From e0229e0adb3ead7f89cb160dd0ae429769c5099c Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Wed, 21 Feb 2018 20:20:24 +0100
Subject: fix automatic preparation of data-dirs

---
 .../kubernetes/flumotion-worker-deploy.yml.j2      | 14 +++++++++++++
 .../default/kubernetes/onionbalance-deploy.yml.j2  | 14 ++++++++++---
 templates/default/kubernetes/sfive-deploy.yml.j2   | 24 +++++++++++++++++++---
 3 files changed, 46 insertions(+), 6 deletions(-)

(limited to 'templates')

diff --git a/templates/default/kubernetes/flumotion-worker-deploy.yml.j2 b/templates/default/kubernetes/flumotion-worker-deploy.yml.j2
index 7079c67..0f8ab23 100644
--- a/templates/default/kubernetes/flumotion-worker-deploy.yml.j2
+++ b/templates/default/kubernetes/flumotion-worker-deploy.yml.j2
@@ -28,6 +28,19 @@ spec:
       securityContext:
         runAsUser: 998
         fsGroup: 998
+%% if 'record' in worker.flags
+      initContainers:
+%%   for record_name in worker.flags.record
+      - name: prepare-record-{{ record_name }}
+        image: busybox
+        command: ['sh', '-c', 'chown 998:998 /srv/record && chmod 0755 /srv/record']
+        securityContext:
+          runAsUser: 0
+        volumeMounts:
+        - name: record-{{ record_name }}
+          mountPath: /srv/record
+%%   endfor
+%% endif
       containers:
 %% for subname, sub in worker.subs.items()
       - name: {{ subname }}
@@ -104,6 +117,7 @@ spec:
         hostPath:
           type: Directory
           path: /usr/lib/
+          readOnly: true
 %%   endif
 %% endif
 %% if 'record' in worker.flags
diff --git a/templates/default/kubernetes/onionbalance-deploy.yml.j2 b/templates/default/kubernetes/onionbalance-deploy.yml.j2
index 6f3313b..e82ff96 100644
--- a/templates/default/kubernetes/onionbalance-deploy.yml.j2
+++ b/templates/default/kubernetes/onionbalance-deploy.yml.j2
@@ -23,6 +23,15 @@ spec:
       securityContext:
         runAsUser: 998
         fsGroup: 998
+      initContainers:
+      - name: prepare-onion-lib
+        image: busybox
+        command: ['sh', '-c', 'chown 998:998 /var/lib/tor && chmod 0750 /var/lib/tor']
+        securityContext:
+          runAsUser: 0
+        volumeMounts:
+        - name: onion-lib
+          mountPath: /var/lib/tor
       containers:
       - name: tor
         image: spreadspace/onionbalance:{{ desc.globals.deployment.parameter.onionbalance_image_version }}
@@ -57,9 +66,8 @@ spec:
         emptyDir:
           medium: Memory
       - name: onion-lib
-        hostPath:
-          type: DirectoryOrCreate
-          path: /var/lib/tor/{{ desc.globals.name }}/_balance
+        emptyDir:
+          medium: Memory
       - name: onion-keys
         secret:
           secretName: onionbalance
diff --git a/templates/default/kubernetes/sfive-deploy.yml.j2 b/templates/default/kubernetes/sfive-deploy.yml.j2
index aafb468..4de270a 100644
--- a/templates/default/kubernetes/sfive-deploy.yml.j2
+++ b/templates/default/kubernetes/sfive-deploy.yml.j2
@@ -31,6 +31,25 @@ spec:
         fsGroup: 998
       hostNetwork: true
       dnsPolicy: ClusterFirstWithHostNet
+      initContainers:
+      - name: prepare-hub-data
+        image: busybox
+        command: ['sh', '-c', 'chown 998:998 /srv/data && chmod 0750 /srv/data']
+        securityContext:
+          runAsUser: 0
+        volumeMounts:
+        - name: hub-data
+          mountPath: /srv/data
+{% if worker.flags.sfive == 'proxy' and 'stream-onion' in worker.flags %}
+      - name: prepare-onion-lib
+        image: busybox
+        command: ['sh', '-c', 'chown 998:998 /var/lib/tor && chmod 0750 /var/lib/tor']
+        securityContext:
+          runAsUser: 0
+        volumeMounts:
+        - name: onion-lib
+          mountPath: /var/lib/tor
+{% endif %}
       containers:
 {% if worker.flags.sfive == 'proxy' %}
       - name: proxy
@@ -104,9 +123,8 @@ spec:
           medium: Memory
 {% if worker.flags.sfive == 'proxy' and 'stream-onion' in worker.flags %}
       - name: onion-lib
-        hostPath:
-          type: DirectoryOrCreate
-          path: /var/lib/tor/{{ desc.globals.name }}/{{ worker.flags.stream }}
+        emptyDir:
+          medium: Memory
 {% endif %}
       - name: proxy-config
         configMap:
-- 
cgit v1.2.3