I solved a permission issue when mounting /var/lib/postgresql/data by following this answer with initContainers.
Now I'm trying to mount postgresql.conf as a volume, and I'm running into a similar permissioning issue that throws chown: /var/lib/postgresql/data/postgresql.conf: Read-only file system.
What could I be missing? I've tried a bunch of different variations with little luck.
apiVersion: apps/v1beta1
kind: StatefulSet
metadata:
name: postgres
labels:
app: postgres
spec:
serviceName: postgres
replicas: 1
updateStrategy:
type: RollingUpdate
template:
metadata:
labels:
app: postgres
spec:
terminationGracePeriodSeconds: 10
initContainers:
- name: chmod-er
image: busybox:latest
command:
- /bin/chown
- -R
- '0'
- /var/lib/postgresql/data
volumeMounts:
- name: postgredb
mountPath: /var/lib/postgresql/data
- name: pg-config
mountPath: /var/lib/postgresql/data/postgresql.conf
subPath: postgresql.conf
containers:
- name: postgres
image: mdillon/postgis:10-alpine
ports:
- containerPort: 5432
volumeMounts:
- name: postgredb
mountPath: /var/lib/postgresql/data
subPath: data
- name: pg-config
mountPath: /var/lib/postgresql/data/postgresql.conf
subPath: postgresql.conf
volumes:
- name: postgredb
persistentVolumeClaim:
claimName: postgres-pvc
- name: pg-config
configMap:
name: pg-config
items:
- key: postgresql.conf
path: postgresql.confFrom kubernetes 1.8 on, configmap is mounted readonly, excerpt from the CHANGELOG-1.8.md:
Changes secret, configMap, downwardAPI and projected volumes to mount read-only, instead of allowing applications to write data and then reverting it automatically. Until version 1.11, setting the feature gate ReadOnlyAPIDataVolumes=false will preserve the old behavior. (#58720, @joelsmith)
If you want to change the file that mounted from the configmap, you can copy it to another directory, then update it.