Hello! Have OOD working in a container with all the expected functionality, auth, etc.
Do you have any recommendations on config directories being baked into container vs bind mounts? Figure bind mounts might allow for scaling out to multiple hosts, and allow linking to shared area for configs and easy updates, while baking in might be harder to make changes but more deterministic. If we did bind mounts, how big of a scope (all of /etc/ood and /var/www/ood)?
Any thoughts or recommendations would be a big help. Thanks!
We don’t run OOD containers in production here, but I can tell you these for sure
/etc/ood/config probably should be mounted. These are your configs and can change outside of the container and that’s fine. Just be sure your entrypoint either restarts httpd or runs update_ood_portal.
/var/www/ood is a bit trickier. I’d say you probably do want to mount in other apps. Let’s say jupyter you’d want to mount to /var/www/ood/apps/sys/jupyter.
There’s maybe 3-5 directories here you could/should inspect /var/www/ood/apps/sys. I know for sure /var/www/ood/apps/sys/{dashboard,myjobs,bc_desktop} all hold code related files that you don’t want to mount over/remove.
Others are there just to disable their feature. For example /var/www/ood/apps/sys/file-editor only has 1 single file - the manifest. Maybe you could remount to 700 permissions (root:root, so it’s unreadable by the user) to disable the file editor.