[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Cron tasks?



FYI, the Dockerfile was wrong by setting suid to /usr/bin/crontab. That lead to /var/spool/cron/user file owner by root, thus preventing crond to read it.
The working version is at https://github.com/getupcloud/sti-ruby-extra/blob/master/1.9/Dockerfile#L24-L28

Regards,

Mateus Caruccio
Master of Puppets
+55 (51) 8298.0026
gtalk: mateus caruccio getupcloud com
twitter: @MateusCaruccio

This message and any attachment are solely for the intended
recipient and may contain confidential or privileged information
and it can not be forwarded or shared without permission.
Thank you!

On Tue, Feb 23, 2016 at 9:12 AM, Mateus Caruccio <mateus caruccio getupcloud com> wrote:
Hello David.

I've got cron to work as expected by doing this:

1 - Create an "extra" image and add the necessary packages (cronie crontabs nss_wrapper uid_wrapper):

We need to relax security here, otherwise neither crond nor crontab will work, since both are run as regular users: 

2 - Create an script to activate nss_wrapper and (optionally) uid_wrapper:

libuid_wrapper is required by /usr/bin/crontab so it believes to be running as root.
In order to crond start it needs to have the current user in your passwd. You can achieve this by using nss_wrapper with a "fake" passwd file [1] and instruct everyone to use it [2]

3 - From your repo's  (.sti|.s2i)/bin/run, "source" the wrapper and start crond.

if [ -x ${STI_SCRIPTS_PATH}/nss-wrapper-setup ]; then
    source ${STI_SCRIPTS_PATH}/nss-wrapper-setup -u
    crond-start
fi


I choose to run it from the same code container so it can reach the code itself.

Please, feedback is very appreciated.

Best Regards.



Mateus Caruccio
Master of Puppets
+55 (51) 8298.0026
gtalk: mateus caruccio getupcloud com
twitter: @MateusCaruccio

This message and any attachment are solely for the intended
recipient and may contain confidential or privileged information
and it can not be forwarded or shared without permission.
Thank you!

On Tue, Feb 23, 2016 at 7:03 AM, Maciej Szulik <maszulik redhat com> wrote:

On 02/23/2016 10:41 AM, David Strejc wrote:
Does anyone have any experience with cron tasks as they were in OS v2?

v3 does not have cron support yet, there was a proposal already accepted
in k8s. In the following weeks/months I'll be working on implementing
such functionality.

I would like to let our developers maintain cron tasks through git .s2i
folder as it was in v2.
Is it good idea to build cron into docker image and link crontab to file
inside .s2i?

I'm not sure this will work as you expect. You'd still need a separate
mechanism that will actually trigger build, or other action when the
right time comes.

What I can suggest as a temporary solution is writing/deploying some
kind of cron scheduler inside of OpenShift.

Maciej

_______________________________________________
users mailing list
users lists openshift redhat com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]