Unable to install Jenkins on Minikube using Helm due to the permission on mac

1/18/2021

I`vw tried to install jenkins on minikube according this article https://www.jenkins.io/doc/book/installing/kubernetes/

When I type kubectl logs pod/jenkins-0 init -n jenkins I get

disable Setup Wizard
/var/jenkins_config/apply_config.sh: 4: /var/jenkins_config/apply_config.sh: cannot create /var/jenkins_home/jenkins.install.UpgradeWizard.state: Permission denied

I almost sure that I have some problems with file system on mac.

I did not create serviceAccount from article because helm have not seen it and returns error.

Instead of it I changed in jenkins-values.yaml

serviceAccount:
  create: true
  name: jenkins
  annotations: {}

Then I tried set next values to 0. It have no affect.

  runAsUser: 1000
  fsGroup: 1000

Addition info: kubectl get all -n jenkins

NAME            READY   STATUS                  RESTARTS   AGE
pod/jenkins-0   0/2     Init:CrashLoopBackOff   7          15m

NAME                    TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)     AGE
service/jenkins         ClusterIP   10.104.114.29    <none>        8080/TCP    15m
service/jenkins-agent   ClusterIP   10.104.207.201   <none>        50000/TCP   15m

NAME                       READY   AGE
statefulset.apps/jenkins   0/1     15m

Also tried to use different directories for volume live /Volumes/data and add 777 permissions to it.

-- Edgar Kovalenko
jenkins
kubernetes
kubernetes-helm
minikube

3 Answers

9/24/2021

runAsUser to 0 everywhere worked, but this not the ideal solution due to potential security issues. Good for dev environment but not for prod.

-- ope
Source: StackOverflow

2/25/2021

There are a couple potentials in here, but there is a solution without switching to runAsUser 0 (which breaks security assessments).

The folder /data/jenkins-volume is created as root by default, with a 755 permission set so you can't create persistent data in this dir with the default jenkins build.

  • To fix this, enter minikube with $ minikube ssh and run: $ chown 1000:1000 /data/jenkins-volume

The other thing that could be biting you (after fixing the folder permissions) is SELinux policies, when you are running your Kubernetes on a RHEL based OS.

  • To fix this: $ chcon -R -t svirt_sandbox_file_t /data/jenkins-volume
-- Brock R.
Source: StackOverflow

1/25/2021

It was resolved

I just set runAsUser to 0 everywhere.

-- Edgar Kovalenko
Source: StackOverflow