diff options
author | Vincent Ambo <tazjin@google.com> | 2019-12-20T16·06+0000 |
---|---|---|
committer | Vincent Ambo <tazjin@google.com> | 2019-12-20T16·07+0000 |
commit | 9653bdcf694e2317754060056dec31577e8d55ae (patch) | |
tree | b5e380cea2b5c94ac164949226b6dae6fe377f85 | |
parent | a349d5e9145ae9a6c89f62ec631f01fb180de546 (diff) |
fix(infra/k8s): Workaround for nginx crash on pidfile write r/220
Newer versions of nginx apparently hard-crash if they can't write a PID file in the current directory. To work around this, some writeable scratch space is created for the nginx daemon to write its PID to.
-rw-r--r-- | infra/kubernetes/nginx/nginx.conf | 1 | ||||
-rw-r--r-- | infra/kubernetes/nginx/nginx.yaml | 7 | ||||
-rw-r--r-- | infra/kubernetes/primary-cluster.yaml | 2 |
3 files changed, 8 insertions, 2 deletions
diff --git a/infra/kubernetes/nginx/nginx.conf b/infra/kubernetes/nginx/nginx.conf index 5a008a0b953f..ead5c4061720 100644 --- a/infra/kubernetes/nginx/nginx.conf +++ b/infra/kubernetes/nginx/nginx.conf @@ -1,6 +1,7 @@ daemon off; worker_processes 1; error_log stderr; +pid /run/nginx.pid; events { worker_connections 1024; diff --git a/infra/kubernetes/nginx/nginx.yaml b/infra/kubernetes/nginx/nginx.yaml index d0ee520d2734..983b265bafab 100644 --- a/infra/kubernetes/nginx/nginx.yaml +++ b/infra/kubernetes/nginx/nginx.yaml @@ -26,20 +26,25 @@ spec: spec: containers: - name: tazblog - image: nixery.local/shell/nginx:{{ .version }} + image: nixery.local/shell/third_party.nginx:{{ .version }} command: ["/bin/bash", "-c"] args: - | + cd /run echo 'nogroup:x:30000:nobody' >> /etc/group echo 'nobody:x:30000:30000:nobody:/tmp:/bin/bash' >> /etc/passwd exec nginx -c /etc/nginx/nginx.conf volumeMounts: - name: nginx-conf mountPath: /etc/nginx + - name: nginx-rundir + mountPath: /run volumes: - name: nginx-conf configMap: name: nginx-conf + - name: nginx-rundir + emptyDir: {} --- apiVersion: v1 kind: Service diff --git a/infra/kubernetes/primary-cluster.yaml b/infra/kubernetes/primary-cluster.yaml index b79181d1758f..1d5d33e0bb26 100644 --- a/infra/kubernetes/primary-cluster.yaml +++ b/infra/kubernetes/primary-cluster.yaml @@ -35,4 +35,4 @@ include: - name: https-lb - name: nginx values: - version: 52fabe4423095f12f67be1c7dbf88b801c1bb521 + version: a349d5e9145ae9a6c89f62ec631f01fb180de546 |