diff options
author | Vincent Ambo <tazjin@google.com> | 2019-12-20T16·06+0000 |
---|---|---|
committer | Vincent Ambo <tazjin@google.com> | 2019-12-20T16·07+0000 |
commit | 9653bdcf694e2317754060056dec31577e8d55ae (patch) | |
tree | b5e380cea2b5c94ac164949226b6dae6fe377f85 /infra/kubernetes/nginx | |
parent | a349d5e9145ae9a6c89f62ec631f01fb180de546 (diff) |
fix(infra/k8s): Workaround for nginx crash on pidfile write r/220
Newer versions of nginx apparently hard-crash if they can't write a PID file in the current directory. To work around this, some writeable scratch space is created for the nginx daemon to write its PID to.
Diffstat (limited to 'infra/kubernetes/nginx')
-rw-r--r-- | infra/kubernetes/nginx/nginx.conf | 1 | ||||
-rw-r--r-- | infra/kubernetes/nginx/nginx.yaml | 7 |
2 files changed, 7 insertions, 1 deletions
diff --git a/infra/kubernetes/nginx/nginx.conf b/infra/kubernetes/nginx/nginx.conf index 5a008a0b953f..ead5c4061720 100644 --- a/infra/kubernetes/nginx/nginx.conf +++ b/infra/kubernetes/nginx/nginx.conf @@ -1,6 +1,7 @@ daemon off; worker_processes 1; error_log stderr; +pid /run/nginx.pid; events { worker_connections 1024; diff --git a/infra/kubernetes/nginx/nginx.yaml b/infra/kubernetes/nginx/nginx.yaml index d0ee520d2734..983b265bafab 100644 --- a/infra/kubernetes/nginx/nginx.yaml +++ b/infra/kubernetes/nginx/nginx.yaml @@ -26,20 +26,25 @@ spec: spec: containers: - name: tazblog - image: nixery.local/shell/nginx:{{ .version }} + image: nixery.local/shell/third_party.nginx:{{ .version }} command: ["/bin/bash", "-c"] args: - | + cd /run echo 'nogroup:x:30000:nobody' >> /etc/group echo 'nobody:x:30000:30000:nobody:/tmp:/bin/bash' >> /etc/passwd exec nginx -c /etc/nginx/nginx.conf volumeMounts: - name: nginx-conf mountPath: /etc/nginx + - name: nginx-rundir + mountPath: /run volumes: - name: nginx-conf configMap: name: nginx-conf + - name: nginx-rundir + emptyDir: {} --- apiVersion: v1 kind: Service |