faas-rs/faasd
1
0
Fork 0
mirror of https://github.com/openfaas/faasd.git synced 2025-06-27 17:23:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

Create volumes automatically for NATS/Prometheus

Browse Source 
Fixes: #223

Tested by checking the logs of Prometheus and NATS was tested
by running async requests with hey then restarting faasd,
which deletes the NATS and queue-worker containers. The work
left over in the queue was restarted as expected.

Pre-created volumes are read from docker-compose.yaml and
only numeric user IDs are supported at this time. Users
can still specify a textual username, if they create the
source directory for a mount before restarting faasd,
it won't try to overwrite the directory.

Add comment for workingDirectoryPermission

Signed-off-by: Alex Ellis (OpenFaaS Ltd) <alexellis2@gmail.com>
This commit is contained in:
Alex Ellis (OpenFaaS Ltd)
2021-12-20 13:32:06 +00:00
committed by Alex Ellis
parent 8fbdd1a461
commit 5aed707354
2 changed files with 42 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
docker-compose.yaml
View File

@ -20,21 +20,36 @@ services:
nats: nats:
image: docker.io/library/nats-streaming:0.22.0 image: docker.io/library/nats-streaming:0.22.0
# nobody
user: "65534"
command: command:
- "/nats-streaming-server" - "/nats-streaming-server"
- "-m" - "-m"
- "8222" - "8222"
- "--store=memory" - "--store=file"
- "--dir=/nats"
- "--cluster_id=faas-cluster" - "--cluster_id=faas-cluster"
volumes:
# Data directory
- type: bind
source: ./nats
target: /nats
# ports: # ports:
# - "127.0.0.1:8222:8222" # - "127.0.0.1:8222:8222"
prometheus: prometheus:
image: docker.io/prom/prometheus:v2.14.0 image: docker.io/prom/prometheus:v2.14.0
# nobody
user: "65534"
volumes: volumes:
# Config directory
- type: bind - type: bind
source: ./prometheus.yml source: ./prometheus.yml
target: /etc/prometheus/prometheus.yml target: /etc/prometheus/prometheus.yml
# Data directory
- type: bind
source: ./prometheus
target: /prometheus
cap_add: cap_add:
- CAP_NET_RAW - CAP_NET_RAW
ports: ports:

27
pkg/supervisor.go
View File

@ -8,6 +8,8 @@ import (
"os" "os"
"path" "path"
"sort" "sort"
"strconv"
"strings"
"github.com/alexellis/k3sup/pkg/env" "github.com/alexellis/k3sup/pkg/env"
"github.com/compose-spec/compose-go/loader" "github.com/compose-spec/compose-go/loader"
@ -26,7 +28,8 @@ import (
) )
const ( const (
workingDirectoryPermission = 0644 // workingDirectoryPermission user read/write/execute, group and others: read-only
workingDirectoryPermission = 0744
) )
type Service struct { type Service struct {
@ -145,6 +148,28 @@ func (s *Supervisor) Start(svcs []Service) error {
Type: "bind", Type: "bind",
Options: []string{"rbind", "rw"}, Options: []string{"rbind", "rw"},
}) })
// Only create directories, not files.
// Some files don't have a suffix, such as secrets.
if len(path.Ext(mnt.Src)) == 0 &&
!strings.HasPrefix(mnt.Src, "/var/lib/faasd/secrets/") {
// src is already prefixed with wd from an earlier step
src := mnt.Src
fmt.Printf("Creating local directory: %s\n", src)
if err := os.MkdirAll(src, workingDirectoryPermission); err != nil {
if !errors.Is(os.ErrExist, err) {
fmt.Printf("Unable to create: %s, %s\n", src, err)
}
}
if len(svc.User) > 0 {
uid, err := strconv.Atoi(svc.User)
if err == nil {
if err := os.Chown(src, uid, -1); err != nil {
fmt.Printf("Unable to chown: %s to %d, error: %s\n", src, uid, err)
}
}
}
}
} }
} }