about summary refs log tree commit diff
diff options
context:
space:
mode:
authorVincent Ambo <tazjin@google.com>2019-12-20T16·06+0000
committerVincent Ambo <tazjin@google.com>2019-12-20T16·07+0000
commit9653bdcf694e2317754060056dec31577e8d55ae (patch)
treeb5e380cea2b5c94ac164949226b6dae6fe377f85
parenta349d5e9145ae9a6c89f62ec631f01fb180de546 (diff)
fix(infra/k8s): Workaround for nginx crash on pidfile write r/220
Newer versions of nginx apparently hard-crash if they can't write a
PID file in the current directory.

To work around this, some writeable scratch space is created for the
nginx daemon to write its PID to.
Diffstat
-rw-r--r--infra/kubernetes/nginx/nginx.conf1
-rw-r--r--infra/kubernetes/nginx/nginx.yaml7
-rw-r--r--infra/kubernetes/primary-cluster.yaml2
3 files changed, 8 insertions, 2 deletions
diff --git a/infra/kubernetes/nginx/nginx.conf b/infra/kubernetes/nginx/nginx.conf
index 5a008a0b95..ead5c40617 100644
--- a/infra/kubernetes/nginx/nginx.conf
+++ b/infra/kubernetes/nginx/nginx.conf
@@ -1,6 +1,7 @@
 daemon off;
 worker_processes  1;
 error_log stderr;
+pid /run/nginx.pid;
 
 events {
     worker_connections  1024;
diff --git a/infra/kubernetes/nginx/nginx.yaml b/infra/kubernetes/nginx/nginx.yaml
index d0ee520d27..983b265baf 100644
--- a/infra/kubernetes/nginx/nginx.yaml
+++ b/infra/kubernetes/nginx/nginx.yaml
@@ -26,20 +26,25 @@ spec:
     spec:
       containers:
         - name: tazblog
-          image: nixery.local/shell/nginx:{{ .version }}
+          image: nixery.local/shell/third_party.nginx:{{ .version }}
           command: ["/bin/bash", "-c"]
           args:
             - |
+              cd /run
               echo 'nogroup:x:30000:nobody' >> /etc/group
               echo 'nobody:x:30000:30000:nobody:/tmp:/bin/bash' >> /etc/passwd
               exec nginx -c /etc/nginx/nginx.conf
           volumeMounts:
             - name: nginx-conf
               mountPath: /etc/nginx
+            - name: nginx-rundir
+              mountPath: /run
       volumes:
         - name: nginx-conf
           configMap:
             name: nginx-conf
+        - name: nginx-rundir
+          emptyDir: {}
 ---
 apiVersion: v1
 kind: Service
diff --git a/infra/kubernetes/primary-cluster.yaml b/infra/kubernetes/primary-cluster.yaml
index b79181d175..1d5d33e0bb 100644
--- a/infra/kubernetes/primary-cluster.yaml
+++ b/infra/kubernetes/primary-cluster.yaml
@@ -35,4 +35,4 @@ include:
   - name: https-lb
   - name: nginx
     values:
-      version: 52fabe4423095f12f67be1c7dbf88b801c1bb521
+      version: a349d5e9145ae9a6c89f62ec631f01fb180de546
generated by cgit-pink 1.4.1 (git 2.44.0) at 2024-04-29T12·15+0000