[英]Permission denied error when running Go server as Docker container
I would like to deploy my Go server to Google Cloud Run.我想将我的 Go 服务器部署到 Google Cloud Run。 I copied the Dockerfile from this guide.
我从 本指南中复制了 Dockerfile。
FROM golang:1.13 as builder
WORKDIR /app
COPY go.* ./
RUN go mod download
COPY . ./
RUN CGO_ENABLED=0 GOOS=linux go build -v -o server
RUN chmod a+x server
FROM alpine:3
RUN apk add --no-cache ca-certificates
COPY --from=builder /app/server /server
CMD ["/server"]
Before deploying it to Cloud Run, I wanted to test it locally by building the image with docker build -t server.
在将它部署到 Cloud Run 之前,我想通过使用
docker build -t server.
and running the container with docker run server
.并使用
docker run server
运行容器。
It fails with the following error:它失败并出现以下错误:
docker: Error response from daemon: OCI runtime create failed: container_linux.go:346: starting container process caused "exec: \"/server\": permission denied": unknown.
Thanks for your help.谢谢你的帮助。
Potential Problem 1潜在问题 1
If changing alpine
to debian
work for you, it means this is an issue with cross-compilation.如果将
alpine
更改为debian
对您有用,这意味着这是交叉编译的问题。
The golang
image is debian based, and uses glibc, alpine
image uses musl libc. golang
镜像基于debian,使用glibc, alpine
镜像使用musl libc。 Sometimes these have incompatibilities and expose themselves in worst possible error messages.有时它们存在不兼容性,并在最坏的错误消息中暴露自己。
So I suspect this is not a Cloud Run issue but something before that.所以我怀疑这不是 Cloud Run 问题,而是之前的问题。 To verify, you can also run your container locally as if it's running on Cloud Run https://cloud.google.com/run/docs/testing/local
要进行验证,您还可以在本地运行容器,就像它在 Cloud Run https://cloud.google.com/run/docs/testing/local上运行一样
Potential Problem 2潜在问题 2
Something similar happened to me once and it turns out the package I was building was not package main
.我曾经发生过类似的事情,结果证明我正在建造的 package 不是
package main
。 So instead of producing an executable binary, I was producing an object file (.o), and of course no matter how hard I "chmod +x", that was not launching.因此,我没有生成可执行的二进制文件,而是生成了 object 文件 (.o),当然,无论我多么努力地“chmod +x”,它都不会启动。
Verify the go package path you are building actually is a package main
.验证您正在构建的 go package 路径实际上是
package main
。
try adding RUN chmod a+x
to final build.尝试将
RUN chmod a+x
添加到最终版本。
COPY --from=builder /app/server /server
RUN chmod a+x /server
CMD ["/server"]
I was getting the permission denied error as well after using the Dockerfile provided by this Firebase Tutorial for GoLang on Cloud Run.在使用此 Firebase Cloud Run 上的GoLang 教程提供的 Dockerfile 后,我也收到了权限被拒绝的错误。
Apparently it can be because alpine linux is so stripped down that it is missing critical packages needed for your container to build or run properly.显然,这可能是因为 alpine linux 被精简到缺少容器正常构建或运行所需的关键包。
For my situation, it was missing git
.对于我的情况,它丢失了
git
。 I added git
to the RUN line, just after ca-certificates to ensure it was installed.我将
git
添加到 RUN 行,就在 ca-certificates 之后以确保它已安装。 My Cloud Run instance works properly after this change.此更改后,我的 Cloud Run 实例可以正常工作。
See this comment on the Docker Library GoLang Github for more details.有关详细信息,请参阅关于 Docker 库 GoLang Github 的评论。
# Use the official Golang image to create a build artifact.
# This is based on Debian and sets the GOPATH to /go.
FROM golang:1.19 as builder
# Create and change to the app directory.
WORKDIR /app
# Retrieve application dependencies using go modules.
# Allows container builds to reuse downloaded dependencies.
COPY go.* ./
RUN go mod download
# Copy local code to the container image.
COPY . ./
# Build the binary.
# -mod=readonly ensures immutable go.mod and go.sum in container builds.
RUN CGO_ENABLED=0 GOOS=linux go build -mod=readonly -v -o server
# Use the official Alpine image for a lean production container.
# https://hub.docker.com/_/alpine
# https://docs.docker.com/develop/develop-images/multistage-build/#use-multi-stage-builds
FROM alpine:3
RUN apk add --no-cache ca-certificates git
# Copy the binary to the production image from the builder stage.
COPY --from=builder /app/server /server
# Run the web service on container startup.
CMD ["/server"]
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.