Skip to first unread message
yssk22
Feb 24, 2013, 4:43:42 AM2/24/13
to vcap...@cloudfoundry.org
Hi,
I tried the deployment of cf_release (v129) in my local and completed successfully except for vmc file(or logs) command. I debugged my instances and found the root cause was the permission issue.
When cloud_controller (not ng) and stasger making a droplet.tgz, they make the archive with the top-level directory permission of '0700'. As a result, the droplet permission dea(ng) became as follows:
$ sudo ls -al /var/opt/vcap/vcap_warden/container_depot_path/16mek1k7m0p/tmp/rootfs/app
total 40
drwx------ 5 20006 20006 4096 Feb 24 09:31 .
And the file viewer on dea cannot reach this directory so that vmc file command could not work:
$ vmc file my-app
Getting file contents... FAILED
Invalid path / for app identity-develop
Should I make some configurations for the droplet permission?
Thanks.
James Bayer
Feb 24, 2013, 8:15:29 PM2/24/13
to vcap...@cloudfoundry.org
I do not believe we have a known working configuration using cloud_controller v1 (not _ng) and dea_ng. That's not to say that it won't work, but I'm not familiar with an env we use that has that configuration.
Dr Nic Williams
Feb 24, 2013, 9:30:29 PM2/24/13
to vcap...@cloudfoundry.org
Dr Nic Williams
Feb 24, 2013, 9:31:26 PM2/24/13
to vcap...@cloudfoundry.org
The current dea & cc messaging API is documented (sort of) at http://apidocs.cloudfoundry.com/dea
Nic
Yohei Sasaki
Feb 24, 2013, 10:01:07 PM2/24/13
to vcap...@cloudfoundry.org
What do you mean 'curent'? I think NATS API has no relation with this issue...?
In my investigation, there would be an architecture issue on the mix
use of Stager/CC(v1)/DEA_NG.
1. Stager make a droplet tgz with '0700' directory.
2. DEA_NG make a start up script which set umask '077' -> so the logs
are created as '0700'.
3. Warden launch the application process with the dedicated user,
which is different from the process user of DEA_NG.
4. DEA_NG serves the file viewer by directly accessing warden
container directory, which is refused by permission issue.
The permission issue can be resolved by changing #1 and #2 behavior,
which I'm not sure is correct...
2013/2/25 Dr Nic Williams <drnicw...@gmail.com>:
--
Yohei SASAKI
http://www.yssk22.info/
In my investigation, there would be an architecture issue on the mix
use of Stager/CC(v1)/DEA_NG.
1. Stager make a droplet tgz with '0700' directory.
2. DEA_NG make a start up script which set umask '077' -> so the logs
are created as '0700'.
3. Warden launch the application process with the dedicated user,
which is different from the process user of DEA_NG.
4. DEA_NG serves the file viewer by directly accessing warden
container directory, which is refused by permission issue.
The permission issue can be resolved by changing #1 and #2 behavior,
which I'm not sure is correct...
2013/2/25 Dr Nic Williams <drnicw...@gmail.com>:
Yohei SASAKI
http://www.yssk22.info/
Dr Nic Williams
Feb 24, 2013, 10:02:11 PM2/24/13
to vcap...@cloudfoundry.org
Sorry, I meant DEA API; and by "current" I mean v1.
K_James
Apr 11, 2013, 11:03:31 PM4/11/13
to vcap...@cloudfoundry.org
hi, yssk22,
you have deployed cf-release on your laptop successfully? amazing job. is there any doc or manual?
在 2013年2月24日星期日UTC+8下午5时43分42秒,yssk22写道:
在 2013年2月24日星期日UTC+8下午5时43分42秒,yssk22写道:
K_James
Apr 11, 2013, 11:03:41 PM4/11/13
to vcap...@cloudfoundry.org
hi, yssk22,
you have deployed cf-release on your laptop successfully? amazing job. is there any doc or manual?
在 2013年2月24日星期日UTC+8下午5时43分42秒,yssk22写道:
在 2013年2月24日星期日UTC+8下午5时43分42秒,yssk22写道:
Hi,
Reply all
Reply to author
Forward
0 new messages