/plugins-storage volume #280
Comments
|
Hey @sretlawd, currently, the location is not configurable. We did this within a scope of a first iteration for security reasons. Therefore, its obviously also not configurable within the helm chart. I've raised #282 to address that issue. As this is just the question, I'll close it. |
|
@SantoDE how can i use this plugin https://plugins.traefik.io/plugins/6335346ca4caa9ddeffda116/crowdsec-bouncer-traefik-plugin then? |
|
I get the same error: |
|
@mloiseleur Nop it did not work for me. I had to set plugins.enabled to false because it defaults to emptydir. But i f i disable it i can not mount the volume because it always states that deployments:
additionalVolumes:
- name: plugins
persistentVolumeClaim:
claimName: traefik-plugins-pvc
additionalVolumeMounts:
- name: plugins
mountPath: /plugins-storage |
|
Yes, if you need it to be persistent, it's better to use a PVC than an emptyDir. |
|
@mloiseleur yes but i cant use it with pvc because i get this error |
|
@Y0ngg4n Then I invite you to check your indentation. This mean that the volumeMount is declared with a The example provided works out of the box on a kubernetes cluster with an emptyDir: $ cat crowdsec-example.yaml
additionalArguments:
- "--experimental.plugins.bouncer.moduleName=github.com/maxlerebourg/crowdsec-bouncer-traefik-plugin"
- "--experimental.plugins.bouncer.version=v1.1.9"
deployment:
additionalVolumes:
- name: plugins
additionalVolumeMounts:
- name: plugins
mountPath: /plugins-storagehelm template traefik -f crowdsec-example.yaml traefik/traefik---
# Source: traefik/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: traefik
namespace: default
labels:
app.kubernetes.io/name: traefik
app.kubernetes.io/instance: traefik-default
helm.sh/chart: traefik-20.8.0
app.kubernetes.io/managed-by: Helm
annotations:
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: traefik
app.kubernetes.io/instance: traefik-default
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 0
type: RollingUpdate
minReadySeconds: 0
template:
metadata:
annotations:
prometheus.io/scrape: "true"
prometheus.io/path: "/metrics"
prometheus.io/port: "9100"
labels:
app.kubernetes.io/name: traefik
app.kubernetes.io/instance: traefik-default
helm.sh/chart: traefik-20.8.0
app.kubernetes.io/managed-by: Helm
spec:
serviceAccountName: traefik
terminationGracePeriodSeconds: 60
hostNetwork: false
containers:
- image: traefik:v2.9.6
imagePullPolicy: IfNotPresent
name: traefik
resources:
[...]
volumeMounts:
- name: data
mountPath: /data
- name: tmp
mountPath: /tmp
- mountPath: /plugins-storage
name: plugins
args:
[...]
- "--experimental.plugins.bouncer.moduleName=github.com/maxlerebourg/crowdsec-bouncer-traefik-plugin"
- "--experimental.plugins.bouncer.version=v1.1.9"
volumes:
- name: data
emptyDir: {}
- name: tmp
emptyDir: {}
- name: plugins
securityContext:
fsGroup: 65532You may check with |
|
@mloiseleur thank you. it was the indentation. |
I was hoping to try out the new plugin system, but looks traefik has ./plugins-storage hardcoded as the storage location, and I havn't figured out how to mount something there via the current helm chart.
│ traefik-b789945b8-d9zq4:time="2020-10-12T18:41:16Z" level=info msg="Configuration loaded from flags." │ │ traefik-b789945b8-d9zq4:2020/10/12 18:41:16 traefik.go:76: command traefik error: mkdir plugins-storage: read-only file system │ │ traefik-b789945b8-d9zq4:stream closed │The text was updated successfully, but these errors were encountered: