openova/openova
1
0
Fork 0
Code Issues Pull Requests Actions 14 Packages Projects Releases Wiki Activity
2bee931851
openova/clusters/omantel.omani.works
History
e3mrah f58acd4962
fix(chart): bp-guacamole webapp /home/guacamole/.guacamole emptyDir mount (Fix #39 follow-up) (#1242) 
* fix(omantel): bp-guacamole storageClass=local-path + webapp replicas=1 (Fix #39 follow-up)

Live omantel reconciliation surfaced two single-cluster realities:

1. seaweedfs-storage StorageClass is not present on the omantel chroot
   (only local-path is). The chart default `seaweedfs-storage` is the
   correct multi-region target-state shape, but omantel's overlay
   needs to override to local-path until SeaweedFS-CSI is deployed.

2. Memory-constrained omantel worker nodes (3 of 4 reported
   "Insufficient memory" for a 512Mi-request webapp pod) cannot
   schedule 2 replicas alongside the rest of the catalyst-system
   stack. Single-replica is acceptable for omantel single-tenant
   chroot; multi-region Sovereigns get chart default (2).

Both are per-Sovereign overlay overrides, NOT chart-default changes
(chart defaults stay at the canonical multi-region target-state
shape per `feedback_no_mvp_no_workarounds.md` rule #1).

After this lands, omantel reconciles → guacamole-recordings PVC
binds → guacamole-server pod schedules → 1/1 Available → TC-228 /
TC-230 / TC-245 / TC-246 flip PASS on iter-8.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* fix(chart): bp-guacamole webapp /home/guacamole/.guacamole emptyDir mount (Fix #39 follow-up)

Live omantel reconciliation surfaced that bp-guacamole webapp pods
crash-loop with `mkdir: cannot create directory
'/home/guacamole/.guacamole': Read-only file system` because the
chart sets readOnlyRootFilesystem=true but doesn't mount a writable
emptyDir at the home directory the webapp writes to on first start
(logback marker, optional auth state).

Add an emptyDir volume + volumeMount at /home/guacamole/.guacamole
so the webapp can write its per-user runtime state without escaping
the readOnlyRootFilesystem boundary.

Chart: bp-guacamole 0.1.4 → 0.1.5 (CI auto-bump → 0.1.6)
Slot pins: 0.1.4 → 0.1.6 (post-CI auto-bump)

Affects every Sovereign — chart-default fix, not omantel-only
overlay (per `feedback_no_mvp_no_workarounds.md` rule #1: target-state
chart shape).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-10 02:13:11 +04:00
..
bootstrap-kit fix(chart): bp-guacamole webapp /home/guacamole/.guacamole emptyDir mount (Fix #39 follow-up) (#1242) 2026-05-10 02:13:11 +04:00
flux-system feat(day2-iac): Crossplane Compositions + per-Sovereign Flux cluster tree + catalyst-dns binary 2026-04-28 14:09:29 +02:00
infrastructure feat(day2-iac): Crossplane Compositions + per-Sovereign Flux cluster tree + catalyst-dns binary 2026-04-28 14:09:29 +02:00
kustomization.yaml feat(day2-iac): Crossplane Compositions + per-Sovereign Flux cluster tree + catalyst-dns binary 2026-04-28 14:09:29 +02:00