【发布时间】:2021-12-29 16:39:58
【问题描述】:
我在 gitlab 使用 gitlab-runner 用户运行 podman 命令时遇到问题,我无法看到我的用户创建的容器。我按照Change Gitlab CI Runner user 中的描述更改了用户。
我再次运行了 gitlab 管道,它成功完成了 3 个步骤,并在其中创建了一个 podman pod 和 2 个其他容器。突然,它被最后一个容器的 podman 运行停止了。我检查了服务器并给了podman ps -a,但按回车后没有任何反应,我仍然可以在命令行中写入!
我写了podman images list,我可以看到图像列表(2 个图像具有相同的 id,我无法删除它们!!)。
我试过sudo podman ps,它奏效了!
有些命令可以正常工作,有些命令不能作为无根命令工作。我的用户不能从 Gitlab 执行 podman run,但在服务器上我的用户可以运行 podman run hello-world!
我没有收到任何错误,只是它仍处于该状态,我必须取消作业。
我使用的是 centos 8、podman 3.3.1。 sudo podman 信息:
host:
arch: amd64
buildahVersion: 1.22.3
cgroupControllers:
- cpuset
- cpu
- cpuacct
- blkio
- memory
- devices
- freezer
- net_cls
- perf_event
- net_prio
- hugetlb
- pids
- rdma
cgroupManager: systemd
cgroupVersion: v1
conmon:
package: conmon-2.0.29-1.module+el8.5.0+12582+56d94c81.x86_64
path: /usr/bin/conmon
version: 'conmon version 2.0.29, commit: 0f5bee61b18d4581668e5bf18b910cda3cff5081'
cpus: 40
distribution:
distribution: '"rhel"'
version: "8.5"
eventLogger: file
hostname: DELL2
idMappings:
gidmap: null
uidmap: null
kernel: 4.18.0-348.2.1.el8_5.x86_64
linkmode: dynamic
memFree: 55734177792
memTotal: 134510010368
ociRuntime:
name: runc
package: runc-1.0.2-1.module+el8.5.0+12582+56d94c81.x86_64
path: /usr/bin/runc
version: |-
runc version 1.0.2
spec: 1.0.2-dev
go: go1.16.7
libseccomp: 2.5.1
os: linux
remoteSocket:
exists: true
path: /run/podman/podman.sock
security:
apparmorEnabled: false
capabilities: CAP_NET_RAW,CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
rootless: false
seccompEnabled: true
seccompProfilePath: /usr/share/containers/seccomp.json
selinuxEnabled: true
serviceIsRemote: false
slirp4netns:
executable: /bin/slirp4netns
package: slirp4netns-1.1.8-1.module+el8.5.0+12582+56d94c81.x86_64
version: |-
slirp4netns version 1.1.8
commit: d361001f495417b880f20329121e3aa431a8f90f
libslirp: 4.4.0
SLIRP_CONFIG_VERSION_MAX: 3
libseccomp: 2.5.1
swapFree: 4294963200
swapTotal: 4294963200
uptime: 11h 30m 52.88s (Approximately 0.46 days)
registries:
search:
- registry.fedoraproject.org
- registry.access.redhat.com
- registry.centos.org
- docker.io
store:
configFile: /etc/containers/storage.conf
containerStore:
number: 0
paused: 0
running: 0
stopped: 0
graphDriverName: overlay
graphOptions:
overlay.mountopt: nodev,metacopy=on
graphRoot: /var/lib/containers/storage
graphStatus:
Backing Filesystem: xfs
Native Overlay Diff: "false"
Supports d_type: "true"
Using metacopy: "true"
imageStore:
number: 2
runRoot: /run/containers/storage
volumePath: /var/lib/containers/storage/volumes
version:
APIVersion: 3.3.1
Built: 1632213702
BuiltTime: Tue Sep 21 10:41:42 2021
GitCommit: ""
GoVersion: go1.16.7
OsArch: linux/amd64
Version: 3.3.1
【问题讨论】: