yelijing18 commented on issue #16321: URL: https://github.com/apache/dolphinscheduler/issues/16321#issuecomment-2262614373
您好 @SbloodyS ,我在 Kubernetes 中部署的 DolphinScheduler 3.2.1 实例也遇到了同样的问题。 Hello, I also encountered the same issue with my DolphinScheduler 3.2.1 instance deployed in Kubernetes. 我使用默认的 Chart values.yaml 文件进行部署,因此 worker.tenant-auto-create 配置是打开的,且默认的租户为 'default'。 I used the Chart's default values.yaml file for deployment, so the worker.tenant-auto-create configuration is enabled, and the default tenant is 'default'. 在日志中可以观察到,任务实例执行过程中确实执行了 useradd -g root default 命令创建了用户,但在 Worker 的 Pod Shell 中可以观察到 /home 下没有 default 目录。 In the logs, it can be observed that during the task instance execution, the useradd -g root default command was indeed executed to create the user, but in the Worker Pod Shell, the default directory is not present under /home. <img width="781" alt="Xnip2024-08-01_17-20-58" src="https://github.com/user-attachments/assets/fc036edf-630f-461e-a436-f09eac4d23ff";> <img width="551" alt="Xnip2024-08-01_17-22-41" src="https://github.com/user-attachments/assets/953c0388-4737-47d9-86a3-fe5bccaf0ee9";> 这导致后续的 sudo -u default -i ... 命令执行时输出了错误信息,因为 /home/default 不存在,但这不影响任务执行。 This causes the subsequent 'sudo -u default -i ...' command to output an error because /home/default does not exist, but it does not affect task execution. <img width="777" alt="Xnip2024-08-01_17-22-04" src="https://github.com/user-attachments/assets/3b70e14f-e7b1-462b-b3f8-15ea3f62fcd7";> 在我的工作流定义中,我尝试向当前目录写入文件,但提示 Permission denied。 In my workflow definition, I tried to write files to the current directory but received a "Permission denied" message. <img width="796" alt="Xnip2024-08-01_17-32-08" src="https://github.com/user-attachments/assets/c2a8cf3d-8f1d-49bf-8f8f-310b28b5e690";> 此时的工作目录理论上是 /tmp/dolphinscheduler/exec/process/default/14472852420160/14472904679872_2/8/8/。 The working directory at this time is theoretically /tmp/dolphinscheduler/exec/process/default/14472852420160/14472904679872_2/8/8/. 在 Worker 的 Pod Shell 中可以观察到,从 /tmp/dolphinscheduler/exec 目录开始,其权限就已经是 755 且拥有者并非租户对应的用户。 In the Worker Pod Shell, it can be observed that from the /tmp/dolphinscheduler/exec directory onwards, the permissions are 755 and the owner is not the user corresponding to the tenant. <img width="702" alt="Xnip2024-08-01_17-24-03" src="https://github.com/user-attachments/assets/2a0c01de-71f8-4414-b154-52d7a964229d";> 以下是完整的日志文件: Here is the log file: [task-log.log](https://github.com/user-attachments/files/16454134/task-log.log) 这里存在两个问题: There are two issues here: 1. 虽然用户新建成功,但并未为其在 /home 下创建家目录(不影响任务执行)。 1. Although the user is created successfully, a home directory is not created under /home (this does not affect task execution). 2. 虽然 /tmp/dolphinscheduler 目录的权限是 777,但其用租户名称命名的子目录 /tmp/dolphinscheduler/exec/process/default 的权限是 755 且拥有者为 root ,导致租户对应用户无法在其目录下创建文件(影响任务执行)。 2. Although the permissions of the /tmp/dolphinscheduler directory are 777, the subdirectory /tmp/dolphinscheduler/exec/process/default named after the tenant has permissions of 755 and is owned by root, which prevents the tenant user from creating files in this directory (affecting task execution). 因此这确实可能是一些 Bug,请协助定位和解决。 Therefore, this could indeed be a bug. Please assist in identifying and resolving it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
