1、問題
構建fluentbit-operator工程manager模塊docker鏡像時報如下錯誤:
....... Step 5/15 : RUN go mod download ---> Running in c54961171660 go: github.com/fsnotify/fsnotify@v1.4.9: Get "https://proxy.golang.org/github.com/fsnotify/fsnotify/@v/v1.4.9.mod": dial tcp: lookup proxy.golang.org on 114.114.114.114:53: read udp 172.17.0.3:56122->114.114.114.114:53: i/o timeout The command '/bin/sh -c go mod download' returned a non-zero code: 1
由於github.com被牆了需要在Dockerfile里面配置go proxy(加上第四行、第五行)。
# Build the manager binary FROM golang:1.16 as builder ENV GO111MODULE=on ENV GOPROXY=https://goproxy.cn WORKDIR /workspace # Copy the Go Modules manifests COPY go.mod go.mod COPY go.sum go.sum # cache deps before building and copying source so that we don't need to re-download as much # and so that source changes don't invalidate our downloaded layer RUN go mod download # Copy the go source COPY cmd/manager/main.go main.go COPY api api/ COPY controllers controllers/ COPY pkg pkg/ # Build RUN CGO_ENABLED=0 GO111MODULE=on go build -a -o manager main.go # Use distroless as minimal base image to package the manager binary # Refer to https://github.com/GoogleContainerTools/distroless for more details FROM gcr.io/distroless/static:nonroot WORKDIR / COPY --from=builder /workspace/manager . USER nonroot:nonroot ENTRYPOINT ["/manager"]
注意:也可以配置GOPROXY=https://goproxy.io,但是推薦使用七牛雲的“goproxy.cn”,因為“goproxy.io”也不一定可用。對於golang 1.13及以上版本,可直接如下這樣:
ENV GOPROXY=https://goproxy.cn,direct
本來以為配置上go proxy后問題就解決了,沒想到還是報錯,錯誤如下:
......... Step 6/16 : RUN go mod download ---> Running in 2184a16931ce go: github.com/fsnotify/fsnotify@v1.4.9: Get "https://goproxy.cn/github.com/fsnotify/fsnotify/@v/v1.4.9.mod": dial tcp: lookup goproxy.cn on 114.114.114.114:53: read udp 172.17.0.3:57878->114.114.114.114:53: i/o timeout The command '/bin/sh -c go mod download' returned a non-zero code: 1
2、解決方案
build的時候走到下載mod包會報錯:go: github.com/fsnotify/fsnotify@v1.4.9: Get "https://goproxy.cn/github.com/fsnotify/fsnotify/@v/v1.4.9.mod": dial tcp: lookup goproxy.cn on 114.114.114.114:53: read udp 172.17.0.3:57936->114.114.114.114:53: i/o timeout。
開始以為代理問題,然后又懷疑DNS問題,最終排除了這兩個部分,於是猜測容器里是不是不通外網?
還真是如此。
因為之前的build指令沒有特殊指定網絡,所以修正指令后如下:
docker build --network host -f cmd/manager/Dockerfile -t fluentbit-operator:v3.0.2 .
可以正常構建出鏡像,注意即使加了--network host也需要給Dockerfile配置上go proxy,不然還會一直卡在go mod download這步。
[root@master1 fluentbit-operator]# docker build --network host -f cmd/manager/Dockerfile -t fluentbit-operator:v3.0.2 . Sending build context to Docker daemon 3.433MB Step 1/16 : FROM golang:1.16 as builder ---> 6c29725f0797 Step 2/16 : ENV GOPROXY=https://goproxy.cn,direct ---> Using cache ---> a42da36b2133 Step 3/16 : WORKDIR /workspace ---> Using cache ---> e94a28a954c8 Step 4/16 : COPY go.mod go.mod ---> Using cache ---> 46efc36bbe79 Step 5/16 : COPY go.sum go.sum ---> Using cache ---> 464a81322ee1 Step 6/16 : RUN go mod download ---> Running in 575c4b3c913b Removing intermediate container 575c4b3c913b ---> d8bc52ee4e88 Step 7/16 : COPY cmd/manager/main.go main.go ---> 6692d247a63b Step 8/16 : COPY api api/ ---> 08e68ab13c7f Step 9/16 : COPY controllers controllers/ ---> 1cd6b203dfcf Step 10/16 : COPY pkg pkg/ ---> 3d5139bbca0c Step 11/16 : RUN CGO_ENABLED=0 GO111MODULE=on go build -a -o manager main.go ---> Running in e7a230f68fa6 Removing intermediate container e7a230f68fa6 ---> 0fc2cac8c59e Step 12/16 : FROM katanomi/distroless-static:nonroot ---> 421f180b71d8 Step 13/16 : WORKDIR / ---> Running in 3b48c7462db1 Removing intermediate container 3b48c7462db1 ---> e36670f657b6 Step 14/16 : COPY --from=builder /workspace/manager . ---> bfb2e41c4d55 Step 15/16 : USER nonroot:nonroot ---> Running in 7b036773eaa7 Removing intermediate container 7b036773eaa7 ---> ca18c6d94eff Step 16/16 : ENTRYPOINT ["/manager"] ---> Running in 0c5b4fc7fc85 Removing intermediate container 0c5b4fc7fc85 ---> 8b625f2b5f13 Successfully built 8b625f2b5f13 Successfully tagged fluentbit-operator:v3.0.2