci.yml (partly):
services:
- mysql:latest
variables:
MYSQL_ROOT_PASSWORD: mysql123456789
MYSQL_DATABASE: test_db
MYSQL_USER: db
MYSQL_PASSWORD: db
build:
...
codecept:Unit:
stage: test
script:
- vendor/bin/codecept run Unit
In my codeception.yml I configured the Db module:
modules:
config:
Db:
dsn: 'mysql:host=mysql;dbname=test_db'
user: 'db'
password: 'db'
cleanup: true # reload dump between tests
populate: true # load dump before all tests
reconnect: true
I also tryed using the root user - without success.
Problem is, that I can not connect to the DB for whatever reasons... Maybe the warnings while initializing the service container have something to do with that, but I could not figure out how to fix them or if this is the problem.
I really tried a lot of things without any success! Basically my code depends on the documentations of gitlab-ci and codeception so it should work.
Anybody implemented this scenario successfully or know what I'm doing wrong?
Thanks for any help!
I want to answer how I solved it:
First thing was, I had to add the env-varibale "db_dsn" like this:
export db_dsn="mysql://user:paswd#host/db"
Then I still got the health-check error. Only way I found to successfully setup was to use another docker image for the db-service. I choose "mariadb:latest" - and then it worked for me.