aws-rfdk
aws-rfdk copied to clipboard
(deadline) Repository construct fails to install with MountableFsxLustre
The Repository
construct fails to install Deadline Repository when the IMountableLinuxFilesystem
provided to it is a MountableFsxLustre
because the MountableFsxLustre
class uses POSIX permissions, which causes the Repository
construct to run the Deadline Repository installer as the Deadline repository user, which will fail because the FSx Lustre file system mount point is still owned and only writable to by root
.
Reproduction Steps
Use the Repository
construct with the MountableFsxLustre
class.
Error Log
Deadline Repository installer logs:
Preferred installation mode : unattended
--
Trying to init installer in mode unattended
Mode unattended successfully initialized
This can take a few minutes
Preparing to Install
Preparing to Install
Error creating directory /mnt/efs/fs1/DeadlineRepository
There has been an error.
Unable to create directory
Environment
- CDK CLI Version : 2.51.1 (build 3d30cdb)
- CDK Framework Version: 2.33.0
- RFDK Version: 1.0.0
- Deadline Version: 10.1.21.4
- Node.js Version: v16.13.0
- OS : Linux
- Language (Version): Python 3.9.15
Other
One idea is to add a "mount owner user" for IMountableLinuxFilesystem
, where, if a subclass .usesPosixPermissions()
, then they must ensure the path the filesystem is mounted at is also owned/writable by the "mount owner user" as part of their .mountToLinuxInstance()
implementation.
This is :bug: Bug Report
A temporary workaround for this would be to subclass MountableFsxLustre
and add the "mount owner user" idea as a prop to it. Example in Python:
from aws_cdk.aws_fsx import LustreFileSystem
from aws_rfdk import (
IMountingInstance,
MountableFsxLustre as OriginalMountableFsxLustre,
MountPermissions,
)
from constructs import Construct
from typing import Optional, Sequence
class MountableFsxLustre(OriginalMountableFsxLustre):
def __init__(
self,
scope: Construct,
*,
filesystem: LustreFileSystem,
extra_mount_options: Optional[Sequence[str]] = None,
mount_owner_user: Optional[str] = None,
**kwargs,
):
super().__init__(
scope,
filesystem=filesystem,
extra_mount_options=extra_mount_options,
**kwargs
)
self.mount_owner_user = mount_owner_user
def mount_to_linux_instance(
self,
target: IMountingInstance,
*,
location: str,
permissions: Optional[MountPermissions] = None,
):
super().mount_to_linux_instance(target, location=location, permissions=permissions)
if self.mount_owner_user:
target.user_data.add_commands(f"sudo chown {self.mount_owner_user} {location}")
Then, when creating the Repository
construct, pass in the Deadline Repository user (which is hardcoded in the Repository
construct...) to this subclass:
repository = Repository(
# other props...
file_system=MountableFsxLustre(
# other props...
mount_owner_user='1000:1000', # The hardcoded repository UID & GID
),
)