Snap `/tmp` folder + Docker mounting point
leonakao opened this issue · comments
Describe the bug
An error occurred when I try run the command kool deploy logs -f app
.
Follow the error:
kool --verbose deploy logs -f app
api - calling URL: https://kool.dev/api/deploy/exec?
api - got response: {"server":"https:\/\/808A64640E3217D47085F09CEBCDC1B8.gr7.us-east-1.eks.amazonaws.com","token":"...","ca.crt":"...","namespace":"dev-none-default-loly-loly-web-developkooldev","path":"deployment\/app"}
$ (TTY in: true out: true) kool [docker -- -v /tmp/.kool-cluster-CA:/tmp/.kool-cluster-CA kooldev/toolkit:full kubectl --server https://808A64640E3217D47085F09CEBCDC1B8.gr7.us-east-1.eks.amazonaws.com --token XXX --namespace dev-none-default-loly-loly-web-developkooldev --certificate-authority /tmp/.kool-cluster-CA logs -f --tail 25 deployment/app -c default]
[recursive call]
$ (TTY in: true out: true) docker [run --init --rm -w /app -i -t --env ASUSER=1000 --volume /home/leonakao/projects/loly/web:/app:delegated -v /tmp/.kool-cluster-CA:/tmp/.kool-cluster-CA kooldev/toolkit:full kubectl --server https://808A64640E3217D47085F09CEBCDC1B8.gr7.us-east-1.eks.amazonaws.com --token XXX --namespace dev-none-default-loly-loly-web-developkooldev --certificate-authority /tmp/.kool-cluster-CA logs -f --tail 25 deployment/app -c default]
error: read /tmp/.kool-cluster-CA: is a directory
2021/05/11 17:06:36.851613 exit status 1
Kool version and environment
kool version 1.11.0
Docker version 19.03.13
Elementary OS:
- Distributor ID: elementary
- Description: elementary OS 5.1.7 Hera
- Release: 5.1.7
- Codename: hera
Base OS:
- Distributor ID: Ubuntu
- Description: Ubuntu 18.04.4 LTS
- Release: 18.04
- Codename: bionic
Additional context
Docker was installed using snapcraft but I don't know if have some relation in this case.
@leonakaodev do you have /tmp/.kool-cluster-CA
in your host machine? If you don't, docker will bind it as a folder into the container, indeed.
@fabriciojs if the absence of this file is generating this error, could we add an extra validation for it? Even if it is not the real issue here, it could probably occur, I guess...just supposing, haven't seen the code to check...
@leonakaodev do you have
/tmp/.kool-cluster-CA
in your host machine? If you don't, docker will bind it as a folder into the container, indeed.
@danielsuguimoto I didn't have this file on my machine. Shouldn't the kool generate it in this case before the docker bind it as a folder?
ps: I solved the problem by installing manually kubectl
This is an issue with the kubectl
on kool docker
strategy, when no kubectl
is available in the host OS.
It seems indeed that the file was not available which would make the map become a folder, like @danielsuguimoto mentioned.
We shall review the file creation error handling, and look into Snap Docker confinement strategy, since I believe it may be changing the /tmp
access for Docker, which causes the issue.
We already have the file creation properly validated, the issue here indeed is due to Snap handling of /tmp
folders:
https://forum.snapcraft.io/t/read-write-access-to-tmp/21743
https://stackoverflow.com/questions/65267251/docker-bind-mount-directory-in-tmp-not-working
We can revisit the credentials generation/creation in #300 updates for v2.