bluejay/bluejay-infra
1
0
Fork 0
Code Issues Pull Requests 14 Actions Packages Projects Releases Wiki Activity

guacamole: pin guacd + web to rke2-agent2 for NFS recordings mount

Browse Source 
Synology NFS export at /volume1/kubernetes currently grants mount
permission only to 10.0.56.13 (rke2-agent2). rke2-agent1 gets
"access denied by server". guacd + guacamole web both need the
recordings volume, so co-locating is also efficient. Remove the
nodeSelector once the Synology NFS ACL opens to all cluster nodes.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Andrew Stoltz
2026-04-17 15:35:13 -05:00
parent f0733ff89d
commit 90deacd154
1 changed files with 10 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
apps/guacamole/guacamole.yaml
View File

@@ -177,6 +177,13 @@ spec:
app: guacd app: guacd
spec: spec:
serviceAccountName: guacd-exec serviceAccountName: guacd-exec
# Pinned to rke2-agent2: Synology NFS export at /volume1/kubernetes
# currently grants mount permission only to 10.0.56.13. guacd + guacamole
# web share the NFS-backed /var/lib/guacamole/recordings, so co-locating
# is also efficient. Remove this when the Synology NFS ACL opens to all
# cluster nodes.
nodeSelector:
kubernetes.io/hostname: rke2-agent2
containers: containers:
- name: guacd - name: guacd
image: guacamole/guacd:latest image: guacamole/guacd:latest
@@ -256,6 +263,9 @@ spec:
labels: labels:
app: guacamole app: guacamole
spec: spec:
# Pinned to rke2-agent2: same reason as guacd (NFS recordings mount).
nodeSelector:
kubernetes.io/hostname: rke2-agent2
containers: containers:
- name: guacamole - name: guacamole
image: guacamole/guacamole:latest image: guacamole/guacamole:latest