thenets / docker-parsoid

Containerized MediaWiki parsoid service
MIT License
21 stars 17 forks source link

bug fix for kubernetes (file permission, exposed port) #6

Closed endoodev1 closed 5 years ago

endoodev1 commented 5 years ago

In some kubernetes environments (especially hosted ones) for security reasons the standard permission will be 700 which will cause errors (permission denied) with config.yaml. Moreover it is not allowed to use ports which are not exposed. So also 8001 needs to be exposed because it is used somewhere in parsoid.

thenets commented 5 years ago

Hi @endoodev1 ! :)

Thanks a lot for the PR. I'll check these errors and fix the current versions. Also, how are you deploying the MediaWiki + Parsoid? Maybe I can create some deployment examples for Kubernetes and add to the docs.

Thanks once again ^^

thenets commented 5 years ago

@endoodev1 I think is fixed :)

Check the new Docker image versions at the README.md file. I keep the old image tags as well for compatibility.

endoodev1 commented 5 years ago

Hi @thenets. Thanks for merging the code so fast! We had the problem in a hosted kubernetes System of "Deutsche Telekom" called "Cloud Container Engine". We simply wanted to deploy a parsoid instance for our mediawiki which is running in a simple webspace. The problem was, that in this environment the umask in every docker container was 0027 what means that a new file will be created with 740 file permission. At the starting point of parsoid, the parsoid user had no permission to read the config file and parsoid won't start. This is no standard case because normally umask is 0022 where you will not run into that problem with your Dockerfile.

thenets commented 5 years ago

@endoodev1 I had no idea about that different Kubernetes implementations with custom user permissions. Let me know if you need something related to the Parsoid or MediaWiki :)