Storing data in Spin
Docker is great for running a service and Rancher is great for making sure your service is always available. However, since Docker containers are ephemeral, if your application needs to store data that's available after a restart, you will need to create a volume mount.
In rancher, you can create a volume mount when deploying a new service, (or editing an existing one) under the
Volumes panel. Click
Add Volume and you will see choices for the various types of volumes Rancher offers.
Below we'll discuss the various types of storage available to you in Spin. Each type of storage has pro-s and cons that you should consider before using it.
Rancher-nfs: fast storage¶
persistent claim is access to
rancher nfs which is a network storage device. Storage here is fast and available across nodes and restarts. It's a great choice for general application state storage, for example, for a database.
Give the claim a name, under
Storage Class select
nfs-client, and give it a capacity of 1Gb. On the next screen you can enter a mount point which is where storage will be accessible inside your container. The mount point should be an absolute path (eg.:
External volume: slower but visible outside of Spin¶
If you want to access your files on the Community Filesystem or Global Home, you will want to choose
Bind mount a directory from the node. Storing data here is slower, but has the benefit of also being visible when you are using other NERSC compute resources.
Using these external volumes has additional requirements that you must configure: in the
Command panel, you must enter your user id and group id. Entering these will cause rancher to run your docker image as this user (instead of root.) Additionally, make sure that the directory in GPFS has the
o+x permissions from the root path to the mount point.
The following external volumes are available in Spin:
|Path on Spin node||Access type|
When creating an external volume mount, the
path on node value must start with one of the paths in the above table. Set
The path on the node must be drop-down to
an existing directory. The mount point in the container can be any absolute path.
Another option in the
Add Volume drop-down is to use a secret. A secret is a piece of information you want your running container to have, but don't want others looking at your Spin configuration to see. For example, you could specify the database password as an environment variable, but then anyone seeing the configuration would see it.
A better way is to create a secret. This can be done in the rancher UI before you deploy your application. Click the
resources menu, select
Secrets and on the
Secrets tab, click
add secrets. Give the secret a name and enter the information you want to keep secret (typically a name and value pair). Then when deploying your application, you can create a volume mount of type
use secret and specify where on the filesystem in your container the secret file should be stored.