Skip to content

Feature: Enable multiple EFS volumes and mount points #24

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Jan 20, 2025
Merged

Feature: Enable multiple EFS volumes and mount points #24

merged 5 commits into from
Jan 20, 2025

Conversation

@MiroDojkic
Copy link
Member

@MiroDojkic MiroDojkic commented Jan 17, 2025
edited
Loading

Multiple EFS Volumes and Mount Points Support

This PR adds support for configuring multiple EFS volumes and mount points in the MongoDB and ECS services, along with improved documentation.

Changes

Features

  • Added support for configuring multiple EFS volumes and mount points for ECS and Mongo
  • Configures a single EFS access point with limited access only to /data
    • this was included to support the best practice of not running containers as root user
    • owner is the first non-root user (POSIX 1000)
    • full access for owner
    • read+execute for others
  • Added default persistent storage configuration for Mongo component

Documentation

  • Added documentation for persistent storage configuration in README
  • Updated Mongo component's persistentStorageConfig parameter documentation

API Changes

Mongo Service

The Mongo service now comes with a default persistent storage configuration. Alternatively, user can provide volumes and mount points with the same config data structure:

persistentStorageConfig: {
  volumes: [{ name: 'mongo' }],
  mountPoints: [{
    sourceVolume: 'mongo',
    containerPath: '/data/db'
  }]
}

@MiroDojkic
Copy link
Member Author

MiroDojkic commented Jan 17, 2025

@droguljic I've yet to add examples and some default options, but I wanted to first verify with you if this approach makes sense.

I can see us using multiple volumes and mount points. I assume we'd usually use the same EFS instance in most use cases.
If we ever see a need to use more than one, it should be relatively easy to expose through composition.
To keep the experience relatively seamless, we could expose some predefined configurations that can be passed down.

@MiroDojkic MiroDojkic requested a review from droguljic January 17, 2025 01:20
@droguljic
Copy link
Contributor

droguljic commented Jan 17, 2025

@droguljic I've yet to add examples and some default options, but I wanted to first verify with you if this approach makes sense.

I can see us using multiple volumes and mount points. I assume we'd usually use the same EFS instance in most use cases. If we ever see a need to use more than one, it should be relatively easy to expose through composition. To keep the experience relatively seamless, we could expose some predefined configurations that can be passed down.

Makes sense, looks good to me.

@MiroDojkic MiroDojkic force-pushed the feature/multiple-efs-volumes-and-mount-points branch 2 times, most recently from 711294d to e82f3fc Compare January 19, 2025 22:44
@MiroDojkic MiroDojkic force-pushed the feature/multiple-efs-volumes-and-mount-points branch from e82f3fc to b2702bc Compare January 19, 2025 23:00
@MiroDojkic MiroDojkic marked this pull request as ready for review January 19, 2025 23:16
@droguljic
Copy link
Contributor

droguljic commented Jan 20, 2025
edited
Loading

@MiroDojkic

"Configures a single EFS access point with limited access only to /data (full access for owner, read+execute for others) (@droguljic anything else worth mentioning?)"

I would add that owner is first created non-root user, and this was included to support best practice to not run containers as root.

mbareta
mbareta reviewed Jan 20, 2025
View reviewed changes
src/components/ecs-service.ts Outdated
{
fileSystemId,
posixUser: {
uid: 1000,
Copy link
Collaborator

@mbareta mbareta Jan 20, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we name these magic numbers? For example const ROOT_USER_ID = 1000;.

mbareta
mbareta reviewed Jan 20, 2025
View reviewed changes
src/components/ecs-service.ts Outdated
creationInfo: {
ownerUid: 1000,
ownerGid: 1000,
permissions: '0755',
Copy link
Collaborator

@mbareta mbareta Jan 20, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we put this in a variable so it has a name? For example READ_PERMISSIONS.

mbareta
mbareta reviewed Jan 20, 2025
View reviewed changes
src/components/ecs-service.ts
mountPoint => ({
containerPath: mountPoint.containerPath,
sourceVolume: mountPoint.sourceVolume,
readOnly: mountPoint.readOnly ?? false,
Copy link
Collaborator

@mbareta mbareta Jan 20, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

TIL about ?? operator 😄

@MiroDojkic MiroDojkic merged commit c9834b9 into master Jan 20, 2025
@MiroDojkic MiroDojkic deleted the feature/multiple-efs-volumes-and-mount-points branch January 20, 2025 22:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mbareta mbareta mbareta approved these changes

@droguljic droguljic Awaiting requested review from droguljic

+1 more reviewer

@ptrutanicex ptrutanicex ptrutanicex approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@MiroDojkic @droguljic @mbareta @ptrutanicex