Hi,
When I try to deploy microgateway on openshift I'm getting below errors
1. Unable to change owner for config file
2. config doesn't exist error as it is looking in the wrong directory. As per below log it is looking for config file under /.edgemicro but config is present under /opt/apigee/.edgemicro
Log:
chown: /opt/apigee/.edgemicro/myorg-test-config.yaml: Operation not permitted cd /opt/apigee && edgemicro start -o myorg -e test -k mykey -s mysecret -r 8000 -d /opt/apigee/plugins & current nodejs version is v8.12.0 current edgemicro version is 2.5.28 config does not exist /.edgemicro/myorg-test-config.yaml /usr/local/lib/node_modules/edgemicro/node_modules/microgateway-config/lib/io.js:73 throw new Error('config does not exist'); ^ Error: config does not exist at IO.loadSync (/usr/local/lib/node_modules/edgemicro/node_modules/microgateway-config/lib/io.js:73:11) at Loader.get (/usr/local/lib/node_modules/edgemicro/node_modules/microgateway-config/lib/network.js:95:35) at Object.get (/usr/local/lib/node_modules/edgemicro/node_modules/microgateway-config/index.js:16:30) at Gateway.start (/usr/local/lib/node_modules/edgemicro/cli/lib/gateway.js:60:16) at Command.commander.command.option.option.option.option.option.option.option.option.option.option.option.option.option.description.action (/usr/local/lib/node_modules/edgemicro/cli/cmd.js:243:21) at Command.listener (/usr/local/lib/node_modules/edgemicro/node_modules/commander/index.js:315:8) at emitTwo (events.js:126:13) at Command.emit (events.js:214:7) at Command.parseArgs (/usr/local/lib/node_modules/edgemicro/node_modules/commander/index.js:654:12) at Command.parse (/usr/local/lib/node_modules/edgemicro/node_modules/commander/index.js:474:21) at setup (/usr/local/lib/node_modules/edgemicro/cli/cmd.js:559:15) at Object.<anonymous> (/usr/local/lib/node_modules/edgemicro/cli/edgemicro:49:21) at Module._compile (module.js:653:30) at Object.Module._extensions..js (module.js:664:10) at Module.load (module.js:566:32) at tryModuleLoad (module.js:506:12)
Thanks,
Mohan Chippada
Solved! Go to Solution.
Add a symlink in the dockerfile
RUN ln -s /opt/apigee/.edgemicro /.edgemicro
Mohan, would you mind sharing more information on the approach you took? Did you create your own Docker image and OpenShift/Kubernetes resources? May be you could use the official Docker image and Kubernetes resources generated by Edge Microgateway CLI:
Try following the steps mention on the following documentation page:
https://docs.apigee.com/api-platform/integrations/kubernetes/k8s-prerequisites#install_edge_microgat...
@Imesh Gunaratne, I'm using the official docker image from here . For me, looks like it is unable to create this symlink as my user is not root. When I added required symlink and required permissions for config file through my docker file it worked.
May I know why user home directory is always assumed as /root here, is it required to run as root?
It is not required to run as root. The default is to run as apigee user.
The symlink was created so if you did run as root, MG will use the same config file.
Even though I'm using official docker image, in my case it is not running as apigee user. Can you please suggest.
/opt/apigee $ ls -ltr total 12 -rwxr-xr-x 1 apigee apigee 4387 Dec 7 23:34 entrypoint.sh drwxr-xr-x 2 apigee apigee 6 Mar 21 09:52 plugins drwxrwsrwx 2 root 10000700 4096 Mar 21 09:52 logs /opt/apigee/logs $ ls -ltr total 4 -rw-r--r-- 1 10000700 10000700 1948 Mar 21 09:52 edgemicro.log opt/apigee/.edgemicro $ ls -ltr total 4 -rw-r--r-- 1 10000700 10000700 1508 Mar 21 09:52 myorg-test-config.yaml
As I see install.sh script it only used when building the Docker image. I wonder whether this issue is caused by the chown command used in the entrypoint.sh script:
One option might be to update entrypoint.sh and comment out above line to verify whether this issue is caused by this chown command. We would need to rebuild the Docker image, push it to a remote repository and update Kubernetes manifest file for this.
@Nandan: I think we might not be able to execute chown commands in the runtime depending on the user used for starting the container and security policies applied. IMO the best option would be to move all chown commands to the Docker image build process and use user group permissions in the runtime for granting required filesystem permissions. Thanks!
Imesh is right. According to here, chown command is not allowed. I do not have a local openshift cluster to try this. But, like Imesh suggested, please try comment that line and see if works.
@srinandans, Do you know if anyone managed to implement edgemicro successfully on Openshift? I have to start with it tomorrow
@srinandans@google @Imesh Gunaratne @Dino-at-Google
I am trying to run edgemicro container in openshift, it seems the chmod is not the issue.
Below location is the docker image of edgemicro looking for config file, even after rebuilding the image in Openshift without any chmod in entry point file the error persists.
I am not sure where is edgemicro image getting below location for lookup ?
It should be /opt/apigee/.edgemicro/test-prod-dev-config.yaml
/.edgemicro/test-prod-dev-config.yaml
cd /opt/apigee && edgemicro start -o test-non-prod -e dev -k 85af51f589a9739d551838669fa99c71bda302ab45eb5ec0f108877f2a1110e4 -s 13b1a3f6073b63a357f175c2127c8185c883984e0c2ea835d08cc5046846f930 -p 1 -d /opt/apigee/plugins & 2020-02-20T20:00:20.259Z [26] [microgateway edgemicro] current nodejs version is v8.17.0 2020-02-20T20:00:20.261Z [26] [microgateway edgemicro] current edgemicro version is 3.1.1 2020-02-20T20:00:21.385Z [26] [microgateway-config io] config does not exist /.edgemicro/test-prod-dev-config.yaml /usr/local/lib/node_modules/edgemicro/node_modules/microgateway-config/lib/io.js:76 throw new Error('config does not exist'); ^ Error: config does not exist at IO.loadSync (/usr/local/lib/node_modules/edgemicro/node_modules/microgateway-config/lib/io.js:76:11) at Object.load (/usr/local/lib/node_modules/edgemicro/node_modules/microgateway-config/index.js:36:25) at Gateway.start (/usr/local/lib/node_modules/edgemicro/cli/lib/gateway.js:248:37) at Command.commander.command.option.option.option.option.option.option.option.option.option.option.option.option.option.description.action (/usr/local/lib/node_modules/edgemicro/cli/cmd.js:246:21) at Command.listener (/usr/local/lib/node_modules/edgemicro/node_modules/commander/index.js:315:8) at emitTwo (events.js:126:13) at Command.emit (events.js:214:7) at Command.parseArgs (/usr/local/lib/node_modules/edgemicro/node_modules/commander/index.js:651:12) at Command.parse (/usr/local/lib/node_modules/edgemicro/node_modules/commander/index.js:474:21) at setup (/usr/local/lib/node_modules/edgemicro/cli/cmd.js:600:15) at Object.<anonymous> (/usr/local/lib/node_modules/edgemicro/cli/edgemicro:52:21) at Module._compile (module.js:653:30) at Object.Module._extensions..js (module.js:664:10) at Module.load (module.js:566:32) at tryModuleLoad (module.js:506:12) at Function.Module._load (module.js:498:3) at Function.Module.runMain (module.js:694:10) at startup (bootstrap_node.js:204:16) at bootstrap_node.js:625:3
Please try the latest (beta) image
docker pull gcr.io/apigee-microgateway/edgemicro:beta
We've made some changes (like getting rid of chown) and hopefully they will fix the errors you are seeing.
the beta image still don't work... I was able to make it go through the error via creating link in the install.sh file..
ln -s /opt/apigee/.edgemicro /.edgemicro
Yes, beta image still has same issue.
@srinandans@google @Imesh Gunaratne @Dino-at-Google
I am trying to run edgemicro container in openshift, it seems the chmod is not the issue.
Below location is the docker image of edgemicro looking for config file, even after rebuilding the image in Openshift without any chmod in entry point file the error persists.
I am not sure where is edgemicro image getting below location for lookup ?
It should be /opt/apigee/.edgemicro/test-prod-dev-config.yaml
/.edgemicro/test-prod-dev-config.yaml
cd /opt/apigee && edgemicro start -o test-non-prod -e dev -k key -s secret -p 1 -d /opt/apigee/plugins & 2020-02-20T20:00:20.259Z [26] [microgateway edgemicro] current nodejs version is v8.17.0 2020-02-20T20:00:20.261Z [26] [microgateway edgemicro] current edgemicro version is 3.1.1 2020-02-20T20:00:21.385Z [26] [microgateway-config io] config does not exist /.edgemicro/test-prod-dev-config.yaml /usr/local/lib/node_modules/edgemicro/node_modules/microgateway-config/lib/io.js:76 throw new Error('config does not exist'); ^ Error: config does not exist at IO.loadSync (/usr/local/lib/node_modules/edgemicro/node_modules/microgateway-config/lib/io.js:76:11) at Object.load (/usr/local/lib/node_modules/edgemicro/node_modules/microgateway-config/index.js:36:25) at Gateway.start (/usr/local/lib/node_modules/edgemicro/cli/lib/gateway.js:248:37) at Command.commander.command.option.option.option.option.option.option.option.option.option.option.option.option.option.description.action (/usr/local/lib/node_modules/edgemicro/cli/cmd.js:246:21) at Command.listener (/usr/local/lib/node_modules/edgemicro/node_modules/commander/index.js:315:8) at emitTwo (events.js:126:13) at Command.emit (events.js:214:7) at Command.parseArgs (/usr/local/lib/node_modules/edgemicro/node_modules/commander/index.js:651:12) at Command.parse (/usr/local/lib/node_modules/edgemicro/node_modules/commander/index.js:474:21) at setup (/usr/local/lib/node_modules/edgemicro/cli/cmd.js:600:15) at Object.<anonymous> (/usr/local/lib/node_modules/edgemicro/cli/edgemicro:52:21) at Module._compile (module.js:653:30) at Object.Module._extensions..js (module.js:664:10) at Module.load (module.js:566:32) at tryModuleLoad (module.js:506:12) at Function.Module._load (module.js:498:3) at Function.Module.runMain (module.js:694:10) at startup (bootstrap_node.js:204:16)
at bootstrap_node.js:625:3
Add a symlink in the dockerfile
RUN ln -s /opt/apigee/.edgemicro /.edgemicro
That worked like a charm.
I am seeing some other issue as below, but if you have seen this let me know. I will update the repo and share with the changes for future openshift user.
I dont see the file edgemicro.pid in folder in pod terminal
Overriding port to tcp://10.95.48.189:8000 current Location---------------------- /opt/apigee whoami: unknown uid 1000060000 after edgemicro start---------------------- cd /opt/apigee && edgemicro start -o test-non-prod -e dev -k key -s secrest -p 1 -d /opt/apigee/plugins & 2020-02-21T14:56:51.562Z [26] [microgateway edgemicro] current nodejs version is v8.17.0 2020-02-21T14:56:51.564Z [26] [microgateway edgemicro] current edgemicro version is 3.1.1 2020-02-21T14:56:52.880Z [26] [microgateway-config network] jwt_public_key download from https://test-non-prod-dev.apigee.net/edgemicro-auth/publicKey returned 200 OK 2020-02-21T14:56:52.936Z [26] [microgateway-config network] products download from https://test-non-prod-dev.apigee.net/edgemicro-auth/products returned 200 OK 2020-02-21T14:56:55.391Z [26] [microgateway-config network] config download from https://edgemicroservices.apigee.net/edgemicro/bootstrap/organization/test-non-prod/environment/dev returned 200 OK 2020-02-21T14:56:55.413Z [26] [microgateway gateway] PROCESS PID : 26 fs.js:646 return binding.open(pathModule._makeLong(path), stringToFlags(flags), mode); ^ Error: EACCES: permission denied, open '/opt/apigee/edgemicro.pid' at Object.fs.openSync (fs.js:646:18) at Object.fs.writeFileSync (fs.js:1299:33) at Object.fs.appendFileSync (fs.js:1345:6) at startGateway (/usr/local/lib/node_modules/edgemicro/cli/lib/gateway.js:178:12) at /usr/local/lib/node_modules/edgemicro/node_modules/microgateway-config/lib/network.js:197:13 at /usr/local/lib/node_modules/edgemicro/node_modules/microgateway-config/lib/network.js:538:9 at /usr/local/lib/node_modules/edgemicro/node_modules/microgateway-config/node_modules/async/lib/async.js:726:13 at /usr/local/lib/node_modules/edgemicro/node_modules/microgateway-config/node_modules/async/lib/async.js:52:16 at done (/usr/local/lib/node_modules/edgemicro/node_modules/microgateway-config/node_modules/async/lib/async.js:246:17) at /usr/local/lib/node_modules/edgemicro/node_modules/microgateway-config/node_modules/async/lib/async.js:44:16 at /usr/local/lib/node_modules/edgemicro/node_modules/microgateway-config/node_modules/async/lib/async.js:723:17 at /usr/local/lib/node_modules/edgemicro/node_modules/microgateway-config/node_modules/async/lib/async.js:167:37 at _loadStatus (/usr/local/lib/node_modules/edgemicro/node_modules/microgateway-config/lib/network.js:587:9) at Request._callback (/usr/local/lib/node_modules/edgemicro/node_modules/microgateway-config/lib/network.js:333:29) at Request.self.callback (/usr/local/lib/node_modules/edgemicro/node_modules/microgateway-config/node_modules/request/request.js:185:22) at emitTwo (events.js:126:13) at Request.emit (events.js:214:7) at Request.<anonymous> (/usr/local/lib/node_modules/edgemicro/node_modules/microgateway-config/node_modules/request/request.js:1161:10) at emitOne (events.js:116:13) at Request.emit (events.js:211:7) at IncomingMessage.<anonymous> (/usr/local/lib/node_modules/edgemicro/node_modules/microgateway-config/node_modules/request/request.js:1083:12) at Object.onceWrapper (events.js:313:30) 2020-02-21T14:56:56.291Z [1] [microgateway plugins] using pluginDir 2020-02-21T14:56:56.292Z [1] [microgateway plugins] using plugin dir /opt/apigee/plugins
Add below to the dockerfile
USER root RUN chmod -R 777 /opt/apigee
User | Count |
---|---|
1 | |
1 | |
1 | |
1 | |
1 |