fix: pgml symlinks and postgres permissions #469
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Ticket(s) Closed
N/A
What
This PR aims to fix the issue seen when trying to use
paradedb.embed
while deploying with the helm chart. It fixes the postgres user group which was incorrectly set to 26 (tape
group), and finally, installs barman, which is the final missing piece to get backups fully working.Why
Because while testing, we ran into the issue:
This happens because the CloudNative operator mounts the root filesystem as read only:
The operator doesn't directly expose a way to modify the pod Security Context, or volume mounts. I experimented setting
TRANSFORMERS_CACHE
andHF_HOME
, but they aren't respected by pgml. So, the only viable solution left is to symlink to the read write volume, or remove pgml.In addition, I discovered that we were setting the postgres user group to 26, which is assigned to the
tape
group, and notpostgres
, which is set to999
by the official image.Finally, I take this chance to add the barman binaries to get backups fully working.
How
.triton
and.cache
directoriesTests
Tested it works when deploying with the operator, and all steps in the quickstart work.