search

goharbor / harbor-arm

Build Harbor for arm architecture.
Apache License 2.0
72 stars 44 forks source link

registry-photon:dev-arm can't run #37

Open 631068264 opened 1 year ago

631068264 commented 1 year ago 
docker ps |grep harbor
7f8c71df0411   goharbor/harbor-jobservice:dev-arm    "/harbor/entrypoint.…"   5 hours ago   Up 5 hours (healthy)                                                                                                       harbor-jobservice
0df7d3201083   goharbor/nginx-photon:dev-arm         "nginx -g 'daemon of…"   5 hours ago   Up 5 hours (healthy)            0.0.0.0:18080->8080/tcp, :::18080->8080/tcp, 0.0.0.0:20000->8443/tcp, :::20000->8443/tcp   nginx
6efcc3f1113c   goharbor/harbor-core:dev-arm          "/harbor/entrypoint.…"   5 hours ago   Up 5 hours (healthy)                                                                                                       harbor-core
fbca1cdc40e6   goharbor/harbor-db:dev-arm            "/docker-entrypoint.…"   5 hours ago   Up 5 hours (healthy)                                                                                                       harbor-db
49d3f203536a   goharbor/harbor-portal:dev-arm        "nginx -g 'daemon of…"   5 hours ago   Up 5 hours (healthy)                                                                                                       harbor-portal
f3d47407acac   goharbor/chartmuseum-photon:dev-arm   "./docker-entrypoint…"   5 hours ago   Up 5 hours (healthy)                                                                                                       chartmuseum
339ff6eafd0d   goharbor/redis-photon:dev-arm         "redis-server /etc/r…"   5 hours ago   Up 5 hours (healthy)                                                                                                       redis
b626d36d9c8d   goharbor/harbor-registryctl:dev-arm   "/home/harbor/start.…"   5 hours ago   Up 5 hours (healthy)                                                                                                       registryctl
8146830d92a5   goharbor/registry-photon:dev-arm      "/home/harbor/entryp…"   5 hours ago   Restarting (2) 20 seconds ago                                                                                              registry
607f209bdea3   goharbor/harbor-log:dev-arm           "/bin/sh -c /usr/loc…"   5 hours ago   Up 5 hours (healthy)            127.0.0.1:1514->10514/tcp                                                                  harbor-log
goroutine 1 [running]:
github.com/docker/distribution/registry/handlers.NewApp(0xb321a0, 0x40004aea20, 0x400069aa80, 0x0)
        /go/src/github.com/docker/distribution/registry/handlers/app.go:316 +0x21e0
github.com/docker/distribution/registry.NewRegistry(0xb321a0, 0x40001cf170, 0x400069aa80, 0xe, 0x0, 0x0)
        /go/src/github.com/docker/distribution/registry/registry.go:105 +0x164
github.com/docker/distribution/registry.glob..func1(0x10b8fe0, 0x40000fd1a0, 0x1, 0x1)
        /go/src/github.com/docker/distribution/registry/registry.go:63 +0x138
github.com/docker/distribution/vendor/github.com/spf13/cobra.(*Command).execute(0x10b8fe0, 0x40000fd160, 0x1, 0x1, 0x10b8fe0, 0x40000fd160)
        /go/src/github.com/docker/distribution/vendor/github.com/spf13/cobra/command.go:495 +0x124
github.com/docker/distribution/vendor/github.com/spf13/cobra.(*Command).Execute(0x10b9180, 0x45074, 0xe)
        /go/src/github.com/docker/distribution/vendor/github.com/spf13/cobra/command.go:560 +0x234
main.main()
        /go/src/github.com/docker/distribution/cmd/registry/main.go:23 +0x30
Appending internal tls trust CA to ca-bundle ...
find: '/etc/harbor/ssl': No such file or directory
Internal tls trust CA appending is Done.
ls: /harbor_cust_cert: Permission denied
time="2022-11-13T08:26:05.45777568Z" level=info msg="debug server listening localhost:5001" 
time="2022-11-13T08:26:05.48292856Z" level=info msg="using redis blob descriptor cache" go.version=go1.15.12 instance.id=7f60a6f7-b136-4298-9d3a-27272780a86d service=registry version=v2.7.1.m 
panic: unable to configure authorization (htpasswd): open /etc/registry/passwd: permission denied

goroutine 1 [running]:
github.com/docker/distribution/registry/handlers.NewApp(0xb321a0, 0x4000488c30, 0x4000016380, 0x0)
        /go/src/github.com/docker/distribution/registry/handlers/app.go:316 +0x21e0
github.com/docker/distribution/registry.NewRegistry(0xb321a0, 0x4000547bf0, 0x4000016380, 0xe, 0x0, 0x0)
        /go/src/github.com/docker/distribution/registry/registry.go:105 +0x164
github.com/docker/distribution/registry.glob..func1(0x10b8fe0, 0x40000fce90, 0x1, 0x1)
        /go/src/github.com/docker/distribution/registry/registry.go:63 +0x138
github.com/docker/distribution/vendor/github.com/spf13/cobra.(*Command).execute(0x10b8fe0, 0x40000fce50, 0x1, 0x1, 0x10b8fe0, 0x40000fce50)
        /go/src/github.com/docker/distribution/vendor/github.com/spf13/cobra/command.go:495 +0x124
github.com/docker/distribution/vendor/github.com/spf13/cobra.(*Command).Execute(0x10b9180, 0x45074, 0xe)
        /go/src/github.com/docker/distribution/vendor/github.com/spf13/cobra/command.go:560 +0x234
main.main()
        /go/src/github.com/docker/distribution/cmd/registry/main.go:23 +0x30
Appending internal tls trust CA to ca-bundle ...
find: '/etc/harbor/ssl': No such file or directory
Internal tls trust CA appending is Done.
ls: /harbor_cust_cert: Permission denied
time="2022-11-13T08:27:06.27549568Z" level=info msg="debug server listening localhost:5001" 
time="2022-11-13T08:27:06.3006518Z" level=info msg="using redis blob descriptor cache" go.version=go1.15.12 instance.id=d9f88344-b615-4988-8e61-49f40812ec5b service=registry version=v2.7.1.m 
panic: unable to configure authorization (htpasswd): open /etc/registry/passwd: permission denied

goroutine 1 [running]:
github.com/docker/distribution/registry/handlers.NewApp(0xb321a0, 0x40002835f0, 0x400016e700, 0x0)
        /go/src/github.com/docker/distribution/registry/handlers/app.go:316 +0x21e0
github.com/docker/distribution/registry.NewRegistry(0xb321a0, 0x4000507ec0, 0x400016e700, 0xe, 0x0, 0x0)
        /go/src/github.com/docker/distribution/registry/registry.go:105 +0x164
github.com/docker/distribution/registry.glob..func1(0x10b8fe0, 0x40000fcd90, 0x1, 0x1)
        /go/src/github.com/docker/distribution/registry/registry.go:63 +0x138
github.com/docker/distribution/vendor/github.com/spf13/cobra.(*Command).execute(0x10b8fe0, 0x40000fcd50, 0x1, 0x1, 0x10b8fe0, 0x40000fcd50)
        /go/src/github.com/docker/distribution/vendor/github.com/spf13/cobra/command.go:495 +0x124
github.com/docker/distribution/vendor/github.com/spf13/cobra.(*Command).Execute(0x10b9180, 0x45074, 0xe)
        /go/src/github.com/docker/distribution/vendor/github.com/spf13/cobra/command.go:560 +0x234
main.main()
        /go/src/github.com/docker/distribution/cmd/registry/main.go:23 +0x30
Jeremy-boo commented 1 year ago

According to the error message, it should be the permission issue of starting the registry mount path. Can you provide the command to start harbor and the relevant permission information for the host directory to be mounted when harbor starts?

631068264 commented 1 year ago

@Jeremy-boo I use harbor-online-installer-v2.3.5.tgz with the arm image to start.

start harbor

./install.sh --with-chartmuseum

In docker-compose.yml

 registry:
    image: goharbor/registry-photon:dev-arm
    container_name: registry
    restart: always
    cap_drop:
      - ALL
    cap_add:
      - CHOWN
      - SETGID
      - SETUID
    volumes:
      - /data/registry:/storage:z
      - ./common/config/registry/:/etc/registry/:z
      - type: bind
        source: /data/secret/registry/root.crt
        target: /etc/registry/root.crt
      - type: bind
        source: ./common/config/shared/trust-certificates
        target: /harbor_cust_cert
    networks:
      - harbor
    dns_search: .
    depends_on:
      - log
    logging:
      driver: "syslog"
      options:
        syslog-address: "tcp://localhost:1514"
        tag: "registry"
ll  ./common/config/registry
总用量 8
-rw-r----- 1 10000 10000 634 11月 14 16:34 config.yml
-rw-r----- 1 root  root   82 11月 14 16:34 passwd
-rwxr-xr-x 1 root  root    0 11月 14 16:34 root.crt

ll  ./common/config
总用量 0
drwxr-xr-x 2 root  root  17 11月 14 16:34 chartserver
drwxr-x--- 3 root  root  53 11月 14 16:34 core
drwxr-xr-x 2 root  root  17 11月 14 16:34 db
drwxr-xr-x 2 10000 10000 35 11月 14 16:34 jobservice
drwxr-xr-x 2 root  root  55 11月 14 16:34 log
drwxrwxrwx 3 root  root  38 11月 14 16:34 nginx
drwxr-xr-x 2 10000 10000 24 11月 14 16:34 portal
drw-r-xr-x 2 root  root  54 11月 14 16:34 registry
drwxr-xr-x 2 root  root  35 11月 14 16:34 registryctl
drwxr-x--- 3 root  root  32 11月 14 16:34 shared

ll /data/
总用量 0
drwxr-xr-x 2   10000 10000  6 11月  8 14:21 ca_download
drwxr-xr-x 2   10000 10000  6 11月  8 14:21 chart_storage
drwx------ 3 unbound input 18 11月  8 14:21 database
drwxr-xr-x 2   10000 10000  6 11月  8 14:21 job_logs
drwxr-xr-x 4 root    root  32 11月  9 15:58 minio
drwxr-xr-x 2 root    root   6 11月  7 16:07 nfs
drwxr-xr-x 2 root    root   6 11月  7 15:57 nfsdata
drwxr-xr-x 2 unbound input 22 11月 15 10:33 redis
drwxr-xr-x 2   10000 10000  6 11月  8 14:21 registry
drwxr-xr-x 2   10000 10000  6 11月  8 14:21 scandata_exports
drwxr-x--- 6 root    root  58 11月 14 16:34 secret

ll /data/registry/
总用量 0
631068264 commented 1 year ago

@Jeremy-boo Hi ,I need your help

Jeremy-boo commented 1 year ago

based on the informaiton you provided, the directory permission of these data is root,You can give these directories more relaxed permissions to try, such as 700

image

631068264 commented 1 year ago

Oh thanks 

chmod 777 -R  registry registryctl

docker restart registry registryctl

It can run but why?