aws-rfdk icon indicating copy to clipboard operation
aws-rfdk copied to clipboard

Published 20 hours ago verified publisher icon aws

(deadline) Repository construct fails to install with MountableFsxLustre

Open jericht opened this issue 1 year ago • 1 comments

The Repository construct fails to install Deadline Repository when the IMountableLinuxFilesystem provided to it is a MountableFsxLustre because the MountableFsxLustre class uses POSIX permissions, which causes the Repository construct to run the Deadline Repository installer as the Deadline repository user, which will fail because the FSx Lustre file system mount point is still owned and only writable to by root.

Reproduction Steps

Use the Repository construct with the MountableFsxLustre class.

Error Log

Deadline Repository installer logs:

Preferred installation mode : unattended
--
Trying to init installer in mode unattended
Mode unattended successfully initialized
This can take a few minutes
Preparing to Install
Preparing to Install
Error creating directory /mnt/efs/fs1/DeadlineRepository
There has been an error.
Unable to create directory

Environment

  • CDK CLI Version : 2.51.1 (build 3d30cdb)
  • CDK Framework Version: 2.33.0
  • RFDK Version: 1.0.0
  • Deadline Version: 10.1.21.4
  • Node.js Version: v16.13.0
  • OS : Linux
  • Language (Version): Python 3.9.15

Other

One idea is to add a "mount owner user" for IMountableLinuxFilesystem, where, if a subclass .usesPosixPermissions(), then they must ensure the path the filesystem is mounted at is also owned/writable by the "mount owner user" as part of their .mountToLinuxInstance() implementation.

This is :bug: Bug Report

jericht avatar Nov 26 '22 04:11 jericht

A temporary workaround for this would be to subclass MountableFsxLustre and add the "mount owner user" idea as a prop to it. Example in Python:

from aws_cdk.aws_fsx import LustreFileSystem
from aws_rfdk import (
    IMountingInstance,
    MountableFsxLustre as OriginalMountableFsxLustre,
    MountPermissions,
)
from constructs import Construct
from typing import Optional, Sequence

class MountableFsxLustre(OriginalMountableFsxLustre):
    def __init__(
        self,
        scope: Construct,
        *,
        filesystem: LustreFileSystem,
        extra_mount_options: Optional[Sequence[str]] = None,
        mount_owner_user: Optional[str] = None,
        **kwargs,
    ):
        super().__init__(
            scope,
            filesystem=filesystem,
            extra_mount_options=extra_mount_options,
            **kwargs
        )
        self.mount_owner_user = mount_owner_user

    def mount_to_linux_instance(
        self,
        target: IMountingInstance,
        *,
        location: str,
        permissions: Optional[MountPermissions] = None,
    ):
        super().mount_to_linux_instance(target, location=location, permissions=permissions)
        if self.mount_owner_user:
            target.user_data.add_commands(f"sudo chown {self.mount_owner_user} {location}")

Then, when creating the Repository construct, pass in the Deadline Repository user (which is hardcoded in the Repository construct...) to this subclass:

repository = Repository(
    # other props...
    file_system=MountableFsxLustre(
        # other props...
        mount_owner_user='1000:1000',  # The hardcoded repository UID & GID
    ),
)

jericht avatar Nov 26 '22 05:11 jericht