1

I need some kind of advise on my problem as I cannot find a suitable solution.

I have a k8s cluster with several nodes and Directus deployed in several pods. My developers want to extend Directus with custom extensions. This is done by uploading these source files in the /extension folder.

This means every pod needs to share the /extension folder to access the files. So my thought was using a shared pvc.

Basically I can setup a NFS pvc wirh rwx to be shared between pods and mounted as /extension.

BUT: How can I deploy the source code and folder structure on this pvc? So I would need to either accesss the FS externally via local mount OR via Github actions to deploy code changes. Jut NFS does not support any auth method so I would open the gate of hell if I access the NFS port outside the privat network.

Is there any other pvc rwx storage solution that could be used also with at least local access options?

I would create the pvc, access it via kubectl, buimd the folder structure as needed from Directus, push code via kubectl cp. Jut this seems a mess in production.

Joe
  • 11
  • 4

1 Answers1

0

In the meantime I proceed with the following stack:

  • NFS pod mounts block storage PV RWO and provides NFS PVC to cluster
  • Directus mounts NFS PVC at /directus/extensions
  • Filebrowser mounts NFS PVC at /srv

So basically I used filebrowser:filebrowser (Github) container to serve the NFS pvc content (=directus extensions folder) to developers over HTTPS interface. This enables them to upload new files manually directly on the NFS mount that would be picked up by the App.

This seems propriate for development phase but I doubt this could work in production phase. Reasons for this:

  1. There is no integration in CI/CD possible
  2. Restart of filebrowser container requires manual interaction to secure the pod as they don't provide .env config for proper k8s deployment

So I am still looking at solutions to push code changes onto a Kubernetes NFS mount. Any dockerized service in mind?!

Joe
  • 11
  • 4