Chamber exec using file backend #277
Comments
|
Do I understand this right? You have:
You want:
|
|
"The have" is correct with a 3rd point that our application needs to include as a dependency a package for loading the env file. "The want" is correct. This is so we can start up the application with the environment loaded to the process before the application startup command is invoked. Therefore preserving the existing behavior of Our ultimate goal is to reduce api calls to ssm so we avoid api limits during or blue/green deploys. For context, we recycle roughly 250 nodes per deployment. |
|
Right, I understand the utility of some sort of per-node SSM cache, that makes total sense. Honestly I don't love the idea of loading from dotenv files. I see that it could be a useful workaround for your issue, but I don't see it having any sort of broad utility outside of this very narrow use case. I'm more reluctant to do any more dotenv stuff because it's just such a poorly defined format. Docker Compose's dotenv parser famously cannot represent newlines. I really feel like you could do this with a shell script. |
|
Not a problem. I wasn't enthused about the idea either. I'll explore what I can do with eval. |
Use Case
We run several copies of the same container on a host. They all are requesting the same secret so we started to fetch the path in a sidecar container. The sidecar then writes to a shared volume that the app container mounts. A language-specific implementation of dotenv is finally used to populate the environment for the process. For example, dotenv for ruby.
This approach was also taken because of rate-limiting by the ssm api. What 5 api calls per host reduce to a single api call.
Desire
Able to run chamber exec pointing to a file so the environment is set correctly before starting the application. This shifts environment management out of the application and into ops domain.
Command
Another option for the -b flag is
host.The text was updated successfully, but these errors were encountered: