Persistance of logs and ACL policies, rundeck docker

51 views
Skip to first unread message

TAYLOR J HAMMERLING

unread,
Mar 18, 2022, 3:08:55 PMMar 18
to rundeck...@googlegroups.com

I am hoping someone here can help me with this issue.

 

I am using the official 3.4.10 community edition rundeck image.

I have noticed that some information does not persist across docker restarts without putting it on some form of a volume (host or named).  Items I have found thus far are

 

#paths listed in this part are in the container

/home/rundeck/libext (plugin directory)

/home/rundeck/etc (ACL location)

job execution logs (not entirely sure where those live)

 

I prefer to use host volumes over named volumes when possible.  I worry a co-worker might accidentally “docker-compose down -v” and *poof* my named volumes would be gone!

 

When I set up a host volume for the /home/rundeck/etc folder using the following

        volumes:

          - ./etc:/home/rundeck/etc

 

The volume is created properly, but not all the files that are supposed to show up in the /home/rundeck/etc folder do.

We should see

 

admin.aclpolicy  framework.properties  preferences.properties  profile  profile.bat  project.properties

 

But instead, we only see the “framework.properties” file.

 

I ensured that the folders have the correct permissions before bringing up my docker-compose stack by running a chown -R 1000:root /local/etc/path

 

If I use a named volume instead (like this)

        volumes:
          - rundeck_etc:/home/rundeck/etc

 

The data in /home/rundeck/etc persistes thru restarting my docker-compose stack, but is vulnerable to a purge or a docker-compose down -v, which makes me less than comfortable.

 

So, after all that I guess I have two questions

 

  1. Is there a way to use a host volume to mount /home/rundeck/etc
    and have all the files created properly?
  2. What are all the locations in the Rundeck 3.4.10 image I will want to ensure are covered by a volume (so as to ensure they persist thru reboots)?

rac...@rundeck.com

unread,
Mar 18, 2022, 5:14:10 PMMar 18
to rundeck-discuss
Hi Taylor,

Most of the files are generated by the templating system. So, the config that you need is covered by the env vars described here. You can check a lot of docker config examples here.

Anyway, the better approach still using files in the volumes section, take a look at this.

Hope it helps!

rac...@rundeck.com

unread,
Mar 19, 2022, 12:13:47 PMMar 19
to rundeck-discuss

Hi Taylor,

In addition to my first answer (based on a standard config, so, you can ignore it ;-), I saw the same behavior using persistent volumes on /home/rundeck/etc and you’re facing this. Could you add your use case on that thread?

Putting all the files on the local directory like a “global template” fixes that (as a “dirty” workaround) but certainly, the container must generate the files automatically.

Greetings!

TAYLOR J HAMMERLING

unread,
Mar 28, 2022, 10:31:02 AMMar 28
to rundeck...@googlegroups.com

Your reply is much appreciated 😊

 

I ended up using a specific file volume, like this –

- ./ACLs/rundeck_admins.aclpolicy:/home/rundeck/etc/rundeck_admins.aclpolicy

 

And will add additional ACLS in the same manner as needed.

 

I also updated the git issue you linked to add my voice 😊

 

Taylor

--
You received this message because you are subscribed to the Google Groups "rundeck-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rundeck-discu...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/rundeck-discuss/db267ce2-47e6-43cf-adef-80b53fd68ef4n%40googlegroups.com.

Reply all
Reply to author
Forward
0 new messages