diff options
| author | Christian Pointner <equinox@spreadspace.org> | 2018-02-21 20:20:24 +0100 |
|---|---|---|
| committer | Christian Pointner <equinox@spreadspace.org> | 2018-02-21 20:20:24 +0100 |
| commit | e0229e0adb3ead7f89cb160dd0ae429769c5099c (patch) | |
| tree | 24e624e79ca13e79c48229c3f7aaed885e1841f4 | |
| parent | added init container for elasticsearch (diff) | |
fix automatic preparation of data-dirs
4 files changed, 47 insertions, 7 deletions
diff --git a/contrib/k8s-emc/elasticsearch-statefulset.yml b/contrib/k8s-emc/elasticsearch-statefulset.yml index 54f2169..788ce30 100644 --- a/contrib/k8s-emc/elasticsearch-statefulset.yml +++ b/contrib/k8s-emc/elasticsearch-statefulset.yml @@ -26,7 +26,7 @@ spec: runAsUser: 998 fsGroup: 998 initContainers: - - name: prepare-datadir + - name: prepare-es-data image: busybox command: ['sh', '-c', 'chown 998:998 /srv/data && chmod 700 /srv/data'] securityContext: diff --git a/templates/default/kubernetes/flumotion-worker-deploy.yml.j2 b/templates/default/kubernetes/flumotion-worker-deploy.yml.j2 index 7079c67..0f8ab23 100644 --- a/templates/default/kubernetes/flumotion-worker-deploy.yml.j2 +++ b/templates/default/kubernetes/flumotion-worker-deploy.yml.j2 @@ -28,6 +28,19 @@ spec: securityContext: runAsUser: 998 fsGroup: 998 +%% if 'record' in worker.flags + initContainers: +%% for record_name in worker.flags.record + - name: prepare-record-{{ record_name }} + image: busybox + command: ['sh', '-c', 'chown 998:998 /srv/record && chmod 0755 /srv/record'] + securityContext: + runAsUser: 0 + volumeMounts: + - name: record-{{ record_name }} + mountPath: /srv/record +%% endfor +%% endif containers: %% for subname, sub in worker.subs.items() - name: {{ subname }} @@ -104,6 +117,7 @@ spec: hostPath: type: Directory path: /usr/lib/ + readOnly: true %% endif %% endif %% if 'record' in worker.flags diff --git a/templates/default/kubernetes/onionbalance-deploy.yml.j2 b/templates/default/kubernetes/onionbalance-deploy.yml.j2 index 6f3313b..e82ff96 100644 --- a/templates/default/kubernetes/onionbalance-deploy.yml.j2 +++ b/templates/default/kubernetes/onionbalance-deploy.yml.j2 @@ -23,6 +23,15 @@ spec: securityContext: runAsUser: 998 fsGroup: 998 + initContainers: + - name: prepare-onion-lib + image: busybox + command: ['sh', '-c', 'chown 998:998 /var/lib/tor && chmod 0750 /var/lib/tor'] + securityContext: + runAsUser: 0 + volumeMounts: + - name: onion-lib + mountPath: /var/lib/tor containers: - name: tor image: spreadspace/onionbalance:{{ desc.globals.deployment.parameter.onionbalance_image_version }} @@ -57,9 +66,8 @@ spec: emptyDir: medium: Memory - name: onion-lib - hostPath: - type: DirectoryOrCreate - path: /var/lib/tor/{{ desc.globals.name }}/_balance + emptyDir: + medium: Memory - name: onion-keys secret: secretName: onionbalance diff --git a/templates/default/kubernetes/sfive-deploy.yml.j2 b/templates/default/kubernetes/sfive-deploy.yml.j2 index aafb468..4de270a 100644 --- a/templates/default/kubernetes/sfive-deploy.yml.j2 +++ b/templates/default/kubernetes/sfive-deploy.yml.j2 @@ -31,6 +31,25 @@ spec: fsGroup: 998 hostNetwork: true dnsPolicy: ClusterFirstWithHostNet + initContainers: + - name: prepare-hub-data + image: busybox + command: ['sh', '-c', 'chown 998:998 /srv/data && chmod 0750 /srv/data'] + securityContext: + runAsUser: 0 + volumeMounts: + - name: hub-data + mountPath: /srv/data +{% if worker.flags.sfive == 'proxy' and 'stream-onion' in worker.flags %} + - name: prepare-onion-lib + image: busybox + command: ['sh', '-c', 'chown 998:998 /var/lib/tor && chmod 0750 /var/lib/tor'] + securityContext: + runAsUser: 0 + volumeMounts: + - name: onion-lib + mountPath: /var/lib/tor +{% endif %} containers: {% if worker.flags.sfive == 'proxy' %} - name: proxy @@ -104,9 +123,8 @@ spec: medium: Memory {% if worker.flags.sfive == 'proxy' and 'stream-onion' in worker.flags %} - name: onion-lib - hostPath: - type: DirectoryOrCreate - path: /var/lib/tor/{{ desc.globals.name }}/{{ worker.flags.stream }} + emptyDir: + medium: Memory {% endif %} - name: proxy-config configMap: |