记mac下尝鲜colima的坎坷经历 2022-06-03 22:11:34 最近尝试使用轻量级的colima替代docker,由于墙的原因,下载安装各种障碍,解决记录以备用。 ## 安装最新版colima的各种报错问题 发现0.2.x版本运行容器,映射的文件目录不能正常写入,提示Read-only file system。 在GitHub上翻了下Issue说是最新版本解决了,于是尝试切换到最新版本。 `brew install --head colima`,走起~ 解决一通报错,先是无法正常从GitHub clone代码,这个问题,一条命令解决: ``` git config --global url."https://github.91chi.fun//https://github.com/".insteadOf https://github.com/ ``` 然后,在继续,发现: ``` ==> go build -ldflags=-X github.com/abiosoft/colima/config.appVersion=HEAD-3c03f80 -X github.com/abiosoft/colima/config.revision=3c03f809f984301ac16e966a35dfefd9178bc44c ./cmd/colima Last 15 lines from /Users/stan/Library/Logs/Homebrew/colima/01.go: go: downloading github.com/containers/gvisor-tap-vsock v0.3.0 go: downloading github.com/docker/go-units v0.4.0 go: downloading gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b go: downloading github.com/fatih/color v1.12.0 go: downloading golang.org/x/crypto v0.0.0-20220411220226-7b82a4e95df4 daemon/process/gvproxy/gvproxy.go:16:2: github.com/containers/gvisor-tap-vsock@v0.3.0: Get "https://proxy.golang.org/github.com/containers/gvisor-tap-vsock/@v/v0.3.0.zip": dial tcp 172.217.160.113:443: i/o timeout ... ``` 很明显,在使用go build下载包的时候被墙了,这个从以往的经验来也好解决,参考`https://goproxy.cn/`设置个代理应该就可以了。 结果设置上GOPROXY后,在尝试安装,依然报错,非常奇怪,代理设置不生效~ 又在网上翻了翻homebrew安装go相关类似的报错,找到一篇很有参考意义的文章:<http://soiiy.com/go/15972.html> 和我的推测也是很类似,于是参考找到了解决方案。 ### 解决方案 首先执行安装时,添加`-v`参考,看下详细的日志: 再次执行:`brew install --head colima -v` ``` util/yamlutil/yaml.go:13:2: gopkg.in/yaml.v3@v3.0.0-20210107192922-496545a6307b: Get "https://proxy.golang.org/gopkg.in/yaml.v3/@v/v3.0.0-20210107192922-496545a6307b.zip": dial tcp 142.251.42.241:443: i/o timeout ==> Formula Path: /usr/local/Homebrew/Library/Taps/homebrew/homebrew-core/Formula/colima.rb ==> Configuration HOMEBREW_VERSION: 3.4.11 ORIGIN: https://github.com/Homebrew/brew HEAD: 30e3d8883cde265cbc16ff94b49a3ac14137590e Last commit: 3 weeks ago Core tap ORIGIN: https://github.com/Homebrew/homebrew-core Core tap HEAD: 9c00045d29b82817df1c0c52e20657edd2b41625 Core tap last commit: 31 minutes ago Core tap branch: master HOMEBREW_PREFIX: /usr/local HOMEBREW_CASK_OPTS: [] HOMEBREW_CORE_GIT_REMOTE: https://github.com/Homebrew/homebrew-core HOMEBREW_EDITOR: vim HOMEBREW_MAKE_JOBS: 12 no_proxy: localhost,127.0.0.1,localaddress,.localdomain.com,.github.com Homebrew Ruby: 2.6.8 => /System/Library/Frameworks/Ruby.framework/Versions/2.6/usr/bin/ruby CPU: dodeca-core 64-bit kabylake Clang: 13.1.6 build 1316 Git: 2.32.1 => /Applications/Xcode.app/Contents/Developer/usr/bin/git Curl: 7.79.1 => /usr/bin/curl macOS: 12.4-x86_64 CLT: 13.4.0.0.1.1651278267 Xcode: 13.4.1 ==> ENV HOMEBREW_CC: clang HOMEBREW_CXX: clang++ MAKEFLAGS: -j12 CMAKE_PREFIX_PATH: /usr/local/opt/libffi:/usr/local/opt/openssl@1.1:/usr/local/opt/readline:/usr/local/opt/sqlite:/usr/local/opt/m4:/usr/local/opt/ncurses:/usr/local CMAKE_INCLUDE_PATH: /Library/Developer/CommandLineTools/SDKs/MacOSX12.sdk/System/Library/Frameworks/OpenGL.framework/Versions/Current/Headers CMAKE_LIBRARY_PATH: /Library/Developer/CommandLineTools/SDKs/MacOSX12.sdk/System/Library/Frameworks/OpenGL.framework/Versions/Current/Libraries CMAKE_FRAMEWORK_PATH: /usr/local/opt/python@3.9/Frameworks PKG_CONFIG_PATH: /usr/local/opt/libffi/lib/pkgconfig:/usr/local/opt/pcre/lib/pkgconfig:/usr/local/opt/openssl@1.1/lib/pkgconfig:/usr/local/opt/readline/lib/pkgconfig:/usr/local/opt/sqlite/lib/pkgconfig:/usr/local/opt/xz/lib/pkgconfig:/usr/local/opt/python@3.9/lib/pkgconfig:/usr/local/opt/glib/lib/pkgconfig:/usr/local/opt/gmp/lib/pkgconfig:/usr/local/opt/bdw-gc/lib/pkgconfig:/usr/local/opt/guile/lib/pkgconfig:/usr/local/opt/libidn2/lib/pkgconfig:/usr/local/opt/libtasn1/lib/pkgconfig:/usr/local/opt/nettle/lib/pkgconfig:/usr/local/opt/p11-kit/lib/pkgconfig:/usr/local/opt/libevent/lib/pkgconfig:/usr/local/opt/libnghttp2/lib/pkgconfig:/usr/local/opt/unbound/lib/pkgconfig:/usr/local/opt/gnutls/lib/pkgconfig:/usr/local/opt/jpeg/lib/pkgconfig:/usr/local/opt/libpng/lib/pkgconfig:/usr/local/opt/libslirp/lib/pkgconfig:/usr/local/opt/libssh/lib/pkgconfig:/usr/local/opt/libusb/lib/pkgconfig:/usr/local/opt/lzo/lib/pkgconfig:/usr/local/opt/ncurses/lib/pkgconfig:/usr/local/opt/pixman/lib/pkgconfig:/usr/local/opt/vde/lib/pkgconfig PKG_CONFIG_LIBDIR: /usr/lib/pkgconfig:/usr/local/Homebrew/Library/Homebrew/os/mac/pkgconfig/12 HOMEBREW_GIT: git HOMEBREW_SDKROOT: /Library/Developer/CommandLineTools/SDKs/MacOSX12.sdk ACLOCAL_PATH: /usr/local/share/aclocal PATH: /usr/local/Homebrew/Library/Homebrew/shims/mac/super:/usr/local/opt/go/bin:/usr/local/opt/gettext/bin:/usr/local/opt/pcre/bin:/usr/local/opt/gdbm/bin:/usr/local/opt/openssl@1.1/bin:/usr/local/opt/sqlite/bin:/usr/local/opt/xz/bin:/usr/local/opt/python@3.9/bin:/usr/local/opt/glib/bin:/usr/local/opt/m4/bin:/usr/local/opt/libtool/bin:/usr/local/opt/pkg-config/bin:/usr/local/opt/guile/bin:/usr/local/opt/libidn2/bin:/usr/local/opt/libtasn1/bin:/usr/local/opt/nettle/bin:/usr/local/opt/p11-kit/bin:/usr/local/opt/libevent/bin:/usr/local/opt/gnutls/bin:/usr/local/opt/jpeg/bin:/usr/local/opt/libpng/bin:/usr/local/opt/ncurses/bin:/usr/local/opt/vde/bin:/usr/local/opt/qemu/bin:/usr/local/opt/lima/bin:/usr/bin:/bin:/usr/sbin:/sbin ``` 可以看到ENV中压根没有GOPROXY的设置,手动配置的代理不生效,需要改安装脚本了,确认了安装时执行的`Formula`为: `/usr/local/Homebrew/Library/Taps/homebrew/homebrew-core/Formula/colima.rb` 修改此文件: ``` def install ... ENV['GOPROXY'] = 'https://goproxy.io,direct' ENV['GO111MODULE'] = 'on' system "go", "build", *std_go_args(ldflags: ldflags), "./cmd/colima" ... end ``` 在`system "go"`上面添加2个ENV配置,强制设置下代理。 最后在执行安装,就可以了! ## colima启动过程中下载镜像报错的问题 现象如下: ``` ➜ colima start --edit INFO[0000] editing in vim from $EDITOR environment variable INFO[0001] starting colima INFO[0001] runtime: docker INFO[0001] preparing network ... context=vm INFO[0002] starting ... context=vm > Using the existing instance "colima" > "Attempting to download the image from \"https://github.com/abiosoft/alpine-lima/releases/download/colima-v0.4.2-1/alpine-lima-clm-3.14.6-x86_64.iso\"" digest="sha512:229121f3ff3cb645a602e3f21d687207ad14c48330001330430c84e88fb0311a70b4a94250c2e24e80e8d3522ee573e169fef76337214136d1dde9bbc4ec1354" > "Attempting to download the image from \"https://github.com/abiosoft/alpine-lima/releases/download/colima-v0.4.2-1/alpine-lima-clm-3.14.6-x86_64.iso\"" digest="sha512:229121f3ff3cb645a602e3f21d687207ad14c48330001330430c84e88fb0311a70b4a94250c2e24e80e8d3522ee573e169fef76337214136d1dde9bbc4ec1354" > failed to download the image, attempted 4 candidates, errors=[unsupported arch: "aarch64" failed to download "https://github.com/abiosoft/alpine-lima/releases/download/colima-v0.4.2-1/alpine-lima-clm-3.14.6-x86_64.iso": Get "https://github.com/abiosoft/alpine-lima/releases/download/colima-v0.4.2-1/alpine-lima-clm-3.14.6-x86_64.iso": dial tcp [::1]:443: connect: connection refused unsupported arch: "aarch64" failed to download "https://github.com/abiosoft/alpine-lima/releases/download/colima-v0.4.2-1/alpine-lima-clm-3.14.6-x86_64.iso": Get "https://github.com/abiosoft/alpine-lima/releases/download/colima-v0.4.2-1/alpine-lima-clm-3.14.6-x86_64.iso": dial tcp [::1]:443: connect: connection refused] ``` 这是因为colima从0.3开始,使用alpine-lima的最小化镜像,会从GitHub的Release页面下载镜像文件,又是被墙导致的。 看了下源码,这个下载地址的代码是写死的,没办法手动指定其他路径。 启动过程中,colima会生成`~/.lima/colima/lima.yaml`的配置文件,把镜像地址写入了这个配置文件中,我已开始改了这个配置文件中的Images地址以为就可以了,没想到每次启动colima会重新生成覆盖,毛用没有。生成的配置文件会传递给`lima`调用,下载也是通过`lima`完成的,所以,又研究了下lima的下载镜像相关的代码,发现lima会把镜像下载到实例目录中,并重命名为basedisk,具体可参考: <https://github.com/lima-vm/lima/blob/44454dd1285a0baba13ec0538f1f1b37b31160d5/pkg/qemu/qemu.go#L77> 所以,顺着这个思考,那我干脆先手动把镜像下载下来,然后放到:`~/.lima/colima/basedisk`(注意,这里的basedisk就是镜像文件,不是文件夹,lima启动的时候会自动检测镜像格式)。 然后,在执行`colima start`,就成功了~ ## 容器不能写入绑定宿主目录的问题 上一步中,终于可以正常启动最新版的colima了,启个postgres的容器在测试下: ``` docker run --restart=unless-stopped --name postgres -e POSTGRES_PASSWORD=postgres -v $(pwd)/data/docker/postgres:/var/lib/postgresql/data -p 5432:5432 -d postgres ``` 结果又出现了mount目录写权限的问题: ``` chown: changing ownership of '/var/lib/postgresql/data': Permission denied ``` 然后又翻了遍colima和lima的GitHub社区相关Issue,发现社区引入了`9p`文件系统解决了这个问题(默认colima绑定的是sshfs)。 最终,删除colima实例,重新创建,在启动容器就都正常了: ``` colima delete # --mount-type 9p是解决权限问题的关键 colima start --cpu 2 --memory 2 --disk 10 --mount-type 9p ``` 相关PR:<https://github.com/abiosoft/colima/pull/251> ## 使用私有仓库提示证书不安全的问题 ``` colima delete # 使用--edit启动,进入配置文件编辑模式,找到docker配置,参考注释添加`insecure-registries`,保存退出即可 colima start --edit ``` ## 参考 - <http://soiiy.com/go/15972.html> - <https://goproxy.cn/> - <https://github.com/abiosoft/colima/issues/102> - <https://github.com/abiosoft/colima/issues/190> - <https://github.com/lima-vm/lima/blob/44454dd1285a0baba13ec0538f1f1b37b31160d5/pkg/qemu/qemu.go#L77> 非特殊说明,均为原创,原创文章,未经允许谢绝转载。 原始链接:记mac下尝鲜colima的坎坷经历 赏 Prev 基于Jenkins实现Git代码提交自动化上线 Next 关于CDH平台Hive Metastore Server的Canary duration指标
