[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Unable to run PetSets with persistent volume



Hello

I am reaching out regarding the issue https://github.com/openshift/origin/issues/12063

I have setup an Openshift Origin all-in-one setup using Virtualbox. I am setting up a couchbase cluster using petsets and for persistent volumes am using pre-provisioned volumes in all-in-one setup.

I am facing permission issues while bringing up my couchbase cluster:
chown: changing ownership of 'var/lib/couchbase/stats': Operation not permitted

Here is my file permission of /opt/couchbase/var which is the mounted volume for the petset

# ls -al /opt/couchbase/var -d
drwxrwxrwx. 3 nobody nogroup 4096 Mar   8 14:45 /opt/couchbase/var

After investigating more on SCC, I understood that openshift runs containers with specific user ID which part of the root group. As the pre-provisioned volumes in all-in-one setup is NFS, I tried adding group ID of "nogroup" as supplementalGroups, so that openshift's user ID will be part of nogroup and hence will have required file permissions to operate on /opt/couchbase/var.

# id nobody
uid=65534(nobody) gid=65534(nogroup) groups=65534(nogroup)

Following is the securityContext config for my petset:
      securityContext:
        supplementalGroups: [65534]

As mentioned in the aforementioned issue, I also executed "oc adm policy add-scc-to-user anyuid -z default"

Based on my understanding of SCC, I have tried two solutions: 1. Add nogroup group ID in the supplementalGroups and 2. executing add-scc-to-user anyuid, but still I am unable to resolve the file permission issue.

Any help is much appreciated.

Thanks
Vignesh

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]