-
Notifications
You must be signed in to change notification settings - Fork 385
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
S6-Overlay Supervisor #167
Comments
Why do we want this ? |
The question is why do we want this? I've never heard of it before and we need to fully understand what it is and what benefits it brings. What is wrong with the current image that requires adopting something like this? I am instantly wary of adding additional complexity and external dependencies without a full understanding of why. |
S6-Overlay can be compared to Linux systemd, however Alpine doesn't supply systemd in their images. With S6-Overlay installed (+/- 2 MB) in the Node-RED images it's easy to check environment variables like NODE_RED_ENABLE_SAFE_MODE, NODE_RED_ENABLE_PROJECTS and possibly up coming NODE_DEBUG, and others that might come, before they are applied to Node-RED. S6 uses a simple folder structure and stages to add scripts to control the container and the application(s) it is hosting. All these files will be kept in /root in the GitHub repo. Docker projects like hassio-addons and docker-homebridge use S6. More details can be found here, hope this gives you guys an idea of the advanced to add S6 :) |
Hello there. I'd like to add my vote for this, or something similar. I've been maintaining my own Node-RED docker images because I need two things:
I am currently using a rather gauche approach of chowning a bunch of things as the container is deployed (which slows down startup time), but am not really happy with it and would like a cleaner (preferably upstream) solution. Allow me also to add that S6-overlay is the "golden standard" for packaging configurable services, IMHO. All the linuxserver container images use it, and it makes for very flexible service configurations all-around (I can configure everything I need for their containers under docker-compose without fiddling with external files, for instance). |
I am also a little bit reluctant to base node-red docker images to S6-overlay. I understand it provides several good features that might be of interest for several people but is it mature enough to integrate it in node-red docker build, is it actively supported / maintained (now and also in the near future). Also on the feature side - I am just wondering which of all those features you have mentioned that I would really use. I am not a big fan of the deployment of a docker container that is changing the UID/GID of all files on a shared volume mounted to the docker container. If there are issues with that then I think it is better that the node-red user created by the container has the proper UID/GID OR belongs to the proper group so he can read/write/delete the relevant files on the shared volume. |
Two simple comebacks, since I think you’re misunderstanding both the issues you are discussing:
Palette operations in older versions (or without projects enabled) would fail due to permissions issues in S6-overlay does not do that-it merely provides a uniform way to set UID/GIDs to run your processes inside the container, which is exactly you agree to be useful, as well as proper supervising and hooks to set up the container environment in various ways. |
@rcarmo thanks for your feedback. I also think your problem is a valid problem so would it not be better to report your problem as a separate github issue to this repository (or maybe it is already covered in #146 ). In the newly created issue (or #146 ) you can always refer to this issue as a potential solution for your problem. |
Please just don't. It's one of the reasons k8s-at-home (the equivalent of linuxserver.io when it comes to Helm Charts) even started building their own images. Combined with the fact that there are already great solutions (such as k8s) that already supply all the features of s6_overlay without addon layers inside of the container (hence: more securely), I think it's not a great pick for an official image. |
Don't mess with or add unnecessary complexity to basic image. Custom image with whatever service manager and extra stuff could be easily built straight from official Node-RED image. So have like Quote from s6-overlay:
From this it seems like s6-overlay also supports, or at least aims to support, adding it on top of any existing image. |
Add S6-Overlay process supervisor to the NR Docker images. This allows Node-RED to run as a daemon and adds more control of environment vars, permissions, uid / gid etc etc.
The text was updated successfully, but these errors were encountered: