help request: nginx.conf generated folder

apache / apisix

The Cloud-Native API Gateway

https://apisix.apache.org/blog/

Apache License 2.0

14.3k stars 2.49k forks source link

help request: nginx.conf generated folder #11425

Open konsri opened 1 month ago

konsri commented 1 month ago

Description

When apisix start it creates a file ngnx.conf inside /usr/local/apisix/conf. I want my filesystem to be readonly in k8s pod. apisix start fails when filesystem is readonly because it is trying to create nginx.conf. How to specify a different folder other than/usr/local/apisix/conf for configuration files.

Environment

APISIX version 3.8.0:
Operating system Linux:
OpenResty / Nginx version openresty/1.21.4.2:

kayx23 commented 1 month ago

From anecdotal experiences with docs and deployment of APISIX in K8s pods, the recommended way is to provision the right privilege for APISIX. I have not seen the practice of specifying a different folder for the said files.

juzhiyuan commented 1 month ago

@konsri I have encountered the same error when running APISIX on OpenShift with strict policies. Unfortunately, we have to allow proper permissions to run APISIX. And there has yet to be a plan to change this issue.

There has one doc to run API7 Gateway inside OpenShift, I think this applies to APISIX as well, refer to https://docs.api7.ai/enterprise/deployment/kubernetes#configure-scc-for-api7-gateway

shreemaan-abhishek commented 1 month ago

maybe we could make this variable configurable.

https://github.com/shreemaan-abhishek/apisix/blob/507df1262de88c4ed3ee8a637de46c4f4d2412f8/apisix/cli/apisix.lua#L26

But this can be very risky as it could uncover unexpected bugs/failures.