Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

mesh.lock could not be writen on OpenShift #506

Closed
MehrCurry opened this issue Oct 2, 2018 · 4 comments
Closed

mesh.lock could not be writen on OpenShift #506

MehrCurry opened this issue Oct 2, 2018 · 4 comments
Assignees
@Jotschi
Labels
enhancement

Comments

@MehrCurry
Copy link

Gentics Mesh Version, operating system, or hardware.

  • v0.24.0

Operating System

  • Openshift

JVM

  • from the Docker Image

Problem

In Openshift any Pod runs with a random user id. So writing mesh.lock during startup fails

02:09:55.921 [Veiled Pupitar] INFO  [main] - Could not find keystore {config/keystore.jceks}. Creating one for you..
--
  | 02:09:55.981 [Veiled Pupitar] INFO  [main] - Keystore {config/keystore.jceks} created. The keystore password is listed in your {mesh.yml} file.
  | Exception in thread "main" java.io.IOException: Permission denied
  | at java.io.UnixFileSystem.createFileExclusively(Native Method)
  | at java.io.File.createNewFile(File.java:1012)
  | at com.gentics.mesh.cli.MeshImpl.createLockFile(MeshImpl.java:378)
  | at com.gentics.mesh.cli.MeshImpl.run(MeshImpl.java:120)
  | at com.gentics.mesh.cli.MeshImpl.run(MeshImpl.java:103)
  | at com.gentics.mesh.server.ServerRunner.main(ServerRunner.java:55)
  | 02:09:55.984 [Veiled Pupitar] INFO  [Thread-0] - Mesh shutting down...
  | Error while shutting down mesh.
  | java.lang.NullPointerException
  | at com.gentics.mesh.cli.MeshImpl.shutdown(MeshImpl.java:356)
  | at com.gentics.mesh.cli.MeshImpl.lambda$registerShutdownHook$2(MeshImpl.java:268)
  | at java.lang.Thread.run(Thread.java:745)

/data, /config, /elasticsearch and /tmp (via MESH_TEMP_DIR) is writable via emptyDir volumes.

But mesh still tries to write /mesh/mesh.lock which is not possible.

Reproducer

oc new-app gentics/mesh

Expected behaviour and actual behaviour

It should be written to MESH_TEMP_DIR by default IMHO

Is there any undocumented env var for setting the lock file location?
@Jotschi
Copy link
Contributor

Jotschi commented Oct 2, 2018

Thanks for the issue. The path to every file, folder that is managed by Gentics Mesh should be configurable. I'll try to squeeze the change into the next 0.24.x release. There is currently no setting for this. The path to the lock file is always relative to the current working directory.

@Jotschi Jotschi self-assigned this Oct 2, 2018
@MehrCurry
Copy link
Author

I solved the problem on my own by writting a new Dockerfile which is more suitable for Openshift

FROM openjdk:8

RUN useradd -ms /bin/bash mesh

RUN mkdir /mesh && chown mesh /mesh

ADD mesh-server-0.24.0.jar /opt/mesh/mesh.jar

WORKDIR /mesh
VOLUME /mesh

USER mesh    

EXPOSE 8080

ENTRYPOINT [ "java", "-jar", "/opt/mesh/mesh.jar" ]

The trick is to move everything out of the working directory so that we can bind-mount an emptyDir volume in OpenShift which makes it writable.

Anyway MESH_LOCK_PATH solves the problem also.

@Jotschi Jotschi closed this as completed in dba2cb1 Oct 3, 2018
@Jotschi
Copy link
Contributor

Jotschi commented Oct 5, 2018

The setting has been released with 0.24.1

@Jotschi
Copy link
Contributor

Jotschi commented Jan 17, 2020

@MehrCurry OpenShift support for Mesh has been improved with release 1.3.3 - The containers / pods can now be run with any UID. Group permissions on the default folders have been changed as well.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Jotschi Jotschi

Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Jotschi @MehrCurry