fix(8.8): back Web Modeler restapi /tmp with a per-pod ephemeral volume#6408
Merged
Conversation
github-actions
Bot
added
version/8.8
eamonnmoloney
force-pushed
the
feat/4767-persistence-scenario-8.8
branch
from
ba90bf0 to
6200f08
Compare
3 tasks
eamonnmoloney
requested review from
bkenez and
Copilot
and removed request for
a team
Contributor
There was a problem hiding this comment.
Pull request overview
Backports the Web Modeler restapi /tmp persistence change to chart 8.8, switching from a chart-managed shared RWO PVC to a per-pod generic ephemeral volume to avoid shared-volume attach contention during rollouts, and updates associated tests/docs.
Changes:
- Render
webModeler.persistence.enabled=trueasephemeral.volumeClaimTemplate(per-pod PVC) indeployment-restapi.yamland remove the standalone PVC manifest. - Update unit tests to assert the ephemeral volume source and drop the now-dead PVC-manifest test.
- Refresh docs/schema text around
webModeler.persistence.deploymentStrategyto reflect the new default persistence behavior.
Reviewed changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| charts/camunda-platform-8.8/values.yaml | Updates parameter docs for webModeler.persistence.deploymentStrategy. |
| charts/camunda-platform-8.8/values.schema.json | Aligns schema description for webModeler.persistence.deploymentStrategy. |
| charts/camunda-platform-8.8/templates/web-modeler/deployment-restapi.yaml | Switches /tmp persistence from shared PVC to per-pod generic ephemeral volume. |
| charts/camunda-platform-8.8/templates/web-modeler/persistentvolumeclaim-restapi.yaml | Removes the shared chart-managed PVC manifest. |
| charts/camunda-platform-8.8/test/unit/web-modeler/persistence_test.go | Updates assertions to validate ephemeral volume behavior; removes shared-PVC manifest test. |
| charts/camunda-platform-8.8/README.md | Regenerates/updates rendered docs to match updated values descriptions. |
Comment on lines
+205
to
+211
| ephemeral: | ||
| volumeClaimTemplate: | ||
| {{- with .Values.webModeler.persistence.annotations }} | ||
| metadata: | ||
| annotations: {{- toYaml . | nindent 18 }} | ||
| {{- end }} | ||
| spec: |
| ## @param webModeler.persistence.selector can be used to define a label selector for the persistent volume claim | ||
| selector: {} | ||
| ## @param webModeler.persistence.deploymentStrategy update strategy for the restapi Deployment. Defaults to RollingUpdate (zero-downtime), which only works when the PVC supports concurrent attach (RWX storage, or accessModes including ReadWriteMany). For chart-managed PVCs on RWO storage, set to "Recreate" to avoid Multi-Attach deadlocks during helm upgrade (introduces brief downtime per upgrade). | ||
| ## @param webModeler.persistence.deploymentStrategy update strategy for the restapi Deployment. Defaults to RollingUpdate, which is always safe because the default chart-managed persistence path uses a per-pod ephemeral volume (no concurrent-attach contention). Set to "Recreate" only when using existingClaim with a ReadWriteOnce volume that cannot tolerate concurrent attach during a rollout (introduces brief downtime per upgrade). |
bkenez
approved these changes
Jun 25, 2026
The restapi persistence PVC backs only the pod-local /tmp scratch directory. A shared chart-managed ReadWriteOnce PVC for disposable per-pod scratch exposes a Multi-Attach deadlock on helm upgrade (RWO single-attach + RollingUpdate surge). Switch the chart-managed path to a generic ephemeral volume (per-pod PVC) and remove the standalone persistentvolumeclaim-restapi.yaml. emptyDir default and existingClaim paths are unchanged. The component-persistence (cprst) CI scenario already present on this chart now exercises the ephemeral path. Also narrow the deploymentStrategy guard message and the values.yaml @param (and regenerated schema/README) to reflect that Recreate is now only relevant for the existingClaim RWO case, not the default per-pod ephemeral path. 8.8 was not affected by the claimName casing bug (it already used the correct lowercase name), so this is a consistency/hardening backport of the 8.9/8.10 fix rather than a fix for a broken install. Requires Kubernetes 1.23+ / OpenShift 4.10+ (generic ephemeral volumes GA). Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
eamonnmoloney
force-pushed
the
feat/4767-persistence-scenario-8.8
branch
from
3233edc to
bbd5669
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Backs the Web Modeler
restapi/tmpvolume with a per-pod generic ephemeral volume instead of a shared chart-managedReadWriteOncePVC. Consistency/hardening backport of the 8.9 (#6027) and 8.10 (#6406) fix.Why
The restapi persistence volume backs only the container's
/tmpscratch directory — pod-local and disposable (Web Modeler's durable state lives in PostgreSQL, the document store, and Elasticsearch). Backing disposable per-pod scratch with a shared, node-locked RWO PVC exposes aMulti-Attachdeadlock onhelm upgrade(RWO single-attach + aRollingUpdatesurge).Unlike 8.9/8.10, 8.8 was not affected by the
claimNamecasing bug — it already uses the correct lowercasewebmodeler-data, so there was no install-Pendingfailure here. This PR is therefore a hardening/consistency backport, not a fix for a broken install.What changed
deployment-restapi.yaml: chart-managed persistence path now renders anephemeral.volumeClaimTemplate(per-pod PVC created/destroyed with the pod), carrying the samesize/accessModes/storageClassName/selector/annotations.emptyDirdefault andexistingClaimpaths unchanged.persistentvolumeclaim-restapi.yaml.The
component-persistence(cprst) CI scenario already present on this chart now exercises the ephemeral path (no scenario changes needed here).Generic ephemeral volumes are GA since Kubernetes 1.23 / OpenShift 4.10 (alpha 1.19, beta-on-by-default 1.21) — well within Camunda's supported matrix. No new storage requirement: a generic ephemeral volume provisions a normal PVC via the same StorageClass / dynamic-provisioning path the old shared PVC used (it is not a CSI inline volume). Any cluster that could provision the old
<release>-webmodeler-dataPVC can provision the per-pod ephemeral PVC.Notes
/tmpis a hardcodedemptyDirwith no persistence option.deploymentStrategy: Recreatemechanism (fix(8.8,8.9,8.10): allow Recreate strategy for Web Modeler persistence #6014 / ADR 0092) for Web Modeler 8.8. The now-redundantwebModeler.persistence.deploymentStrategyknob + an ADR 0092 amendment are follow-ups, tracked alongside fix(8.9): back Web Modeler restapi /tmp with a per-pod ephemeral volume #6027/fix(8.10): back Web Modeler restapi /tmp with a per-pod ephemeral volume #6406.Test plan
make go.test chartPath=charts/camunda-platform-8.8make helm.lint chartPath=charts/camunda-platform-8.8cprst(install) green on 8.8Review follow-ups (crev)
values.yaml@param, and generated schema/README have been narrowed soRecreateis described only for theexistingClaim-with-RWO case. The ADR amendment + possible knob removal are tracked in chore: amend ADR 0092 and retire webModeler.persistence.deploymentStrategy after ephemeral-volume switch #6409.webModeler.persistence.enabled=truemay have a<release>-webmodeler-dataPVC.helm upgraderemoves the now-unreferenced template PVC; if your provisioner retained one, delete it:kubectl delete pvc <release>-webmodeler-data -n <namespace>. (8.8 was not affected by the casing bug, so the PVC may have provisioned normally here — verify before deleting.)