fix: remove shared-config PVC from g10k cronjob, clone r10k config directly (#75)
The RWO puppetserver-shared-config PVC caused multi-attach errors when the cronjob pod was scheduled on a different node than the previous run, stalling the init container indefinitely. Since the config only needs to exist for the duration of the job, remove the init container and PVC entirely and clone the r10k config directly into /shared within the main container before running g10k. Reviewed-on: #75
This commit was merged in pull request #75.
This commit is contained in:
@@ -26,38 +26,6 @@ spec:
|
||||
spec:
|
||||
hostname: g10k-code
|
||||
imagePullSecrets: null
|
||||
initContainers:
|
||||
- name: fetch-config
|
||||
image: alpine/git:latest
|
||||
imagePullPolicy: IfNotPresent
|
||||
resources:
|
||||
requests:
|
||||
cpu: 50m
|
||||
memory: 64Mi
|
||||
limits:
|
||||
cpu: 100m
|
||||
memory: 128Mi
|
||||
args:
|
||||
- |
|
||||
set -e
|
||||
echo "Cloning r10k config repository..."
|
||||
git clone https://git.unkin.net/unkin/puppet-r10k.git /tmp/config
|
||||
cp /tmp/config/r10k.yaml /shared/r10k.yaml
|
||||
echo "r10k.yaml fetched successfully"
|
||||
command:
|
||||
- /bin/sh
|
||||
- -c
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
capabilities:
|
||||
drop:
|
||||
- all
|
||||
runAsGroup: 999
|
||||
runAsNonRoot: true
|
||||
runAsUser: 999
|
||||
volumeMounts:
|
||||
- mountPath: /shared
|
||||
name: shared-config
|
||||
containers:
|
||||
- name: g10k-code
|
||||
image: git.unkin.net/unkin/almalinux9-g10k:20260308
|
||||
@@ -69,11 +37,16 @@ spec:
|
||||
limits:
|
||||
cpu: 200m
|
||||
memory: 256Mi
|
||||
args:
|
||||
- -config
|
||||
- /shared/r10k.yaml
|
||||
command:
|
||||
- /usr/bin/g10k
|
||||
- /bin/sh
|
||||
- -c
|
||||
args:
|
||||
- |
|
||||
set -e
|
||||
echo "Cloning r10k config repository..."
|
||||
git clone https://git.unkin.net/unkin/puppet-r10k.git /shared
|
||||
echo "Running g10k..."
|
||||
/usr/bin/g10k -config /shared/r10k.yaml
|
||||
envFrom: null
|
||||
env: []
|
||||
securityContext:
|
||||
@@ -87,8 +60,6 @@ spec:
|
||||
volumeMounts:
|
||||
- mountPath: /etc/puppetlabs/code/
|
||||
name: puppet-code-volume
|
||||
- mountPath: /shared
|
||||
name: shared-config
|
||||
restartPolicy: OnFailure
|
||||
securityContext:
|
||||
fsGroup: 999
|
||||
@@ -96,6 +67,3 @@ spec:
|
||||
- name: puppet-code-volume
|
||||
persistentVolumeClaim:
|
||||
claimName: puppetserver-code-shared
|
||||
- name: shared-config
|
||||
persistentVolumeClaim:
|
||||
claimName: puppetserver-shared-config
|
||||
|
||||
@@ -73,24 +73,6 @@ spec:
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/component: r10k-shared-config
|
||||
app.kubernetes.io/instance: puppetserver
|
||||
app.kubernetes.io/name: puppetserver
|
||||
app.kubernetes.io/version: 8.8.0
|
||||
name: puppetserver-shared-config
|
||||
namespace: puppet
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
||||
storageClassName: cephrbd-fast-delete
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/component: puppetboard
|
||||
|
||||
Reference in New Issue
Block a user