sftp icon indicating copy to clipboard operation
sftp copied to clipboard
verified publisher icon atmoz

Helm chart for atmoz/sftp

Open sneumann opened this issue 5 years ago • 9 comments

Hi, related to #85, a helm chart allows for an even easier way to deploy atmoz/sftp. I would be able to help kick-starting this, but this requires a few people to get it right. Yours, Steffen

sneumann avatar Mar 11 '21 15:03 sneumann

As promised, a bare minimalistic chart that deployed successfully once on GKE is started in https://github.com/NFDI4Chem/helm-charts/tree/main/atmoz-sftp Happy to have it moved elsewhere, happy to take PR to improve it. Yours, Steffen

sneumann avatar Mar 13 '21 16:03 sneumann

@atmoz @sneumann - is there a further interest in helm chart? Seeing lots of folks landing up with issues related to k8s deployments and half-baked solutions on Medium and various blogs or gists on getting atmoz-sftp on k8s.

I'd like to contribute. I'm also on GKE currently. Shall we re-kick this with a PR?

marcinkubica avatar Sep 21 '23 20:09 marcinkubica

Hi, no current activities from our side. Feel free to grab my starting point, if you need a license change (I seem to have picked apache) get in touch, seems I was the only contributor. Yours, Steffen

sneumann avatar Sep 22 '23 07:09 sneumann

Heya.

Well, I need to know if I'll be supported on PRs and merging. :) We can't "just" make a helm chart. :) I'm happy to do even all of the work but there are piling issues and PRs already which haven't been looked at for years ;)

From what I've deployed on my cluster I already see needed changes on how the container will need to be built to make it k8s friendly and a separate one allowing it to run as non-root (current entrypoint script is going to fail on start due to perms).

So this will already get us to building 2 versions just for k8s times 2 (alpine+debian). Maybe we can get away for root based ok, but non-root needs a separate entrypoint script.

If the project is stale (and that would be a shame) I better go off and make my own fork - but I see no benefit to the community doing it this way

Best Marcin

marcinkubica avatar Sep 22 '23 18:09 marcinkubica

I am looking for a Helm chart to use for Atmoz/SFTP using Rancher Desktop and then K8's on Azure for Prod.

kbdavis07 avatar Sep 22 '23 19:09 kbdavis07

@kbdavis07 meanwhile this one might sort you out https://artifacthub.io/packages/helm/sj14/sftp-server

marcinkubica avatar Sep 25 '23 10:09 marcinkubica

@marcinkubica When deployed to K8's are you saving users in a database instead in a flat file?

How do you scale multiple containers if using just a flat file?

I am trying to get pam-pgsql
https://github.com/pam-pgsql/pam-pgsql

To work but no luck on that and seems like there are not any helpful documentations out there.

I was hoping to have Multiple nodes of SFTP Server in K8 all pointing to some centralized data store, hoping Azure File Share and for users a Database.

Is there any issues with just going with a flat file approach? Would it lock the file in Azure File Share?

kbdavis07 avatar Oct 05 '23 14:10 kbdavis07

@kbdavis07 i'm using configmap which scales across replicas (I only use ssh pub keys, no passwords) can't help you much on Azure, I'm on GCP

marcinkubica avatar Oct 17 '23 10:10 marcinkubica

@marcinkubica What are you using in your configmap ?

How are you running it as a "non-root" user?

kbdavis07 avatar Oct 19 '23 19:10 kbdavis07