0

I have the following deployment yaml that takes a postgres image and runs it in a pod:

1   apiVersion: apps/v1
  1 kind: Deployment
  2 metadata:
  3   name: postgres-deployment
  4 spec:
  5   replicas: 1
  6   selector:
  7     matchLabels:
  8       component: postgres
  9   template:
 10     metadata:
 11       labels:
 12         component: postgres
 13     spec:
 14       initContainers:
 15         - name: change-user
 16           image: busybox:latest
 17           command: ["sh", "-c", "chown -R 999:999 /var/lib/postgresql/data"]
 18       securityContext:
 19         runAsUser: 999
 20       volumes:
 21         - name: postgres-storage
 22           persistentVolumeClaim:
 23             claimName: postgres-persistent-volume-claim
 24       containers:
 25         - name: postgres
 26           image: prikshet/postgres
 27           ports:
 28             - containerPort: 5432
 29           volumeMounts:
 30             - name: postgres-storage
 31               mountPath: /var/lib/postgresql/data
 32               subPath: postgres
 33           imagePullPolicy: Always

Before having an initContainer, I was getting the error that /var/lib/postgresql/data had wrong ownership so I created an initContainer to fix those ownership and also tried to change the securityContext. The initContainer gives an error on the pod startup:

chown: /var/lib/postgresql/data: No such file or directory

How to fix this error?

My postgres container

1   FROM postgres:latest
  1 COPY deployment/postgres_init /docker-entrypoint-initdb.d
  2 USER 999
  3 RUN initdb
  4 CMD postgres -c hba_file=docker-entrypoint-initdb.d/pg_hba.conf -c config_fi    le=docker-entrypoint-initdb.d/postgresql.conf
zendevil.eth
  • 974
  • 2
  • 9
  • 28
  • your init container at the moment does not have the volume postgres-storage mounted. try adding the same volumemounts section you have in your postgres container to your init container – meaningqo Aug 11 '21 at 05:06
  • I did that and it gives "Operation not permitted". I tried sudo but there's no sudo in busybox – zendevil.eth Aug 11 '21 at 05:17
  • changed from busybox to alpine and tried adding sudo with apk add sudo, but get: ERROR: Unable to lock database: Permission denied ERROR: Failed to open apk database: Permission denied – zendevil.eth Aug 11 '21 at 05:23
  • As I can see, you use custom image prikshet/postgres. To exclude influence of that image, could you please try to deploy Postgres using the official image, i.e postgres:latest without initContainers: and securityContext: sections in your spec? – Andrew Skorkin Aug 11 '21 at 23:02
  • prikshet/postgres file in the edit. If there's a way to have the same effect with just the the official postgres image I'd be happy to know – zendevil.eth Aug 12 '21 at 04:09
  • Ok ) Maybe you can clarify your main reason - start postgres container or change ownership for the volume? – Andrew Skorkin Aug 12 '21 at 23:37
  • If the first option, I can propose you to look at this [case on Stack](https://stackoverflow.com/questions/62577494/mkdir-mnt-data-read-only-file-system-back-off-restarting-failed-postgres-conta) It has all necessary configuration. I tried this example with your image and it start without problems. Maybe that can help you. In case of second option, I agree with @meaningqo - also tried this approach and added section for volume mount. First started init container and then container. – Andrew Skorkin Aug 12 '21 at 23:49

0 Answers0