admin管理员组文章数量:1333690
I am trying to use CDK to deploy an etcd image with ECS and an EFS attached to it. In our stack we have an EFS and an ECS cluster with all the configuration. ECS is running as root.
When deploying our stack successfully deploys all the resources but get stuck in the last part, when provisioning the service.
This is my stack:
// Volume
const fileSystem = new FileSystem(this, fileSystemName, {
fileSystemName: fileSystemName,
vpc,
encrypted: false,
});
fileSystem.connections.allowDefaultPortFromAnyIpv4('open');
// Role
const executionRole = new Role(this, `${id}-role`, {
assumedBy: new ServicePrincipal('ecs-tasks.amazonaws'),
});
executionRole.attachInlinePolicy(
new Policy(this, `${id}-policy`, {
statements: [
new PolicyStatement({
effect: Effect.ALLOW,
actions: ['SES:*'],
resources: ['*'],
}),
],
}),
);
// taskDefinition
const taskDefinition = new FargateTaskDefinition(this, `${id}-task`, {
executionRole,
volumes: [
{
name: volumeName,
efsVolumeConfiguration: {
fileSystemId: fileSystem.fileSystemId,
},
},
],
});
// container
const ct = taskDefinition.addContainer(`${id}-td`, {
interactive: true,
pseudoTerminal: true,
image: ContainerImage.fromEcrRepository(
Repository.fromRepositoryName(this, `${id}-etcd-repo`, imageName),
imageTag,
),
containerName: ETCD_NAME,
portMappings: [{ containerPort: 2379 }],
environment: {
ETCD_LISTEN_CLIENT_URLS: ':2379',
ETCD_ADVERTISE_CLIENT_URLS: ':2379',
ALLOW_NONE_AUTHENTICATION: 'yes',
ETCD_ENABLE_V2: 'true',
},
logging: LogDriver.awsLogs({
streamPrefix: `${id}-log`,
mode: AwsLogDriverMode.NON_BLOCKING,
logRetention: RetentionDays.TWO_WEEKS,
}),
});
ct.addMountPoints({
containerPath: '/bitnami/etcd',
readOnly: false,
sourceVolume: volumeName,
});
// Policies
const efsMount = new PolicyStatement({
actions: [
'elasticfilesystem:ClientRootAccess',
'elasticfilesystem:ClientWrite',
'elasticfilesystem:ClientMount',
'elasticfilesystem:DescribeMountTargets',
'elasticfilesystem:DescribeFileSystems',
],
resources: ['*'],
});
taskDefinition.addToTaskRolePolicy(efsMount);
// Service
const svc = new ApplicationLoadBalancedFargateService(this, `${id}-svc`, {
serviceName: `${id}-svc`,
cluster,
listenerPort: 2379,
enableExecuteCommand: true,
publicLoadBalancer: true,
loadBalancerName: `${id}-lb`,
domainZone: zone,
securityGroups: [securityGroup],
taskDefinition,
});
fileSystem.connections.allowFrom(svc.service, fsPort, 'allow access directly to service');
Messages:
0m ==> Initializing etcd
0m ==> Generating etcd config file using env variables
0m ==> There is no data from previous deployments
0m ==> Starting etcd in background
0m ==> ** etcd setup finished! **
0m ==> ** Starting etcd **
... load many env vars
{
"level": "info",
"ts": "2024-11-20T12:09:14.017673Z",
"caller": "embed/etcd.go:311",
"msg": "starting an etcd server",
"etcd-version": "3.5.17",
"git-sha": "507c0de",
"go-version": "go1.22.9",
"go-os": "linux",
"go-arch": "amd64",
"max-cpu-set": 2,
"max-cpu-available": 2,
"member-initialized": false,
"name": "default",
"data-dir": "/bitnami/etcd/data",
"wal-dir": "",
"wal-dir-dedicated": "",
"member-dir": "/bitnami/etcd/data/member",
"force-new-cluster": false,
"heartbeat-interval": "100ms",
"election-timeout": "1s",
"initial-election-tick-advance": true,
"snapshot-count": 100000,
"max-wals": 5,
"max-snapshots": 5,
"snapshot-catchup-entries": 5000,
"initial-advertise-peer-urls": [
"http://localhost:2380"
],
"listen-peer-urls": [
"http://localhost:2380"
],
"advertise-client-urls": [
":2379"
],
"listen-client-urls": [
":2379"
],
"listen-metrics-urls": [],
"cors": [
"*"
],
"host-whitelist": [
"*"
],
"initial-cluster": "default=http://localhost:2380",
"initial-cluster-state": "new",
"initial-cluster-token": "etcd-cluster",
"quota-backend-bytes": 2147483648,
"max-request-bytes": 1572864,
"max-concurrent-streams": 4294967295,
"pre-vote": true,
"initial-corrupt-check": false,
"corrupt-check-time-interval": "0s",
"compact-check-time-enabled": false,
"compact-check-time-interval": "1m0s",
"auto-compaction-mode": "periodic",
"auto-compaction-retention": "0s",
"auto-compaction-interval": "0s",
"discovery-url": "",
"discovery-proxy": "",
"downgrade-check-interval": "5s"
}
{
"level": "info",
"ts": "2024-11-20T12:09:14.020038Z",
"caller": "embed/etcd.go:378",
"msg": "closing etcd server",
"name": "default",
"data-dir": "/bitnami/etcd/data",
"advertise-peer-urls": [
"http://localhost:2380"
],
"advertise-client-urls": [
":2379"
]
}
{
"level": "info",
"ts": "2024-11-20T12:09:14.020290Z",
"caller": "embed/etcd.go:380",
"msg": "closed etcd server",
"name": "default",
"data-dir": "/bitnami/etcd/data",
"advertise-peer-urls": [
"http://localhost:2380"
],
"advertise-client-urls": [
":2379"
]
}
# Error message
{
"level": "warn",
"ts": "2024-11-20T10:48:23.675544Z",
"caller": "etcdmain/etcd.go:146",
"msg": "failed to start etcd",
"error": "cannot access data directory: mkdir /bitnami/etcd/data: read-only file system"
}
Any help is appreciated.
Thanks,
本文标签:
版权声明:本文标题:amazon web services - EFS access from ECS - ERROR: cannot access data directory: mkdir bitnamietcddata: read-only file system - 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1742356740a2459563.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论