如何解决使用 Pulumi 部署 Localstack:配置中缺少凭据
我正在尝试使用 Pulumi 部署 localstack。我特别想关注this example。
代码如下。
percentiles = [0.5,0.9,0.99]
quantile_funcs = [(p,lambda x: x.quantile(p)) for p in percentiles]
df.groupby("AGGREGATE").agg(quantile_funcs)
import * as aws from "@pulumi/aws";
import * as pulumi from "@pulumi/pulumi";
// Create a bucket each for TPS reports and their archived zips.
const tpsReports = new aws.s3.Bucket("tpsReports");
const tpsZips = new aws.s3.Bucket("tpsZips");
// Anytime a new TPS Report is uploaded,archive it in a zipfile.
tpsReports.onObjectCreated("zipTpsReports",async (e) => {
const admZip = require("adm-zip");
const s3 = new aws.sdk.S3();
for (const rec of e.Records || []) {
const zip = new admZip();
const [ buck,key ] = [ rec.s3.bucket.name,rec.s3.object.key ];
console.log(`Zipping ${buck}/${key} into ${tpsZips.bucket.get()}/${key}.zip`);
const data = await s3.getobject({ Bucket: buck,Key: key }).promise();
zip.addFile(key,data.Body);
await s3.putObject({
Bucket: tpsZips.bucket.get(),Key: `${key}.zip`,Body: zip.toBuffer(),}).promise();
}
});
// Finally,export the zipfile bucket name,for ease of access.
export const tpsReportsBucket = tpsReports.bucket;
export const tpsZipsBucket = tpsZips.bucket;
文件如下。
Pulumi.local.yaml
然后,在encryptionsalt: v1:+vnO5hzuWuw=:v1:TmVzyjbKEBaC2kfZ:PdUUCqpjq+3EUrycO+vTCtcmTKVgtg==
config:
aws:accessKey: test
aws:endpoints:
- cloudwatch: http://localhost:4566
cloudwatchlogs: http://localhost:4566
dynamodb: http://localhost:4566
iam: http://localhost:4566
lambda: http://localhost:4566
s3: http://localhost:4566
secretsmanager: http://localhost:4566
sns: http://localhost:4566
sqs: http://localhost:4566
aws:region: eu-south-1
aws:s3ForcePathStyle: "true"
aws:secretKey: test
aws:skipCredentialsValidation: "true"
aws:skipRequestingAccountId: "true"
之后,我在pulumi up
中上传一个简单的txt文件:
tpsReportsBucket
通过查看 localstack 终端,我看到以下内容:
awslocal s3 cp ./tps004.txt s3://$(pulumi stack output tpsReportsBucket)
总结一下,错误信息是2021-03-16T15:53:54:INFO:localstack.services.awslambda.lambda_executors: Running lambda cmd: CONTAINER_ID="$(docker create -i -e AWS_REGION="$AWS_REGION" -e DOCKER_LAMBDA_USE_STDIN="$DOCKER_LAMBDA_USE_STDIN" -e LOCALSTACK_HOSTNAME="$LOCALSTACK_HOSTNAME" -e EDGE_PORT="$EDGE_PORT" -e _HANDLER="$_HANDLER" -e AWS_LAMBDA_FUNCTION_TIMEOUT="$AWS_LAMBDA_FUNCTION_TIMEOUT" -e AWS_LAMBDA_FUNCTION_NAME="$AWS_LAMBDA_FUNCTION_NAME" -e AWS_LAMBDA_FUNCTION_VERSION="$AWS_LAMBDA_FUNCTION_VERSION" -e AWS_LAMBDA_FUNCTION_INVOKED_ARN="$AWS_LAMBDA_FUNCTION_INVOKED_ARN" -e AWS_LAMBDA_COGNITO_IDENTITY="$AWS_LAMBDA_COGNITO_IDENTITY" -e NODE_TLS_REJECT_UNAUTHORIZED="$NODE_TLS_REJECT_UNAUTHORIZED" --rm "lambci/lambda:nodejs12.x" "__index.handler")";docker cp "/tmp/localstack/zipfile.50a4d689/." "$CONTAINER_ID:/var/task"; docker start -ai "$CONTAINER_ID";
2021-03-16T15:54:01:WARNING:bootstrap.py: Thread run method <function LambdaExecutor.execute.<locals>.do_execute at 0x7f8ea0bec040>(None) Failed: Lambda process returned error status code: 1. Result: {"errorType":"CredentialsError","errorMessage":"Missing credentials in config,if using AWS_CONfig_FILE,set AWS_SDK_LOAD_CONfig=1"}. Output:
START RequestId: 801df08b-8f2c-1e6b-796b-7afd00772254 Version: $LATEST
2021-03-16T15:53:55.872Z 801df08b-8f2c-1e6b-796b-7afd00772254 INFO Zipping tpsreports-6f6b3d2/tps004.txt into tpszips-d30a9e7/tps004.txt.zip
2021-03-16T15:54:01.131Z 801df08b-8f2c-1e6b-796b-7afd00772254 ERROR Invoke Error {"errorType":"CredentialsError",set AWS_SDK_LOAD_CONfig=1","code":"CredentialsError","message":"Missing credentials in config,"errno":"ECONNREFUSED","syscall":"connect","address":"169.254.169.254","port":80,"time":"2021-03-16T15:54:01.126Z","originalError":{"message":"Could not load credentials from any providers","time":"2021-03-16T15:54:01.125Z","originalError":{"message":"EC2 Metadata roleName request returned error","code":"ECONNREFUSED","originalError":{"errno":"ECONNREFUSED","message":"connect ECONNREFUSED 169.254.169.254:80"}}},"stack":["Error: connect ECONNREFUSED 169.254.169.254:80"," at TCPConnectWrap.afterConnect [as oncomplete] (net.js:1144:16)"]}
END RequestId: 801df08b-8f2c-1e6b-796b-7afd00772254
REPORT RequestId: 801df08b-8f2c-1e6b-796b-7afd00772254 Init Duration: 221.93 ms Duration: 5673.56 ms Billed Duration: 5674 ms Memory Size: 1536 MB Max Memory Used: 56 MB Traceback (most recent call last):
File "/opt/code/localstack/localstack/utils/bootstrap.py",line 653,in run
result = self.func(self.params)
File "/opt/code/localstack/localstack/services/awslambda/lambda_executors.py",line 168,in do_execute
return _run(func_arn=func_arn)
File "/opt/code/localstack/localstack/utils/cloudwatch/cloudwatch_util.py",line 149,in wrapped
raise e
File "/opt/code/localstack/localstack/utils/cloudwatch/cloudwatch_util.py",line 145,in wrapped
result = func(*args,**kwargs)
File "/opt/code/localstack/localstack/services/awslambda/lambda_executors.py",line 159,in _run
raise e
File "/opt/code/localstack/localstack/services/awslambda/lambda_executors.py",line 147,in _run
result = self._execute(func_arn,func_details,event,context,version)
File "/opt/code/localstack/localstack/services/awslambda/lambda_executors.py",line 325,in _execute
result = self.run_lambda_executor(cmd,stdin,env_vars=environment,func_details=func_details)
File "/opt/code/localstack/localstack/services/awslambda/lambda_executors.py",line 231,in run_lambda_executor
raise InvocationException('Lambda process returned error status code: %s. Result: %s. Output:\n%s' %
localstack.services.awslambda.lambda_executors.InvocationException: Lambda process returned error status code: 1. Result: {"errorType":"CredentialsError"," at TCPConnectWrap.afterConnect [as oncomplete] (net.js:1144:16)"]}
END RequestId: 801df08b-8f2c-1e6b-796b-7afd00772254
REPORT RequestId: 801df08b-8f2c-1e6b-796b-7afd00772254 Init Duration: 221.93 ms Duration: 5673.56 ms Billed Duration: 5674 ms Memory Size: 1536 MB Max Memory Used: 56 MB
。我尝试了在其他问题中找到的所有建议,但这些建议都不起作用。也许这是因为我使用的是 Pulumi。
感谢您的帮助。
解决方法
解决方案是将 network_mode: bridge
添加到我在这里展示的 docker compose 文件中。
version: '3'
services:
localstack:
image: localstack/localstack
container_name: "${LOCALSTACK_DOCKER_NAME-localstack_main}"
network_mode: bridge
ports:
- "4566:4566"
environment:
- SERVICES=serverless
- LAMBDA_REMOVE_CONTAINERS=false
- DOCKER_HOST=unix:///var/run/docker.sock
- AWS_DEAFULT_REGION=us-east-1
- DEFAULT_REGION=us-east-1
- AWS_ACCESS_KEY_ID=test
- AWS_SECRET_ACCESS_KEY=test
- LAMBDA_REMOTE_DOCKER=true
- LAMBDA_EXECUTOR=docker
volumes:
- "${TMPDIR}:/tmp/localstack"
- "/var/run/docker.sock:/var/run/docker.sock"
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。