Storage Permissions on PVC #144
-
My first few attempts of starting a cluster are running into some permissions issues on the PVC. The pods start and crashes right away with: My understanding is the CNPG operator is starting pods with a non-root user but the PVC is published with a mountpoint in the pod owned by root. I believe the operator should be specifying the fsGroup and fsUser in the securityContext of the pod. If so then this is a bug. If not, please let me know the design approach or if I have missed something using the quick start example. |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments 2 replies
-
Hi @TProhofsky Are you deploying the operator in a vanilla Kubernetes or somewhere else? Because the containers are created with fsGroup and fsUser https://github.com/cloudnative-pg/cloudnative-pg/blob/main/pkg/specs/pods.go#L278 |
Beta Was this translation helpful? Give feedback.
-
Hi @TProhofsky Can you tell us which CSI driver are you using? as I can see you already have the proper permissions to create everything even if Please let us know what you find, since this can go into a FAQ for CNPG and that will be a great contribution! Regards! |
Beta Was this translation helpful? Give feedback.
Hi @TProhofsky
Are you deploying the operator in a vanilla Kubernetes or somewhere else? Because the containers are created with fsGroup and fsUser https://github.com/cloudnative-pg/cloudnative-pg/blob/main/pkg/specs/pods.go#L278