gcsfuse gives a Input/output error when reading or

2020-07-11 10:44发布

问题:

I am using gcsfuse within a docker container (base image centos7) and am not able to read or write to the mounted directory.

I am mounting the directory with gcsfuse like this:

[root@6c24c3a6cc28 /]# gcsfuse --foreground --key-file=/src/gcloud_service_account.json my-bucket /gcloud/
Using mount point: /gcloud
Opening GCS connection...
Opening bucket...
Mounting file system...
File system has been successfully mounted.

When I try and read or write to the mounted directory, I get this error:
[root@6c24c3a6cc28 /]# ls -la /gcloud/ ls: reading directory /gcloud/: Input/output error total 0

gcsfuse prints out debug info saying:

fuse: 2016/01/14 01:33:41.110260 *fuseops.ReadDirOp error: readAllEntries: ReadEntries: ListObjects: Get https://www.googleapis.com/storage/v1/b/my-bucket/o? delimiter=%2F&projection=full: private key should be a PEM or plain PKSC1 or PKCS8; parse error: asn1: structure error: tags don't match (16 vs {class:1 tag:27 length:123 isCompound:true}) {optional:false explicit:false application:false defaultValue: tag: stringType:0 timeType:0 set:false omitEmpty:false} pkcs1PrivateKey @2

I am running docker like this: docker run -p 3000:3000 \

--privileged \
 --cap-add SYS_ADMIN \
 --device /dev/fuse \
 --name gcsfuseTest \
 gcsfuseImage

I am not 100% certain what --cap-add SYS_ADMIN and --device /dev/fuse get me. I put them in based on other users who are mounting using fuse on docker.

回答1:

I was able to figure this out by turning on some debug flags when running gcsfuse like this:

gcsfuse --foreground --debug_gcs --debug_http --debug_fuse --debug_invariants --key-file=/src/gcloud_service_account.json dev-my-bucket /gcloud

This returned lots of info, along with this:

"code": 403, "message": "Access Not Configured. The API (Cloud Storage JSON API) is not enabled for your project. Please use the Google Developers Console to update your configuration."

I enabled this API within the Google Devlopers Console, then after a couple minutes, vuala, it worked.