-
Notifications
You must be signed in to change notification settings - Fork 37
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Run httpd using kolla #620
Run httpd using kolla #620
Conversation
@maximsava12 FYI |
727a145
to
bb7bead
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't know much about kolla, but so far the changes look reasonable to me
Yeah, the goal is to have flexibility in setting permissions to directories, and use the builtin scripts to copy files. The next step, after this patch lands (I'm going to fix kuttl), is to add the appropriate securityContext to the httpd sidecar and run the process as Glance user (provided by kolla) instead of root. |
d28ca0a
to
9e6cd1a
Compare
Instead of running the httpd -DFOREGROUND command as entrypoint for the -httpd sidecar container, this change moves the file copy and deployment logic to kolla. This is a requirement to not run the container as root user, because kolla helps to apply the right permissions to the config files (and pid) used by the process. The switch from root user to GlanceUID (already present as const) will be part of a different patch. Signed-off-by: Francesco Pantano <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/lgtm
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: abays, fmount The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
5a518ee
into
openstack-k8s-operators:main
Instead of running the
httpd -DFOREGROUND
command as entry point for the-httpd
sidecar
container, this change moves the file copy and deployment logic tokolla
.This is a requirement to not run the container as
root
user, becausekolla
helps to apply the right permissions to the config files (andpid
) used by the process.The switch from root user to
GlanceUID
(already present as const) will be part of a different patch, which is already in progress (#610)Jira: https://issues.redhat.com/browse/OSPRH-10040
Jira: https://issues.redhat.com/browse/OSPRH-10143