Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove nginx config files from cloud proxy container in favor of Configmaps for easier runtime overrides #2018

Merged
merged 3 commits into from
Sep 16, 2024
Merged

Remove nginx config files from cloud proxy container in favor of Configmaps for easier runtime overrides #2018

merged 3 commits into from
Sep 16, 2024

Conversation

ddelnano
Copy link
Member

@ddelnano ddelnano commented Sep 10, 2024
edited
Loading

Summary: Remove nginx config files from cloud proxy container in favor of Configmaps for easier runtime overrides

This is an alternative approach to #2014 and #2016. While this doesn't provide an environment variable for configuring the intended behavior, this approach is more flexible since many Nginx directives don't work with variables (server_name, resolver, among others ).

Because nginx prohibits variables in these directives, it makes it very difficult to provide environment variable based settings without our previous sed approach. The sed approach also has its problems since it requires hacks to support configuration removals. Rather than trying to solve all potential use cases, this PR opts to make the configuration easy to swap out via the pl-proxy-nginx-config Configmap.

I plan to update the self hosted cloud docs to call out that this Configmap exists and should be used if custom nginx configuration is needed outside of the upstream defaults.

Relevant Issues: #2017

Type of change: /kind feature

Test Plan: Deployed to a cloud environment and verified that the upstream defaults and PL_DOMAIN_NAME apply as expected

Changelog Message: Removed nginx configuration from the container image into pl-proxy-nginx-config Configmap for easier runtime overrides

@ddelnano
Remove nginx config files from cloud proxy container in favor of Conf…
9169b67 
…igmaps for easier runtime overrides

Signed-off-by: Dom Del Nano <[email protected]>
@ddelnano ddelnano requested review from a team as code owners September 10, 2024 21:22
@ddelnano
Fix linting
0a44b36 
Signed-off-by: Dom Del Nano <[email protected]>
@ddelnano ddelnano force-pushed the ddelnano/migrate-nginx-configs-to-configmap branch from 2258220 to 0a44b36 Compare September 10, 2024 22:49
@ddelnano ddelnano mentioned this pull request Sep 11, 2024
Closed
@ddelnano ddelnano merged commit 9b5f295 into pixie-io:main Sep 16, 2024
19 checks passed
@ddelnano ddelnano deleted the ddelnano/migrate-nginx-configs-to-configmap branch September 16, 2024 21:28
This was referenced Sep 16, 2024
Closed
Closed
Closed
Merged
ddelnano added a commit that referenced this pull request Sep 18, 2024
@ddelnano
Fix cloud proxy entrypoint by avoiding modifying a RO directory (Conf…
1f96cff 
…igmap mount directory) (#2027)

Summary: Fix cloud proxy entrypoint by avoiding modifying a RO directory
(Configmap mount directory)

This bug was introduced between 0a44b36
and c3e0fba on #2018 when the
individual file mounts were changed to a directory mount. Deploying the
cloud proxy from main results in the following error:

```
$ kubectl -n plc logs cloud-proxy-5df85487bf-hrglr
Defaulted container "cloud-proxy-server" out of: cloud-proxy-server, envoy
/scripts/entrypoint.sh: line 20: can't create /usr/local/openresty/nginx/conf/nginx.conf: Read-only file system
```

When I originally tested the final change, I must have only looked at
the resulting directory and missed that the pod was crashing. This issue
was detected during the 0.1.8 cloud prerelease testing.

Relevant Issues: #2017 #2013

Type of change: /kind bugfix

Test Plan: Verified that the cloud proxy image starts up successfully

Signed-off-by: Dom Del Nano <[email protected]>
ddelnano added a commit to ddelnano/pixie that referenced this pull request Sep 23, 2024
@ddelnano @cosmic-copybara
Remove nginx config files from cloud proxy container in favor of Conf…
f493dcf 
…igmaps for easier runtime overrides (pixie-io#2018)

Summary: Remove nginx config files from cloud proxy container in favor
of Configmaps for easier runtime overrides

This is an alternative approach to pixie-io#2014 and pixie-io#2016. While this doesn't
provide an environment variable for configuring the intended behavior,
this approach is more flexible since many Nginx directives don't work
with variables (`server_name`, `resolver`, among others ).

Because nginx prohibits variables in these directives, it makes it very
difficult to provide environment variable based settings without our
previous `sed` approach. The `sed` approach also has its problems since
it requires
[hacks](https://github.com/pixie-io/pixie/pull/2014/files#diff-5ec7ca8d0f624fe1f4eb3778cc96dcee2f999bf39bad422807b67b15ce2f8e7bR27)
to support configuration removals. Rather than trying to solve all
potential use cases, this PR opts to make the configuration easy to swap
out via the `pl-proxy-nginx-config` Configmap.

I plan to update the self hosted cloud docs to call out that this
Configmap exists and should be used if custom nginx configuration is
needed outside of the upstream defaults.

Relevant Issues: pixie-io#2017

Type of change: /kind feature

Test Plan: Deployed to a cloud environment and verified that the
upstream defaults and `PL_DOMAIN_NAME` apply as expected

Changelog Message: Removed nginx configuration from the container image
into `pl-proxy-nginx-config` Configmap for easier runtime overrides

---------

Signed-off-by: Dom Del Nano <[email protected]>
GitOrigin-RevId: 9b5f295
ddelnano added a commit to ddelnano/pixie that referenced this pull request Sep 23, 2024
@ddelnano @cosmic-copybara
Fix cloud proxy entrypoint by avoiding modifying a RO directory (Conf…
f4f0518 
…igmap mount directory) (pixie-io#2027)

Summary: Fix cloud proxy entrypoint by avoiding modifying a RO directory
(Configmap mount directory)

This bug was introduced between 0a44b36
and c3e0fba on pixie-io#2018 when the
individual file mounts were changed to a directory mount. Deploying the
cloud proxy from main results in the following error:

```
$ kubectl -n plc logs cloud-proxy-5df85487bf-hrglr
Defaulted container "cloud-proxy-server" out of: cloud-proxy-server, envoy
/scripts/entrypoint.sh: line 20: can't create /usr/local/openresty/nginx/conf/nginx.conf: Read-only file system
```

When I originally tested the final change, I must have only looked at
the resulting directory and missed that the pod was crashing. This issue
was detected during the 0.1.8 cloud prerelease testing.

Relevant Issues: pixie-io#2017 pixie-io#2013

Type of change: /kind bugfix

Test Plan: Verified that the cloud proxy image starts up successfully

Signed-off-by: Dom Del Nano <[email protected]>
GitOrigin-RevId: 1f96cff
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vihangm vihangm vihangm left review comments

@aimichelle aimichelle aimichelle approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@ddelnano @vihangm @aimichelle