New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
/plugins-storage volume #280
Comments
Hey @sretlawd, currently, the location is not configurable. We did this within a scope of a first iteration for security reasons. Therefore, its obviously also not configurable within the helm chart. I've raised #282 to address that issue. As this is just the question, I'll close it. |
@SantoDE how can i use this plugin https://plugins.traefik.io/plugins/6335346ca4caa9ddeffda116/crowdsec-bouncer-traefik-plugin then? |
I get the same error:
|
@mloiseleur Nop it did not work for me. I had to set plugins.enabled to false because it defaults to emptydir. But i f i disable it i can not mount the volume because it always states that deployments:
additionalVolumes:
- name: plugins
persistentVolumeClaim:
claimName: traefik-plugins-pvc
additionalVolumeMounts:
- name: plugins
mountPath: /plugins-storage |
Yes, if you need it to be persistent, it's better to use a PVC than an emptyDir. |
@mloiseleur yes but i cant use it with pvc because i get this error |
@Y0ngg4n Then I invite you to check your indentation. This mean that the volumeMount is declared with a The example provided works out of the box on a kubernetes cluster with an emptyDir: $ cat crowdsec-example.yaml
additionalArguments:
- "--experimental.plugins.bouncer.moduleName=github.com/maxlerebourg/crowdsec-bouncer-traefik-plugin"
- "--experimental.plugins.bouncer.version=v1.1.9"
deployment:
additionalVolumes:
- name: plugins
additionalVolumeMounts:
- name: plugins
mountPath: /plugins-storage helm template traefik -f crowdsec-example.yaml traefik/traefik ---
# Source: traefik/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: traefik
namespace: default
labels:
app.kubernetes.io/name: traefik
app.kubernetes.io/instance: traefik-default
helm.sh/chart: traefik-20.8.0
app.kubernetes.io/managed-by: Helm
annotations:
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: traefik
app.kubernetes.io/instance: traefik-default
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 0
type: RollingUpdate
minReadySeconds: 0
template:
metadata:
annotations:
prometheus.io/scrape: "true"
prometheus.io/path: "/metrics"
prometheus.io/port: "9100"
labels:
app.kubernetes.io/name: traefik
app.kubernetes.io/instance: traefik-default
helm.sh/chart: traefik-20.8.0
app.kubernetes.io/managed-by: Helm
spec:
serviceAccountName: traefik
terminationGracePeriodSeconds: 60
hostNetwork: false
containers:
- image: traefik:v2.9.6
imagePullPolicy: IfNotPresent
name: traefik
resources:
[...]
volumeMounts:
- name: data
mountPath: /data
- name: tmp
mountPath: /tmp
- mountPath: /plugins-storage
name: plugins
args:
[...]
- "--experimental.plugins.bouncer.moduleName=github.com/maxlerebourg/crowdsec-bouncer-traefik-plugin"
- "--experimental.plugins.bouncer.version=v1.1.9"
volumes:
- name: data
emptyDir: {}
- name: tmp
emptyDir: {}
- name: plugins
securityContext:
fsGroup: 65532 You may check with |
@mloiseleur thank you. it was the indentation. |
I was hoping to try out the new plugin system, but looks traefik has ./plugins-storage hardcoded as the storage location, and I havn't figured out how to mount something there via the current helm chart.
│ traefik-b789945b8-d9zq4:time="2020-10-12T18:41:16Z" level=info msg="Configuration loaded from flags." │ │ traefik-b789945b8-d9zq4:2020/10/12 18:41:16 traefik.go:76: command traefik error: mkdir plugins-storage: read-only file system │ │ traefik-b789945b8-d9zq4:stream closed │
The text was updated successfully, but these errors were encountered: