K
Q

Same Yaml working in kubernetes but giving error in Openshift (ROSA)

11/11/2021

I have the below yaml which is running fine in kubernetes but not working in Openshift with below error. Many more components yaml run seamlessly and this log path is created but only for this one it is not working.

Error:

Warning  FailedPostStartHook  12m (x2 over 12m)  kubelet            Exec lifecycle hook ([/bin/sh -c echo "`date +'%Y-%m-%d %H:%M:%S,%3N'` [main] [] INFO  [postStarthook] - Starting txe ..."
>>/var/seamless/log/txe/txe.log]) for Container "ers-txe" in Pod "ers-txe-547b59778f-2zpgm_ers(36a9bfc2-5817-4ed4-bbee-9923580d9fba)" failed - error: command '/bin/sh -c echo "`date +'%Y-%m-%d %H:%M:%S,%3N'` [main] [] INFO  [postStarthook] - Starting txe ..."
>>/var/seamless/log/txe/txe.log' exited with 1: /bin/sh: can't create /var/seamless/log/txe/txe.log: Permission denied , message: "/bin/sh: can't create /var/seamless/log/txe/txe.log: Permission denied\n"   Normal   Killing            12m (x2 over 12m)  kubelet  FailedPostStartHook

Stackoverflow doesn't allow me to paste complete yaml so let me know what other information is required. My yaml contains PV - for txe component PVC - for txe component PV - for mysql PVC - for mysql ClusterIP service Deployment file

-- Aman Singh
docker
kubernetes
openshift

Similar Questions

How to correctly export kubernetes resources?
How to collect all ip's of pods by specific name filter
SEQ on Kubernetes not publicly visible
Have multiple Urls for viewing logs in spinnaker
Rancher Cluster Monitoring + Prometheus Operator?

2 Answers

11/15/2021

I was missing below parameter in my YAML file. I added below in container's spec section and issue was resolved. This field was not required in my YAML when I run in kubernetes. By default many things are restricted in openshift.

	securityContext:
      privileged: true
-- Aman Singh
Source: StackOverflow
11/12/2021

You're probably running as root by default in kube, and as the high UID in OpenShift.

This error line is where I think the issue is: "/bin/sh: can't create /var/seamless/log/txe/txe.log: Permission denied\n"

Check file permissions on that directory, check UID/GID that you're running as.

In OpenShift, you usually leverage the GID (not the UID) of the container runtime processes, so I would suggest a small rebuild of your container image to add "chgrp group ... chmod g+w ..." on the directories in question.

The other quick hack to fix this is, remembering that all of these directories are transient anyway, just change your command to write to /tmp instead.

-- dbaker
Source: StackOverflow