Page MenuHomePhabricator
Create Task
Maniphest T193646

Can't access /mnt from kubernetes nodejs shell
Closed, ResolvedPublic
Actions

Description

Steps to reproduce:

  • become a tool
  • run webservice --backend=kubernetes nodejs shell as recommended in the doc
  • ls /mnt/nfs => ls: cannot access /mnt/nfs: No such file or directory

Details

SubjectRepoBranchLines +/-
toolforge: Allow pods to mount /mnt/nfsoperations/puppetproduction+2 -1
Mount /mnt/nfs into Kuberntes podsoperations/software/tools-webservicemaster+3 -2
Customize query in gerrit

Related Objects

Event Timeline

Maxlath created this task.May 2 2018, 2:43 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptMay 2 2018, 2:43 PM
Chicocvenancio edited projects, added Toolforge; removed Tools.May 2 2018, 3:16 PM
zhuyifei1999 subscribed.May 2 2018, 4:24 PM

List of mounts: https://github.com/wikimedia/operations-software-tools-webservice/blob/7d7df1bbdd2c7637fc70e30f398859ca7131d3c0/toollabs/webservice/backends/kubernetesbackend.py#L345

The dump is mounted on the host:

root@tools-worker-1001:~# mount | grep dump
labstore1006.wikimedia.org:/dumps on /mnt/nfs/dumps-labstore1006.wikimedia.org type nfs4 (ro,noatime,vers=4.0,rsize=1048576,wsize=1048576,namlen=255,soft,proto=tcp,port=0,timeo=300,retrans=3,sec=sys,clientaddr=10.68.23.55,local_lock=none,addr=208.80.154.7)
labstore1007.wikimedia.org:/dumps on /mnt/nfs/dumps-labstore1007.wikimedia.org type nfs4 (ro,noatime,vers=4.0,rsize=1048576,wsize=1048576,namlen=255,soft,proto=tcp,port=0,timeo=300,retrans=3,sec=sys,clientaddr=10.68.23.55,local_lock=none,addr=208.80.155.106)

/public/dumps/ exists on instance-local storage and consists purely of symlinks:

tools.zhuyifei1999-test@interactive:~$ mount | grep dump
/dev/vda3 on /public/dumps type ext4 (rw,relatime,data=ordered)
root@tools-worker-1001:~# ls /public/dumps/ -l
total 16
lrwxrwxrwx 1 root root 59 Apr  2 16:51 incr -> /mnt/nfs/dumps-labstore1006.wikimedia.org/xmldatadumps/incr
lrwxrwxrwx 1 root root 88 Apr  2 16:51 pagecounts-all-sites -> /mnt/nfs/dumps-labstore1006.wikimedia.org/xmldatadumps/public/other/pagecounts-all-sites
lrwxrwxrwx 1 root root 82 Apr  2 16:51 pagecounts-raw -> /mnt/nfs/dumps-labstore1006.wikimedia.org/xmldatadumps/public/other/pagecounts-raw
lrwxrwxrwx 1 root root 77 Apr  2 16:51 pageviews -> /mnt/nfs/dumps-labstore1006.wikimedia.org/xmldatadumps/public/other/pageviews
lrwxrwxrwx 1 root root 61 Apr  2 16:51 public -> /mnt/nfs/dumps-labstore1006.wikimedia.org/xmldatadumps/public

One (possibly hacky) way to resolve this would be to use the webservice script mount the targets of the symlinks as well...

bd808 added a project: Data-Services.May 5 2018, 10:46 PM
bd808 subscribed.

I think this may be an unintended side effect of the changes that have been made to support the new dumps storage servers. On the underlying Toolforge instances (e.g. tools-worker-1005.tools.eqiad.wmflabs), the /public/dumps directory is now a collection of symlinks to the active NFS mounts under /mnt/nfs. The Kubernetes configuration that we generate for each pod contains volume mounts from the local host that you can see with kubectl describe po/<name of pod>. The relevant portion will look something like:

Volume Mounts:
  /data/project/ from home (rw)
  /data/scratch/ from scratch (rw)
  /etc/ldap.conf from etcldap-conf-7c618 (rw)
  /etc/ldap.yaml from etcldap-yaml-4i1w3 (rw)
  /etc/novaobserver.yaml from etcnovaobserver-yaml-58q9h (rw)
  /public/dumps/ from dumps (rw)
  /var/run/nslcd/socket from varrunnslcdsocket-5241p (rw)

In the past, /public/dumps/ was a direct NFS mount so this worked. Now I guess we need to also mount the host's /mnt/nfs or subdirectories.

bd808 moved this task from Backlog to Shared Storage on the Data-Services board.May 10 2018, 3:24 PM
Vvjjkkii renamed this task from Can't access /mnt from kubernetes nodejs shell to 9rdaaaaaaa.Jul 1 2018, 1:12 AM
Vvjjkkii triaged this task as High priority.
Vvjjkkii added projects: CheckUser, Connected-Open-Heritage-Batch-uploads (RAÄ-KMB_1_2017-02), Tamil-Sites, Gamepress, Hashtags, Jade, KartoEditor, Language-2018-Apr-June, New-Editor-Experiences, Mail, TCB-Team (now WMDE-TechWish).
Vvjjkkii updated the task description. (Show Details)
Vvjjkkii removed a subscriber: Aklapper.
CommunityTechBot renamed this task from 9rdaaaaaaa to Can't access /mnt from kubernetes nodejs shell.Jul 1 2018, 8:48 AM
CommunityTechBot updated the task description. (Show Details)
CommunityTechBot removed projects: TCB-Team (now WMDE-TechWish), Mail, New-Editor-Experiences, Language-2018-Apr-June, KartoEditor, Jade, Hashtags, Gamepress, Tamil-Sites, Connected-Open-Heritage-Batch-uploads (RAÄ-KMB_1_2017-02), CheckUser.
CommunityTechBot added a subscriber: Aklapper.
CommunityTechBot raised the priority of this task from High to Needs Triage.Jul 3 2018, 1:59 AM
gerritbot subscribed.Feb 19 2019, 1:40 AM

Change 491397 had a related patch set uploaded (by BryanDavis; owner: Bryan Davis):
[operations/software/tools-webservice@master] Mount /mnt/nfs into Kuberntes pods

https://gerrit.wikimedia.org/r/491397

gerritbot added a project: Patch-For-Review.Feb 19 2019, 1:40 AM
bd808 claimed this task.Feb 19 2019, 1:42 AM
bd808 added a project: cloud-services-team (Kanban).
gerritbot added a comment.Feb 20 2019, 11:09 PM

Change 491397 merged by jenkins-bot:
[operations/software/tools-webservice@master] Mount /mnt/nfs into Kuberntes pods

https://gerrit.wikimedia.org/r/491397

Stashbot mentioned this in T178601: Add charset=utf-8 by default to lighttpd.Feb 20 2019, 11:17 PM
Stashbot subscribed.

Mentioned in SAL (#wikimedia-cloud) [2019-02-20T23:17:29Z] <zhuyifei1999_> begin build new tools-webservice package T178601 T193646 T215683

Stashbot mentioned this in T215683: Debian Stretch lighttpd does not allow overriding existing mimetype.assign values.Feb 20 2019, 11:17 PM
Stashbot added a comment.Feb 20 2019, 11:30 PM

Mentioned in SAL (#wikimedia-cloud) [2019-02-20T23:30:52Z] <zhuyifei1999_> begin rebuilding all docker images T178601 T193646 T215683

gerritbot added a comment.Feb 21 2019, 12:03 AM

Change 491877 had a related patch set uploaded (by BryanDavis; owner: Bryan Davis):
[operations/puppet@production] toolforge: Allow pods to mount /mnt/nfs

https://gerrit.wikimedia.org/r/491877

gerritbot added a comment.Feb 21 2019, 12:05 AM

Change 491877 merged by Andrew Bogott:
[operations/puppet@production] toolforge: Allow pods to mount /mnt/nfs

https://gerrit.wikimedia.org/r/491877

bd808 closed this task as Resolved.Feb 21 2019, 12:47 AM

Fixed! Running pods will need to be restarted to see the mount.

$ webservice --backend=kubernetes shell
Defaulting container name to interactive.
Use 'kubectl describe pod/interactive -n bd808-test2' to see all of the containers in this pod.
If you don't see a command prompt, try pressing enter.
$ ls /mnt/nfs
dumps-labstore1006.wikimedia.org  labstore-secondary-tools-home
dumps-labstore1007.wikimedia.org  labstore-secondary-tools-project
labstore1003-scratch
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL