GKE 错误:监听 EACCES:任何端口的权限被拒绝
[英]GKE Error: listen EACCES: permission denied on any port
问题描述
I'm attempting to start my Express.js application on GKE, however no matter which port I specify, I always get an error like so:
我试图在 GKE 上启动我的 Express.js 应用程序,但是无论我指定哪个端口,我总是收到如下错误:
Error: listen EACCES: permission denied tcp://10.3.253.94:3000
at Server.setupListenHandle [as _listen2] (net.js:1296:21)
at listenInCluster (net.js:1361:12)
at Server.listen (net.js:1458:5)
at Function.listen (/srv/node_modules/express/lib/application.js:618:24)
at Object.<anonymous> (/srv/src/index.js:42:5)
at Module._compile (internal/modules/cjs/loader.js:1137:30)
at Object.Module._extensions..js (internal/modules/cjs/loader.js:1157:10)
at Module.load (internal/modules/cjs/loader.js:985:32)
at Function.Module._load (internal/modules/cjs/loader.js:878:14)
at Function.executeUserEntryPoint [as runMain] (internal/modules/run_main.js:71:12)
I've tried multiple ports (8080, 8000, 3000).我尝试了多个端口(8080、8000、3000)。 I've set the user to root in the Docker image.我已将用户设置为 Docker 映像中的root 。
Here's my setup:这是我的设置:
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: api
name: api
namespace: default
spec:
replicas: 1
selector:
matchLabels:
app: api
template:
metadata:
labels:
app: api
spec:
dnsPolicy: ClusterFirst
restartPolicy: Always
containers:
- image: gcr.io/ellioseven-kbp/journal-api:1.0.14
imagePullPolicy: IfNotPresent
ports:
- containerPort: 3000
name: api
apiVersion: v1
kind: Service
metadata:
labels:
app: api
name: api
namespace: default
spec:
ports:
- port: 3000
protocol: TCP
targetPort: 3000
selector:
app: api
type: NodePort
FROM node:12-alpine
ENV PATH /srv/node_modules/.bin:$PATH
ENV API_PORT 3000
ENV REDIS_HOST redis
COPY . /srv
WORKDIR /srv
ENV PATH /srv/node_modules/.bin:$PATH
RUN yarn install
CMD yarn start
EXPOSE 3000
USER root
const port = process.env.API_PORT || 3000
app.listen(port, () => console.log("Listening on " + port))
I'm at a complete loss trying to solve this, any help would be greatly appreciated.我完全无法解决这个问题,任何帮助将不胜感激。
2 个解决方案
解决方案1
1 2020-09-27 07:44:20
Looks like it's not able just bind to the 3000 port.看起来它不能只绑定到3000端口。 It could be any of:它可以是以下任何一种:
Not binding to
0.0.0.0.不绑定到0.0.0.0。 You can try:你可以试试:app.listen('3000','0.0.0.0',()=>{ console.log("server is listening on 3000 port"); })You are running as non-privileged user in the container.
您在容器中以非特权用户身份运行。 See if you can start a test pod and run the command once it started.看看你是否可以启动一个测试 pod 并在它启动后运行命令。apiVersion: apps/v1 kind: Deployment metadata: labels: app: api name: api namespace: default spec: replicas: 1 selector: matchLabels: app: api template: metadata: labels: app: api spec: dnsPolicy: ClusterFirst restartPolicy: Always containers: - image: gcr.io/ellioseven-kbp/journal-api:1.0.14 imagePullPolicy: IfNotPresent command: [ "/bin/bash", "-c", "--" ] 👈 args: [ "while true; do sleep 30; done;" ] 👈 ports: - containerPort: 3000 name: apiThen you can connect to the pod and try to start your app
然后你可以连接到 pod 并尝试启动你的应用程序kubectl exec -it <pod-name> bash
✌️ ✌️
解决方案2
0 2021-01-05 18:27:27
Your issue is on environment variable conflicting with the service name .您的问题是与服务名称冲突的环境变量。
According to Kubernetes docs 根据 Kubernetes 文档
For a service named
foothat maps to a Container namedbar, the following variables are defined:bar的容器的名为foo的服务,定义了以下变量:FOO_SERVICE_HOST=<the host the service is running on> FOO_SERVICE_PORT=<the port the service is running on>
Change either the service name or the environment variable更改服务名称或环境变量
For eg use API_PORT_NUMBER instead of API_PORT例如使用API_PORT_NUMBER而不是API_PORT
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.