Thank you Sriram.
So, ".ssh" folder mounting will be separate from the rest of the data
(/godata, for plugins, pipelines, db etc)...so there would be two separate
mount points into the container ?
I'm using ECS at the moment and not kubernetes, so my task definition will
have two mount points like below:
```
"mountPoints": [
{
"sourceVolume": "efs_id:/godata",
"containerPath": "/godata"
},
{
"sourceVolume": "efs_id:/godata/.ssh",
"containerPath": "/home/go/.ssh"
}
],
```
So mounting /godata and efs_id:/godata/.ssh from EFS into the
container at /godata
and /home/go/.ssh locations respectively (per above code) seems to work.
In this case entry_point.sh from the base image is able to map/consider and
execute them properly, hence the server is up and running and
functioning properly.
Is that the way it has to be, I think the github repo for gocd server says
that I guess, but perhaps I feel that extra mount point just for .ssh is
overkill and if .ssh can also be entertained by entry_point.sh from one
single mount point /godata in my case, that would be great ?
If I do not mount .ssh into /home/go/.ssh separately into the container -
things seem to fail complaining that "key verification failed", I'm not
sure whether I'm still missing something here.
Many thanks
Satya
On Thu, Apr 25, 2024 at 3:31 PM Sriram Narayanan <[email protected]>
wrote:
>
>
> On Thu, Apr 25, 2024 at 10:16 PM Satya Elipe <[email protected]>
> wrote:
>
>> Hi all
>>
>> Wonder, what's the way around to mount .ssh from EFS into the gocd base
>> container (from the image gocd/gocd-server:v22.3.0).
>>
>>
>> We have saved all our content into EFS under /godata and maps that into
>> the container as /godata.
>>
>>
>> We are using gocd/gocd-server:v22.3.0.
>>
>>
>> It all runs good, mapping was fine too but just one thing that’s not
>> happening is “.ssh” folder.
>>
>>
>> I have .ssh with all required keys in EFS under /godata and /godata
>> within the container also has .ssh but not /go-working-dir.
>>
>>
>> Is that supported, am I mis-configuring it, or do we need to handle that
>> outside of the base image ?
>>
>
> At a high level, the .ssh folder should be mounted into /home/go.
> e.g. docker run -v /path/to/godata:/godata -v /path/to/home-dir:/home/go
> gocd/gocd-server:v23.5.0
> IMPORTANT: You must set the user ID of the files within .ssh to 1000. This
> is the user ID of the gocd process within the container.
>
> See:
> https://github.com/gocd/docker-gocd-server?tab=readme-ov-file#mounting-volumes
>
> Given that you are using Kubernetes, please see the Helm chart
> documentation here
> https://github.com/gocd/helm-chart/blob/master/gocd/README.md
>
> It provides info on just about every configurable attribute for the GoCD
> server and the agent.
>
> Of particular importance for you are these two attributes:
> server.persistence.subpath.homego
> agent.persistence.subpath.homego
>
> Please see that document and jot down your action plan since you will need
> to provide the SSH keys to the server _and_ the agent containers.
>
> IMPORTANT: You must set the user ID of the files within .ssh to 1000. This
> is the user ID of the gocd process within the container.
>
>
>
>>
>> Many thanks in advance !
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "go-cd" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to [email protected].
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/go-cd/CADKEDRrQOX11i951ZPiUYeOdMqThbCoZG7_WAqgBJFg1BxqxfQ%40mail.gmail.com
>> <https://groups.google.com/d/msgid/go-cd/CADKEDRrQOX11i951ZPiUYeOdMqThbCoZG7_WAqgBJFg1BxqxfQ%40mail.gmail.com?utm_medium=email&utm_source=footer>
>> .
>>
> --
> You received this message because you are subscribed to the Google Groups
> "go-cd" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/go-cd/CANiY96aM47Ck0vc%3D1BnjnMd%2BT9eu4BKokLqLXMG0mNAezT2V_A%40mail.gmail.com
> <https://groups.google.com/d/msgid/go-cd/CANiY96aM47Ck0vc%3D1BnjnMd%2BT9eu4BKokLqLXMG0mNAezT2V_A%40mail.gmail.com?utm_medium=email&utm_source=footer>
> .
>
--
You received this message because you are subscribed to the Google Groups
"go-cd" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/go-cd/CADKEDRoj%2BrFqeT%2B3%2BF_TYnOn6C03kTJyzDzdtChoDOEc_BWxzg%40mail.gmail.com.
