kubernetes - kubectl执行权限被拒绝

标签 kubernetes mariadb kubectl

我有一个运行mariadb容器的pod,我想备份我的数据库,但它失败并显示Permission denied

kubectl exec my-owncloud-mariadb-0 -it -- bash -c "mysqldump --single-transaction -h localhost -u myuser -ppassword mydatabase > owncloud-dbbackup_`date +"%Y%m%d"`.bak"

结果是
bash: owncloud-dbbackup_20191121.bak: Permission denied
command terminated with exit code 1

我收到sudo mysqldump,因此无法运行sudo command not found

我试图将备份文件导出到其他位置:/home,mysqldump所在的目录,/usr,...

这是我的 pods 的Yaml:
apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: "2019-11-20T14:16:58Z"
  generateName: my-owncloud-mariadb-
  labels:
    app: mariadb
    chart: mariadb-7.0.0
    component: master
    controller-revision-hash: my-owncloud-mariadb-77495ddc7c
    release: my-owncloud
    statefulset.kubernetes.io/pod-name: my-owncloud-mariadb-0
  name: my-owncloud-mariadb-0
  namespace: default
  ownerReferences:
  - apiVersion: apps/v1
    blockOwnerDeletion: true
    controller: true
    kind: StatefulSet
    name: my-owncloud-mariadb
    uid: 47f2a129-8d4e-4ae9-9411-473288623ed5
  resourceVersion: "2509395"
  selfLink: /api/v1/namespaces/default/pods/my-owncloud-mariadb-0
  uid: 6a98de05-c790-4f59-b182-5aaa45f3b580
spec:
  affinity:
    podAntiAffinity:
      preferredDuringSchedulingIgnoredDuringExecution:
      - podAffinityTerm:
          labelSelector:
            matchLabels:
              app: mariadb
              release: my-owncloud
          topologyKey: kubernetes.io/hostname
        weight: 1
  containers:
  - env:
    - name: MARIADB_ROOT_PASSWORD
      valueFrom:
        secretKeyRef:
          key: mariadb-root-password
          name: my-owncloud-mariadb
    - name: MARIADB_USER
      value: myuser
    - name: MARIADB_PASSWORD
      valueFrom:
        secretKeyRef:
          key: mariadb-password
          name: my-owncloud-mariadb
    - name: MARIADB_DATABASE
      value: mydatabase
    image: docker.io/bitnami/mariadb:10.3.18-debian-9-r36
    imagePullPolicy: IfNotPresent
    livenessProbe:
      exec:
        command:
        - sh
        - -c
        - exec mysqladmin status -uroot -p$MARIADB_ROOT_PASSWORD
      failureThreshold: 3
      initialDelaySeconds: 120
      periodSeconds: 10
      successThreshold: 1
      timeoutSeconds: 1
    name: mariadb
    ports:
    - containerPort: 3306
      name: mysql
      protocol: TCP
    readinessProbe:
      exec:
        command:
        - sh
        - -c
        - exec mysqladmin status -uroot -p$MARIADB_ROOT_PASSWORD
      failureThreshold: 3
      initialDelaySeconds: 30
      periodSeconds: 10
      successThreshold: 1
      timeoutSeconds: 1
    resources: {}
    terminationMessagePath: /dev/termination-log
    terminationMessagePolicy: File
    volumeMounts:
    - mountPath: /bitnami/mariadb
      name: data
    - mountPath: /opt/bitnami/mariadb/conf/my.cnf
      name: config
      subPath: my.cnf
    - mountPath: /var/run/secrets/kubernetes.io/serviceaccount
      name: default-token-pbgxr
      readOnly: true
  dnsPolicy: ClusterFirst
  enableServiceLinks: true
  hostname: my-owncloud-mariadb-0
  nodeName: 149.202.36.244
  priority: 0
  restartPolicy: Always
  schedulerName: default-scheduler
  securityContext:
    fsGroup: 1001
    runAsUser: 1001
  serviceAccount: default
  serviceAccountName: default
  subdomain: my-owncloud-mariadb
  terminationGracePeriodSeconds: 30
  tolerations:
  - effect: NoExecute
    key: node.kubernetes.io/not-ready
    operator: Exists
    tolerationSeconds: 300
  - effect: NoExecute
    key: node.kubernetes.io/unreachable
    operator: Exists
    tolerationSeconds: 300
  volumes:
  - name: data
    persistentVolumeClaim:
      claimName: data-my-owncloud-mariadb-0
  - configMap:
      defaultMode: 420
      name: my-owncloud-mariadb
    name: config
  - name: default-token-pbgxr
    secret:
      defaultMode: 420
      secretName: default-token-pbgxr
status:
  conditions:
  - lastProbeTime: null
    lastTransitionTime: "2019-11-20T14:33:22Z"
    status: "True"
    type: Initialized
  - lastProbeTime: null
    lastTransitionTime: "2019-11-20T14:34:03Z"
    status: "True"
    type: Ready
  - lastProbeTime: null
    lastTransitionTime: "2019-11-20T14:34:03Z"
    status: "True"
    type: ContainersReady
  - lastProbeTime: null
    lastTransitionTime: "2019-11-20T14:33:22Z"
    status: "True"
    type: PodScheduled
  containerStatuses:
  - containerID: docker://3898b6a20bd8c38699374b7db7f04ccef752ffd5a5f7b2bc9f7371e6a27c963a
    image: bitnami/mariadb:10.3.18-debian-9-r36
    imageID: docker-pullable://bitnami/mariadb@sha256:a89e2fab7951c622e165387ead0aa0bda2d57e027a70a301b8626bf7412b9366
    lastState: {}
    name: mariadb
    ready: true
    restartCount: 0
    state:
      running:
        startedAt: "2019-11-20T14:33:24Z"
  hostIP: 149.202.36.244
  phase: Running
  podIP: 10.42.2.56
  qosClass: BestEffort
  startTime: "2019-11-20T14:33:22Z"

他们是我想念的吗?

最佳答案

您可能没有权限写入容器内的位置。试试下面的命令

使用/ tmp或其他可以转储备份文件的位置

kubectl exec my-owncloud-mariadb-0 -it -- bash -c "mysqldump --single-transaction -h localhost -u myuser -ppassword mydatabase > /tmp/owncloud-dbbackup_`date +"%Y%m%d"`.bak"

关于kubernetes - kubectl执行权限被拒绝,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/58973591/

上一篇:shell - kubectl exec到pod中,如果通过自动化运行,则每次都无法使用TTY错误

下一篇:kubernetes - ingress-nginx 配置使用自定义变量

相关文章:

kubernetes - 如何在 Google Kubernetes Engine 上将集群节点设为私有(private)?

MySQL - 将现有部分文本与全文匹配

docker - Kubernetes 相当于 'docker run -it'

linux - 主节点的 Kops 滚动更新失败并显示 "Cluster did not pass validation"

yaml - 如何使用Kubernetes在一个Yaml文件中设置多个命令?

docker - Jenkins、Docker 和 Kubernetes(使用 minikube)

mysql - 使用 ODBC 读取整个 LOB 的最佳方法是什么?

Java 导入不起作用 - Ubuntu Eclipse OpenJDK

kubernetes - 如何使用 go-template 替换 kubectl 输出中的 JSON 值?

kubernetes - Digital Ocean Kubernetes 集群上没有与类型 ClusterIssuer 匹配的内容

©2024 IT工具网  联系我们