diff options
| author | Paul Buetow <paul@buetow.org> | 2026-06-20 23:52:01 +0300 |
|---|---|---|
| committer | Paul Buetow <paul@buetow.org> | 2026-06-20 23:52:01 +0300 |
| commit | 6e8ec18949dc41e611a38d8204211b2deb9a944b (patch) | |
| tree | 90519f48ee53b3c677234727feb31d56bbd875f8 /openbsd/frontends/scripts | |
| parent | c9f06a21fb1daa74c9db341636a2c4b118bda1d8 (diff) | |
All hostPath PVs are backed by NFS (127.0.0.1:/k3svolumes via stunnel).
Existing NFS sentinel init containers only protect against pod startup when
NFS is unmounted. If NFS goes stale mid-flight (e.g. after an NFS server
restart during FreeBSD upgrades), running pods hold stale file descriptors
and serve errors indefinitely without being restarted.
Fix: add livenessProbe to every NFS-backed container:
- Non-postgres services: test -f /mount-path/.nfs-sentinel (ESTALE fails this)
- Postgres (immich, miniflux): pg_isready AND test -f on pg_filenode.map so
the probe exercises both the TCP listener and the NFS data directory
- webdav: also adds missing nfs-check-data init container (was the only
service without sentinel protection at startup)
- git-server (two containers): test -d /repos (sentinel is in PVC root,
not the repos subPath, so directory existence check is used instead)
All probes: initialDelaySeconds 30 (60 for jellyfin/postgres), periodSeconds
30, failureThreshold 3 — triggers restart after ~90 s of NFS unavailability.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Diffstat (limited to 'openbsd/frontends/scripts')
0 files changed, 0 insertions, 0 deletions