Request for SMB Mount Support in Azure Container Apps for Volume Persistence

[kdcllc]

Our team is currently engaged in prototyping solutions for multiple clients using Azure Container Apps, specifically utilizing its feature that supports SMB file sharing for volume persistence. However, we are finding that to enable database persistence in our samples, we require support for SMB mount. We kindly request the implementation of this feature to enhance the functionality and compatibility of our work.

Doc: Storage Considerations

Scenario

LibreChat utilizes MongoDb for the storage. The following Bicep can be used to stand up instance of the database inside of Azure Container Apps

targetScope = 'resourceGroup'
param location string = resourceGroup().location

resource storageAccount 'Microsoft.Storage/storageAccounts@2022-09-01' = {
  name: uniqueString(resourceGroup().name)
  location: location
  sku: {
    name: 'Premium_LRS'
  }
  kind: 'FileStorage'
  properties: {
    minimumTlsVersion: 'TLS1_2'
    supportsHttpsTrafficOnly: true
    allowBlobPublicAccess: false
    allowSharedKeyAccess: true
    publicNetworkAccess: 'Enabled'
    networkAcls: {
      defaultAction: 'Allow'
      bypass: 'AzureServices'
    }
  }

  resource fileService 'fileServices@2022-09-01' = {
    name: 'default'
    resource fileShare 'shares@2022-09-01' = {
      name: 'mongodb-share'
      properties: {
        enabledProtocols: 'SMB'
        accessTier: 'Premium'
      }
    }
  }
}

resource appEnvironment 'Microsoft.App/managedEnvironments@2023-04-01-preview' = {
  name: 'app-environment'
  location: location
  properties: {
    appLogsConfiguration: {
      destination: 'azure-monitor'
    }
  }

  resource azureFilesStorage 'storages@2022-11-01-preview' = {
    name: 'azurefilesstorage'
    properties: {
      azureFile: {
        accountName: storageAccount.name
        shareName: storageAccount::fileService::fileShare.name
        accessMode: 'ReadWrite'
        accountKey: storageAccount.listKeys().keys[0].value
      }
    }
  }
}

resource mongodb 'Microsoft.App/containerApps@2023-04-01-preview' = {
  name: 'mongodb'
  location: location
  properties: {
    environmentId: appEnvironment.id
    configuration: {
      ingress: {
        external: false
        transport: 'tcp'
        targetPort: 27017
      }
    }
    template: {
      containers: [
        {
          name: 'mongodb'
          image: 'bitnami/mongodb:latest'
          env: [
            {
              name: 'MONGODB_ROOT_USER'
              value: 'root'
            }
            {
              name: 'MONGODB_ROOT_PASSWORD'
              value: 'password'
            }
          ]
          volumeMounts: [
            {
              mountPath: '/bitnami/mongodb'
              volumeName: 'mongo-volume'
            }
          ]
          resources: {
            cpu: json('1.0')
            memory: '2.0Gi'
          }
        }
      ]
      scale: {
        minReplicas: 1
        maxReplicas: 1
      }
      volumes: [
        {
          mountOptions: 'dir_mode=0777,file_mode=0777,uid=1001,gid=1001,mfsymlinks,nobrl'
          name: 'mongo-volume'
          storageName: appEnv::azureFilesStorage.name
          storageType: 'AzureFile'
        }
      ]
    }
  }
}

resource mongodbExpress 'Microsoft.App/containerApps@2023-04-01-preview' = {
  name: 'mongodb-express'
  location: location
  properties: {
    environmentId: appEnvironment.id
    configuration: {
      ingress: {
        external: true
        transport: 'http'
        targetPort: 8081
      }
    }
    template: {
      containers: [
        {
          name: 'mongodb'
          image: 'mongo-express:latest'
          env: [
            {
              name: 'ME_CONFIG_MONGODB_URL'
              value: 'mongodb://root:password@mongodb:27017'
            }
            {
              name: 'ME_CONFIG_MONGODB_ADMINUSERNAME'
              value: 'root'
            }
            {
              name: 'ME_CONFIG_MONGODB_ADMINPASSWORD'
              value: 'password'
            }
          ]
          resources: {
            cpu: json('1.0')
            memory: '2.0Gi'
          }
        }
      ]
      scale: {
        minReplicas: 1
        maxReplicas: 1
      }
    }
  }
}

[ayende]

RavenDB does support running on CIFS (I assume that is what you mean with SMB).
That said, it is not an ideal scenario, and I don't think that I follow what you are doing here.

You want to run in (temporary) containers, but also use them for persistence. That leads to potential issues with multiple instances running on the same files (which leads to complicated and unsafe locking).

In general, it is atypical to run persistence in this manner for containers. The usual manner is to host the database externally, with databases per client. That would also ensure high availability for your usage.

[kdcllc]

RavenDB does support running on CIFS (I assume that is what you mean with SMB). That said, it is not an ideal scenario, and I don't think that I follow what you are doing here.

You want to run in (temporary) containers, but also use them for persistence. That leads to potential issues with multiple instances running on the same files (which leads to complicated and unsafe locking).

In general, it is atypical to run persistence in this manner for containers. The usual manner is to host the database externally, with databases per client. That would also ensure high availability for your usage.

The intention behind this request is to establish a sample application (RavenDb backend) that can be deployed using either Bicep or Terraform scripts, both of which would be included in the sample code. Please note that this is not intended to be a production-grade application, hence, performance should not be a significant concern. For demonstration purposes, it will only incorporate a single container instance with persistence.

[ayende]

That being the case, just use RavenDB Embedded, or just setup the service as part of the container.
We have a terraform provide (https://github.com/ravendb/terraform-provider-ravendb), although that mostly focuses on building dedicated servers.

With regards to BICEP, you can do something like (first time I'm doing that, mind):

# Define the resource group and storage account
resourceGroup myResourceGroup
location westus
storageAccount mystorageaccount 'Standard_LRS'

# Define the directory to deploy
resource directory 'Microsoft.Resources/deployments@2020-10-01' = {
  name: 'deployDirectory'
  dependsOn: [
    mystorageaccount
  ]
  properties: {
    mode: 'Incremental'
    template: {
      $schema: 'https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json'
      contentVersion: '1.0.0.0'
      resources: [
        {
          type: 'Microsoft.Storage/storageAccounts/fileServices/shares/directories'
          name: '${mystorageaccount.name}/ravendb-binaries'
          apiVersion: '2021-02-01'
          properties: {
            filePermission: 'inherit'
          }
        }
      ]
    }
  }
}

# Define the install script
resource installScript 'Microsoft.Compute/virtualMachines/extensions@2020-12-01' = {
  name: 'installScript'
  dependsOn: [
    directory
  ]
  properties: {
    publisher: 'Microsoft.Compute'
    type: 'CustomScriptExtension'
    typeHandlerVersion: '1.10'
    settings: {
      script: 'install-daemon.sh'
    }
    protectedSettings: {
      storageAccountName: mystorageaccount.name
      storageAccountKey: listKeys(mystorageaccount.id, '2020-08-01').keys[0].value
    }
  }
}

# Print a success message
print('Bicep script successfully deployed the directory and executed the install script.')