Hi,
I found a possible solution/workaround for the problem:
one can use init containers to perform operations before the "real"
container is started...
https://docs.openshift.org/latest/architecture/core_concepts/pods_and_services.html#pods-services-init-containers
...
initContainers:
command: ['sh', '-c', 'chmod 0777 /var/lib/mysql/data']
image: busybox
imagePullPolicy: IfNotPresent
name: init
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /var/lib/mysql/data
...
On 21.11.2017 11:44, Andreas Germeroth wrote:
Hello,
we are new to OpenShift and are "playing" with it in our lab.
We have setup Openshift Origin 3.6 with a dedicated 3 node Glusterfs
storage (CentOS based) with distributed/replicated.
Due to the excellent documentation we have achieved to setup
autoprovisioning according to this guide here:
https://docs.openshift.org/latest/install_config/storage_examples/dedicated_gluster_dynamic_example.html
It works and the storage is automatically provisioned and can be used
in our pods!
But for instance if we use the MariaDB (Persistent) Template we run
into permission issues on the mounted glusterfs volume.
Even a privileged pod does not help.
The pod log:
mkdir: cannot create directory '/var/lib/mysql/data/mysql': Permission
denied
Fatal error Can't create database directory '/var/lib/mysql/data/mysql'
When I debug it in a terminal the permission problems occur as well:
sh-4.2$ ps waux
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
mysql 1 0.0 0.0 4316 352 ? Ss 09:47 0:00 sleep
3600
sh-4.2$ ls -la /var/lib/mysql/data/
total 8
drwxr-xr-x. 4 root root 4096 Nov 17 16:23 .
drwxrwxr-x. 3 mysql root 18 Oct 31 13:14 ..
drwxr-xr-x. 3 root root 4096 Nov 17 16:23 .trashcan
sh-4.2$ touch test
touch: cannot touch 'test': Permission denied
The Pod runs as mysql user and has no access rights to write here.
When I set the permissions manually outside the pod on the mount it
works, but that is not a good solution for autoprovisioning
... or run mariadb as root... not so good as well.
We have not found any possibility to set the permissions with heketi
or somewhere in the yaml.
So what is would be the correct solution here?
Thanks for your help!
_______________________________________________
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users