fix(infra/k8s): Workaround for nginx crash on pidfile write

Newer versions of nginx apparently hard-crash if they can't write a
PID file in the current directory.

To work around this, some writeable scratch space is created for the
nginx daemon to write its PID to.
This commit is contained in:
Vincent Ambo 2019-12-20 16:06:19 +00:00
parent a349d5e914
commit 9653bdcf69
3 changed files with 8 additions and 2 deletions

View file

@ -1,6 +1,7 @@
daemon off;
worker_processes 1;
error_log stderr;
pid /run/nginx.pid;
events {
worker_connections 1024;

View file

@ -26,20 +26,25 @@ spec:
spec:
containers:
- name: tazblog
image: nixery.local/shell/nginx:{{ .version }}
image: nixery.local/shell/third_party.nginx:{{ .version }}
command: ["/bin/bash", "-c"]
args:
- |
cd /run
echo 'nogroup:x:30000:nobody' >> /etc/group
echo 'nobody:x:30000:30000:nobody:/tmp:/bin/bash' >> /etc/passwd
exec nginx -c /etc/nginx/nginx.conf
volumeMounts:
- name: nginx-conf
mountPath: /etc/nginx
- name: nginx-rundir
mountPath: /run
volumes:
- name: nginx-conf
configMap:
name: nginx-conf
- name: nginx-rundir
emptyDir: {}
---
apiVersion: v1
kind: Service

View file

@ -35,4 +35,4 @@ include:
- name: https-lb
- name: nginx
values:
version: 52fabe4423095f12f67be1c7dbf88b801c1bb521
version: a349d5e9145ae9a6c89f62ec631f01fb180de546