I am getting this error message from nginx when I deploy my application pod. My application an angular6 app is hosted inside an nginx server, which is deployed as a docker container inside EKS.
I have my application configured as a “read-only container filesystem”, but I am using “ephemeral mounted” volume of type “emptyDir” in combination with a read-only filesystem.
So I am not sure the reason of this following error:
```
...
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Turn off the bloody buffering to temp files
proxy_buffering off;
sendfile off;
keepalive_timeout 120;
server_names_hash_bucket_size 128;
# These two should be the same or nginx will start writing
# large request bodies to temp files
client_body_buffer_size 10m;
client_max_body_size 10m;
...
```
But please note that you probably don’t need it, you can have a service expose port 80 and route it to your pod on port 8080. That is simpler and maybe more secure
There are few things to keep in mind if you are running Read Only filesystem.
Ports need to be higher than <1024. E.g. Port 80 will not work, but 8080 will.
For Nginx, another thing to keep in mind is that you need to alter your nginx.conf. Because the image for Nginx writes the PID to /var/run/ (I think this is correct), as well as the logs you are going to get some errors initially. So, you should probably redirect these to a /tmp folder.
Here is my nginx.conf file:
And this is my Dockerfile (I wanted to make sure that the directory /etc/nginx/certs was there at all times rather than during mounting)
FROM nginx:1.16.1
# Create the certificate directory
RUN mkdir -p /etc/nginx/certs
# Replace default nginx.conf
COPY conf/nginx.conf /etc/nginx/nginx.conf
So basically you need to mount 3 directories (at least for me):
You need to mount the /tmp directory so you can get anything that the system needs to write to
I mounted a directory just for the certs in /etc/nginx/certs, because I’m using Nginx for TLS reverse proxy too.
I mounted a directory for my conf files – or perhaps you can just mount the file that you have and replace the default.conf that comes nginx in /etc/nginx/conf.d/