FYI, the Dockerfile was wrong by setting suid to /usr/bin/crontab. That lead to /var/spool/cron/user file owner by root, thus preventing crond to read it. The working version is at https://github.com/getupcloud/sti-ruby-extra/blob/master/1.9/Dockerfile#L24-L28
Regards, *Mateus Caruccio* Master of Puppets +55 (51) 8298.0026 gtalk: *mateus.caruc...@getupcloud.com <diogo.goe...@getupcloud.com>twitter: @MateusCaruccio <https://twitter.com/MateusCaruccio>* This message and any attachment are solely for the intended recipient and may contain confidential or privileged information and it can not be forwarded or shared without permission. Thank you! On Tue, Feb 23, 2016 at 9:12 AM, Mateus Caruccio < mateus.caruc...@getupcloud.com> wrote: > Hello David. > > I've got cron to work as expected by doing this: > > 1 - Create an "extra" image and add the necessary packages (cronie > crontabs nss_wrapper uid_wrapper): > > https://github.com/getupcloud/sti-ruby-extra/blob/1dfed4ca7ca153e261c880f0b036129c5d9011ca/1.9/Dockerfile#L18 > > We need to relax security here, otherwise neither crond nor crontab will > work, since both are run as regular users: > > https://github.com/getupcloud/sti-ruby-extra/blob/1dfed4ca7ca153e261c880f0b036129c5d9011ca/1.9/Dockerfile#L24-L26 > > 2 - Create an script to activate nss_wrapper and (optionally) uid_wrapper: > > https://github.com/getupcloud/sti-ruby-extra/blob/master/1.9/nss-wrapper-setup > > libuid_wrapper is required by /usr/bin/crontab so it believes to be > running as root. > In order to crond start it needs to have the current user in your passwd. > You can achieve this by using nss_wrapper with a "fake" passwd file [1] and > instruct everyone to use it [2] > > 3 - From your repo's (.sti|.s2i)/bin/run, "source" the wrapper and start > crond. > > if [ -x ${STI_SCRIPTS_PATH}/nss-wrapper-setup ]; then > source ${STI_SCRIPTS_PATH}/nss-wrapper-setup -u > crond-start > fi > > > > I choose to run it from the same code container so it can reach the code > itself. > > Please, feedback is very appreciated. > > Best Regards. > > [1] > https://github.com/getupcloud/sti-ruby-extra/blob/1dfed4ca7ca153e261c880f0b036129c5d9011ca/1.9/nss-wrapper-setup#L22-L27 > [2] > https://github.com/getupcloud/sti-ruby-extra/blob/1dfed4ca7ca153e261c880f0b036129c5d9011ca/1.9/nss-wrapper-setup#L29-L31 > > > *Mateus Caruccio* > Master of Puppets > +55 (51) 8298.0026 > gtalk: > > > *mateus.caruc...@getupcloud.com <diogo.goe...@getupcloud.com>twitter: > @MateusCaruccio <https://twitter.com/MateusCaruccio>* > This message and any attachment are solely for the intended > recipient and may contain confidential or privileged information > and it can not be forwarded or shared without permission. > Thank you! > > On Tue, Feb 23, 2016 at 7:03 AM, Maciej Szulik <maszu...@redhat.com> > wrote: > >> >> On 02/23/2016 10:41 AM, David Strejc wrote: >> >>> Does anyone have any experience with cron tasks as they were in OS v2? >>> >> >> v3 does not have cron support yet, there was a proposal already accepted >> in k8s. In the following weeks/months I'll be working on implementing >> such functionality. >> >> I would like to let our developers maintain cron tasks through git .s2i >>> folder as it was in v2. >>> Is it good idea to build cron into docker image and link crontab to file >>> inside .s2i? >>> >> >> I'm not sure this will work as you expect. You'd still need a separate >> mechanism that will actually trigger build, or other action when the >> right time comes. >> >> What I can suggest as a temporary solution is writing/deploying some >> kind of cron scheduler inside of OpenShift. >> >> Maciej >> >> _______________________________________________ >> users mailing list >> users@lists.openshift.redhat.com >> http://lists.openshift.redhat.com/openshiftmm/listinfo/users >> > >
_______________________________________________ users mailing list users@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/users
