Support for switch configs/secrets on-the-fly #40443
Comments
|
Not strictly, but also related: "Updating --restart-condition restarts service" docker-archive/classicswarm#2848 (I don't know whether the issue mentioned there fixed already or not, I just found it while googling, haven't checked the story behind it...) |
|
I'm not sure this would work; updating "on the fly" would mean unmounting the config/secret in the running containers, and mounting the new secret/config in the same (or possibly different) place. Processes inside the container could have these files open (potentially causing the unmount to fail) or processes may only read configs/secrets when starting the container (thus updating the config/secret having no effect). For reasons above, updating these options will replace existing containers with a new one |
|
This sounds reasonable, thank you! However, I think my original concept is still valid: there should be some support to change configs/secrets contents in a running container to let applications re-load changed config files on-the-fly if they are designed to do so in the first place... |
Currently "docker service update" commands related to configs/secrets automatically restart service instances in a swarm. (Checked with 19.05.3 build 633a0ea838)
There are plenty of tools on the market which are able to detect an underneath configuration file change and re-configure themselves with the new data without the need of restart. Running these services as a swarm service looses this benefit. (Assuming one uses config/secret feature of swarm services instead of regular container mounts.)
Since there exisis a --force option which could be used to indicate the need of a restart, I think
--config-add
--config-rm
--secret-add
--secret-rm
options should not re-schedule tasks by default.
The text was updated successfully, but these errors were encountered: