Bug #57338
openOrchestrator not correctly parsing extra_container_args for volumes
0%
Description
At our company host certificates are automatically created and updated on the hostmachine. To set the correct certificate for Grafana I use the extra_container_args and add a volume to overwrite the container certificate.
The following configuration works correctly:
service_type: grafana service_name: grafana placement: count: 1 hosts: - host1.example.com - host2.example.com - host3.example.com extra_container_args: - "-v=/opt/ceph_cert/host.cert:/etc/grafana/certs/cert_file:ro" - "-v=/opt/ceph_cert/host.key:/etc/grafana/certs/cert_key:ro"
The volume settings in extra_container_args won't work if you use for example "-v /opt/ceph_cert/host.key:/etc/grafana/certs/cert_key:ro" (using a space) or "--volume /opt/ceph_cert/host.key:/etc/grafana/certs/cert_key:ro".
Via "journalctl -xe" I got the error why the container wouldn't start when using a space between "-v" and the paths:
Error: error creating named volume " /opt/ceph_cert/host.cert": running volume create option: names must match [a-zA-Z0-9][a-zA-Z0-9_.-]*: invalid argument
When using "--volume", I got an error indicating unknown parameter.
Updated by Redouane Kachach Elhichou over 1 year ago
- Subject changed from Orchistrator not correctly parsing extra_container_args for volumes to Orchestrator not correctly parsing extra_container_args for volumes
Updated by Adam King over 1 year ago
Hi, as a potential workaround for now, you could maybe split this into multiple lines. I know for mounting a certificate someone wanted in their rgw daemons
extra_container_args: - "-v" - "/etc/pki/ca-trust/extracted:/etc/pki/ca-trust/extracted:ro"
worked for them.
Updated by Sake Paulusma over 1 year ago
Adam King wrote:
Hi, as a potential workaround for now, you could maybe split this into multiple lines. I know for mounting a certificate someone wanted in their rgw daemons
[...]
worked for them.
The mentioned service configuration works; the usage of an "=" without spaces works :) Maybe mention this in the docs for the time being?
Updated by Adam King over 1 year ago
Sake Paulusma wrote:
Adam King wrote:
Hi, as a potential workaround for now, you could maybe split this into multiple lines. I know for mounting a certificate someone wanted in their rgw daemons
[...]
worked for them.
The mentioned service configuration works; the usage of an "=" without spaces works :) Maybe mention this in the docs for the time being?
I've created https://github.com/ceph/ceph/pull/48008 for documenting this. Feel free to leave feedback, or, if I've already merged this, recommend another change. I'll probably merge in the next few days barring some unforeseen issue.
Updated by Adam King over 1 year ago
- Assignee set to Adam King
- Backport set to quincy, pacific
- Pull request ID set to 48801