<chris.price> Are you saying build a new image with those variables set? I had everything working correctly when it was just in docker, but in Kubernetes I don't know how to specify those variables.
<longwuyuan> K8s vars are for the app/runtime/executable (launched by the image) to consume is'nt it. That above link is for the app/runtime/executable to start off as a specific user in the first place i would think. One way to do what you want I think. Likely there are other ways
<chris.price> I'm running my media server in rancher (Plex, NZBGet, Sonarr, Radarr) and having permissions issues since the files are getting passed back and forth for processing. This is how I ran the container is straight Docker, but trying to find the equivalent in Rancher/k8s so that they can all play nice.
<longwuyuan> then just run your executable basd on that uid/gid
<longwuyuan> oh all K8s so check the PV and the PVC provided permissions for that volume and the ownership
<longwuyuan> what class ... AWS or something else ?
<chris.price> I'm just plugging in the docker image path and setting my volumes, but not sure in the workload setup where I can pass parameters to the build. It's all running locally and the volumes are just bind-mounted to the workload in rancher
<longwuyuan> that is shared content to a media-server so can't be coming off of a local-disk i would think..... i would do the appropriate class as needed in production .. and then see what the PVC gives me as ownership & permissions
<chris.price> yeah, it's a tricky setup. Multiple pods have to be able to access the same path since the file is sent to the downloader for one pod to access, then renamed and moved by another pod, then accessed by plex to import into the library...
<longwuyuan> yup. so configuring the storage-class as needed in production would tell you what permissions and ownership you will end up with
<chris.price> Ok I will try to get the SC and PV setup instead of trying to bind-mount the volumes to local disk
<longwuyuan> and verify what pods running on multiple hosts concurrently... have to deal with ... in terms of permission+ownership
<chris.price> It's just one host so far for testing, but the plan is to scale it out on multiple hosts in the future
<longwuyuan> yeah ... getting info from a PVC hanging off of a single host will help scale
<chris.price> yeah the volume part of k8s is pretty daunting, but I just need to do some more research
<chris.price> k8s is definitely the future though...i'm pushing for it at work now too for our DC
<longwuyuan> true. Rancher makes it a little easier thought but still requires K8s depth
<chris.price> yeah, i'm debating on whether or not I should just use straight k8s and bypass rancher. You get a nice gui and some things are easier to see, but it might be easier just to cli it all so I know what's underneath
<longwuyuan> same here and man y other folks. the flex doe'nt help and comes down to earning our keep
<chris.price> definitely. I use my home media server as a playground to learn the concepts, but I want a good grasp on it before we start using it at work in production
<kevin.mullin> @mail325 i'm having an issue with acme-domain as well. it appears to be with subdomains. if i point my tld to rancher it sets up the ssl just fine.