我希望能在我的Kubernetes集群上运行Polynote,特别是针对编程方面的内容。不幸的是,我没有什么好运气,错误信息也不是很有帮助。据我所知,它还比较新,因此我无法使用已有的参考Kubernetes配置使其正常工作。
使用下面的YAML文件,我成功启动了它。但是,当我端口转发并尝试访问Pod时,它会崩溃,然后重新启动。不幸的是,我获得的错误消息只是
编辑:为了清晰起见,这是来自Pod的全部日志记录:
使用下面的YAML文件,我成功启动了它。但是,当我端口转发并尝试访问Pod时,它会崩溃,然后重新启动。不幸的是,我获得的错误消息只是
Killed
,这并没有提供太多的指导意义。我从裸Docker镜像开始,然后添加了他们在他们的存储库中的Docker备注中建议的配置。---
apiVersion: v1
kind: ConfigMap
metadata:
name: polynote-config
namespace: dev
labels:
app: polynote
data:
config.yml: |-
listen:
host: 0.0.0.0
storage:
dir: /opt/notebooks
mounts:
examples:
dir: examples
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: polynote
namespace: dev
spec:
replicas: 1
template:
metadata:
labels:
app: polynote
spec:
containers:
- name: polynote
image: polynote/polynote:latest
resources:
limits:
memory: "100Mi"
requests:
memory: "100Mi"
ports:
- containerPort: 8192
volumeMounts:
- name: config
mountPath: /opt/config/config.yml
readOnly: true
subPath: config.yml
volumes:
- name: config
configMap:
defaultMode: 0600
name: polynote-config
编辑:为了清晰起见,这是来自Pod的全部日志记录:
[INFO] Loading configuration from config.yml
[INFO] Loaded configuration: PolynoteConfig(Listen(8192,127.0.0.1),Storage(tmp,notebooks,Map()),List(),List(),Map(),Map(),Behavior(true,Always,List()),Security(None),UI(/))
[WARN] Polynote allows arbitrary remote code execution, which is necessary for a notebook tool to function.
While we'll try to improve safety by adding security measures, it will never be completely safe to
run Polynote on your personal computer. For example:
- It's possible that other websites you visit could use Polynote as an attack vector. Browsing the web
while running Polynote is unsafe.
- It's possible that remote attackers could use Polynote as an attack vector. Running Polynote on a
computer that's accessible from the internet is unsafe.
- Even running Polynote inside a container doesn't guarantee safety, as there will always be
privilege escalation and container escape vulnerabilities which an attacker could leverage.
Please be diligent about checking for new releases, as they could contain fixes for critical security
flaws.
Please be mindful of the security issues that Polynote causes; consult your company's security team
before running Polynote. You are solely responsible for any breach, loss, or damage caused by running
this software insecurely.
[zio-default-async-1-1076496284] INFO org.http4s.blaze.channel.nio1.NIO1SocketServerGroup - Service bound to address /127.0.0.1:8192
[zio-default-async-1-1076496284] INFO org.http4s.server.blaze.BlazeServerBuilder -
_____ _ _
| __ \ | | | |
| |__) |__ | |_ _ _ __ ___ | |_ ___
| ___/ _ \| | | | | '_ \ / _ \| __/ _ \
| | | (_) | | |_| | | | | (_) | || __/
|_| \___/|_|\__, |_| |_|\___/ \__\___|
__/ |
|___/
Server running at http://127.0.0.1:8192
[zio-default-async-1-1076496284] INFO org.http4s.server.blaze.BlazeServerBuilder - http4s v0.20.6 on blaze v0.14.6 started at http://127.0.0.1:8192/
Killed
kubectl logs
中的日志了吗? - erik258