From bcc2f56e8bb0b8b33c70d4ae9b67e5c7fd3d8074 Mon Sep 17 00:00:00 2001
From: Lennart Kramer <lennart.kramer@stud.uni-goettingen.de>
Date: Fri, 20 Jan 2023 17:06:27 +0100
Subject: [PATCH] don't try to delete tmpfs at startup

since DAC_OVERRIDE is no longer an effective capability, removing
all files from /tmp at startup will no longer work even as root,
since we do not have permissions to delete from other users. this
was always a workarond for kubernetes having problems on OOM related
to overfull emptyDirs.
conveniently, since kubernetes 1.22 setting sizeLimits on memory-
backed emptyDirs is now possible so we can just switch to that since
1.22 should be reasonably widely used by now.
---
 Dockerfile                           | 5 ++---
 helmmaxima/templates/deployment.yaml | 1 +
 helmmaxima/values.yaml               | 3 +++
 3 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 79dcb52..74df5b8 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -58,6 +58,5 @@ EXPOSE 8080
 
 HEALTHCHECK --interval=1m --timeout=3s CMD curl -f 'http://localhost:8080/goemaxima?health=1'
 
-# clear tmp because when kubernetes restarts a pod, it keeps the /tmp content even if it's tmpfs,
-# which means that on a restart caused by an overfull tmpfs, it will keep restarting in a loop
-CMD cd /tmp && rm --one-file-system -rf * && exec tini ${BIN}/goweb ${BIN}/maxima-optimised || echo oh no no >&2
+ENTRYPOINT ["tini", "--"]
+CMD exec "${BIN}/goweb" "${BIN}/maxima-optimised"
diff --git a/helmmaxima/templates/deployment.yaml b/helmmaxima/templates/deployment.yaml
index e44f869..8e16ec0 100644
--- a/helmmaxima/templates/deployment.yaml
+++ b/helmmaxima/templates/deployment.yaml
@@ -86,6 +86,7 @@ spec:
         - name: tmptmpfs
           emptyDir:
             medium: "Memory"
+            sizeLimit: "{{ .Values.tmpfsSizeLimit }}"
         {{ if .Values.enableGitRollout }}
         - name: git
           emptyDir:
diff --git a/helmmaxima/values.yaml b/helmmaxima/values.yaml
index b56de38..9e011d5 100644
--- a/helmmaxima/values.yaml
+++ b/helmmaxima/values.yaml
@@ -62,6 +62,9 @@ resources:
     cpu: 1000m
     memory: 256Mi
 
+# maximum size of /tmp
+tmpfsSizeLimit: 128Mi
+
 nodeSelector: {}
 
 tolerations: []
-- 
GitLab