AI-Cognitive-Leap/agnes-the-ai-analyst
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
agnes-the-ai-analyst/docker-compose.host-mount.yml
Vojtech Rysanek 655822b953 host-mount: replace named-volume driver_opts with direct service binds 
The previous version of docker-compose.host-mount.yml modified the
'data' named volume's driver_opts to point at /data with 'o:
bind,rbind'. Docker named volumes have an immutability footgun:
once a volume is created, its driver options are fixed for the life
of the volume. Editing this file and re-running 'docker compose up
-d' does NOT propagate the new options to existing volumes — they
keep whatever options were in effect at create time.

This bit a deployer (Groupon FoundryAI) on 2026-05-05: the volume
was created before this overlay had bind,rbind, kept the old bind
(non-recursive) propagation, and containers wrote to a shadowed
subdirectory of the parent disk instead of the nested child mount.
DuckDB went FATAL on a root-owned WAL during a routine container
recreate; sign-in broke. Recovery required docker volume rm +
manual data migration on every affected VM.

Direct service-level bind mounts ('/host/path:/container/path')
don't go through Docker's volume layer at all. They re-evaluate
mount options every container start, and modern Docker Engine
(20.10+) defaults to recursive bind for these. No options to
forget, no immutable state to migrate, no shadow-mount class.

Validated via 'docker compose config' merge — overlay correctly
replaces 'data:/data' with bind type:none on app, extract,
scheduler, telegram-bot, ws-gateway.

Compose-spec version note: !override merge tag is part of the
Compose Specification supported by Docker Compose v2.20+. Tested
against Compose v5.1.3 used by Groupon's deployment.
2026-05-05 19:27:14 +02:00

77 lines
2.8 KiB
YAML
Raw Blame History

# Bind-mount overlay — replaces the `data` named volume with a direct
# host bind mount per service.
#
# Why direct service-level bind, not driver_opts on the named volume
# ------------------------------------------------------------------
# The previous version of this file modified the `data` named volume's
# `driver_opts` to point at /data with `o: bind,rbind`. Docker named
# volumes have an immutability footgun: once a volume is created, its
# driver options are fixed for the life of the volume. Editing this
# file and re-running `docker compose up -d` does NOT propagate the
# new options to existing volumes — they keep whatever options were
# in effect at create time.
#
# This bit a deployer (Groupon FoundryAI) on 2026-05-05: the volume
# was created before this overlay had `bind,rbind`, kept the old
# `bind` (non-recursive) propagation, and containers wrote to a
# shadowed subdirectory of the parent disk instead of the nested
# child mount. DuckDB went FATAL on a root-owned WAL during a
# routine container recreate; sign-in broke.
#
# Direct service-level bind mounts (`/host/path:/container/path`)
# don't go through Docker's volume layer at all. They re-evaluate
# the mount options every container start, and modern Docker Engine
# (20.10+) defaults to recursive bind for these. No options to
# forget, no immutable state to migrate, no shadow-mount class.
#
# What this overlay does
# ----------------------
# `volumes: !override` on each service replaces the base
# `data:/data` named-volume mount with a direct `/data:/data` host
# bind. The named volume `data:` declared at the bottom of
# docker-compose.yml is left intact (still useful for local-dev
# `compose up` without this overlay) but is no longer referenced
# by any service when the overlay is active.
#
# When the operator's host has a nested mount under /data (e.g. a
# separate state disk mounted at /data/state), the recursive bind
# carries that nested mount into every container automatically.
#
# Usage (combined with docker-compose.prod.yml):
# docker compose \
# -f docker-compose.yml \
# -f docker-compose.prod.yml \
# -f docker-compose.host-mount.yml \
# up -d
#
# Do NOT use this overlay in CI — /data does not exist on GitHub
# runners.
#
# Compose-spec version requirement: !override merge tag is part of
# the Compose Specification supported by Docker Compose v2.20+ and
# the compose-go library used by Compose v5+. If you need to support
# older clients, fork this overlay into per-service files.
services:
app:
volumes: !override
- /data:/data
- ./config:/app/config:ro
extract:
volumes: !override
- /data:/data
- ./config:/app/config:ro
scheduler:
volumes: !override
- /data:/data
- ./config:/app/config:ro
telegram-bot:
volumes: !override
- /data:/data
ws-gateway:
volumes: !override
- /data:/data
Reference in a new issue View git blame Copy permalink