Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

mkdir: cannot create directory ‘/bitnami/postgresql/data’: Permission denied #30650

Open
mahmud2011 opened this issue Nov 27, 2024 · 1 comment
Open

mkdir: cannot create directory ‘/bitnami/postgresql/data’: Permission denied #30650

mahmud2011 opened this issue Nov 27, 2024 · 1 comment
Assignees
@carrodher
Labels
postgresql tech-issues The user has a technical issue about an application triage Triage is needed

Comments

@mahmud2011
Copy link

Name and Version

bitnamicharts/postgresql 16.2.2

What architecture are you using?

arm64

What steps will reproduce the bug?

  1. minikube start --nodes 4 --driver=podman --container-runtime=cri-o --kubernetes-version=v1.31.0 -p master-cluster
  2. helm install kb oci://registry-1.docker.io/bitnamicharts/postgresql --version 16.2.2

kubectl describe pod kb-postgresql-0

Name:             kb-postgresql-0
Namespace:        default
Priority:         0
Service Account:  kb-postgresql
Node:             master-cluster-m02/192.168.49.3
Start Time:       Wed, 27 Nov 2024 17:20:41 +0100
Labels:           app.kubernetes.io/component=primary
                  app.kubernetes.io/instance=kb
                  app.kubernetes.io/managed-by=Helm
                  app.kubernetes.io/name=postgresql
                  app.kubernetes.io/version=17.2.0
                  apps.kubernetes.io/pod-index=0
                  controller-revision-hash=kb-postgresql-6964594945
                  helm.sh/chart=postgresql-16.2.2
                  statefulset.kubernetes.io/pod-name=kb-postgresql-0
Annotations:      <none>
Status:           Running
IP:               10.244.1.2
IPs:
  IP:           10.244.1.2
Controlled By:  StatefulSet/kb-postgresql
Containers:
  postgresql:
    Container ID:    cri-o://261376fe27efd6836ed1996bc84fb602197c24c997c03e99a291e86477975330
    Image:           docker.io/bitnami/postgresql:17.2.0-debian-12-r0
    Image ID:        docker.io/bitnami/postgresql@sha256:1dd43b042f79d184b28e6012b72621b0b43438e4695210cdfa4d40a9c48e9354
    Port:            5432/TCP
    Host Port:       0/TCP
    SeccompProfile:  RuntimeDefault
    State:           Waiting
      Reason:        CrashLoopBackOff
    Last State:      Terminated
      Reason:        Error
      Exit Code:     1
      Started:       Wed, 27 Nov 2024 17:23:43 +0100
      Finished:      Wed, 27 Nov 2024 17:23:43 +0100
    Ready:           False
    Restart Count:   5
    Limits:
      cpu:                150m
      ephemeral-storage:  2Gi
      memory:             192Mi
    Requests:
      cpu:                100m
      ephemeral-storage:  50Mi
      memory:             128Mi
    Liveness:             exec [/bin/sh -c exec pg_isready -U "foo" -d "dbname=knowledge_base" -h 127.0.0.1 -p 5432] delay=30s timeout=5s period=10s #success=1 #failure=6
    Readiness:            exec [/bin/sh -c -e exec pg_isready -U "foo" -d "dbname=knowledge_base" -h 127.0.0.1 -p 5432
[ -f /opt/bitnami/postgresql/tmp/.initialized ] || [ -f /bitnami/postgresql/.initialized ]
] delay=5s timeout=5s period=10s #success=1 #failure=6
    Environment:
      BITNAMI_DEBUG:                        false
      POSTGRESQL_PORT_NUMBER:               5432
      POSTGRESQL_VOLUME_DIR:                /bitnami/postgresql
      PGDATA:                               /bitnami/postgresql/data
      POSTGRES_USER:                        foo
      POSTGRES_PASSWORD:                    <set to the key 'password' in secret 'kb-postgresql'>           Optional: false
      POSTGRES_POSTGRES_PASSWORD:           <set to the key 'postgres-password' in secret 'kb-postgresql'>  Optional: false
      POSTGRES_DATABASE:                    knowledge_base
      POSTGRESQL_ENABLE_LDAP:               no
      POSTGRESQL_ENABLE_TLS:                no
      POSTGRESQL_LOG_HOSTNAME:              false
      POSTGRESQL_LOG_CONNECTIONS:           false
      POSTGRESQL_LOG_DISCONNECTIONS:        false
      POSTGRESQL_PGAUDIT_LOG_CATALOG:       off
      POSTGRESQL_CLIENT_MIN_MESSAGES:       error
      POSTGRESQL_SHARED_PRELOAD_LIBRARIES:  pgaudit
    Mounts:
      /bitnami/postgresql from data (rw)
      /dev/shm from dshm (rw)
      /opt/bitnami/postgresql/conf from empty-dir (rw,path="app-conf-dir")
      /opt/bitnami/postgresql/tmp from empty-dir (rw,path="app-tmp-dir")
      /tmp from empty-dir (rw,path="tmp-dir")
Conditions:
  Type                        Status
  PodReadyToStartContainers   True 
  Initialized                 True 
  Ready                       False 
  ContainersReady             False 
  PodScheduled                True 
Volumes:
  data:
    Type:       PersistentVolumeClaim (a reference to a PersistentVolumeClaim in the same namespace)
    ClaimName:  data-kb-postgresql-0
    ReadOnly:   false
  empty-dir:
    Type:       EmptyDir (a temporary directory that shares a pod's lifetime)
    Medium:     
    SizeLimit:  <unset>
  dshm:
    Type:        EmptyDir (a temporary directory that shares a pod's lifetime)
    Medium:      Memory
    SizeLimit:   <unset>
QoS Class:       Burstable
Node-Selectors:  <none>
Tolerations:     node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
                 node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
  Type     Reason            Age                   From               Message
  ----     ------            ----                  ----               -------
  Warning  FailedScheduling  3m19s                 default-scheduler  0/4 nodes are available: pod has unbound immediate PersistentVolumeClaims. preemption: 0/4 nodes are available: 4 Preemption is not helpful for scheduling.
  Normal   Scheduled         3m18s                 default-scheduler  Successfully assigned default/kb-postgresql-0 to master-cluster-m02
  Normal   Pulling           3m17s                 kubelet            Pulling image "docker.io/bitnami/postgresql:17.2.0-debian-12-r0"
  Normal   Pulled            3m6s                  kubelet            Successfully pulled image "docker.io/bitnami/postgresql:17.2.0-debian-12-r0" in 11.225s (11.225s including waiting). Image size: 373319681 bytes.
  Normal   Created           2m22s (x4 over 3m6s)  kubelet            Created container postgresql
  Normal   Started           2m22s (x4 over 3m6s)  kubelet            Started container postgresql
  Normal   Pulled            2m22s (x3 over 3m5s)  kubelet            Container image "docker.io/bitnami/postgresql:17.2.0-debian-12-r0" already present on machine
  Warning  BackOff           113s (x12 over 3m4s)  kubelet            Back-off restarting failed container postgresql in pod kb-postgresql-0_default(c0c2ddea-7b5a-4f94-b2b0-fbb56303bded)

kubectl logs kb-postgresql-0

postgresql 16:20:54.57 INFO  ==> 
postgresql 16:20:54.57 INFO  ==> Welcome to the Bitnami postgresql container
postgresql 16:20:54.57 INFO  ==> Subscribe to project updates by watching https://github.com/bitnami/containers
postgresql 16:20:54.57 INFO  ==> Submit issues and feature requests at https://github.com/bitnami/containers/issues
postgresql 16:20:54.57 INFO  ==> Upgrade to Tanzu Application Catalog for production environments to access custom-configured and pre-packaged software components. Gain enhanced features, including Software Bill of Materials (SBOM), CVE scan result reports, and VEX documents. To learn more, visit https://bitnami.com/enterprise
postgresql 16:20:54.57 INFO  ==> 
postgresql 16:20:54.57 INFO  ==> ** Starting PostgreSQL setup **
postgresql 16:20:54.67 INFO  ==> Validating settings in POSTGRESQL_* env vars..
postgresql 16:20:54.67 INFO  ==> Loading custom pre-init scripts...
postgresql 16:20:54.67 INFO  ==> Initializing PostgreSQL database...
mkdir: cannot create directory ‘/bitnami/postgresql/data’: Permission denied

Are you using any custom parameters or values?

global:
  postgresql:
    auth:
      username: "foo"
      password: "pass"
      database: "knowledge_base"

What is the expected behavior?

No response

What do you see instead?

mkdir: cannot create directory ‘/bitnami/postgresql/data’: Permission denied

Additional information

Machine: MacBook Pro, M2, 2022
@mahmud2011 mahmud2011 added the tech-issues The user has a technical issue about an application label Nov 27, 2024
@github-actions github-actions bot added the triage Triage is needed label Nov 27, 2024
@carrodher
Copy link
Member

Bitnami containers are designed to operate as non-root by default. Consequently, any files or directories used by the application should be owned by the root group, as the random user (1001 by default) is a member of this root group. To ensure proper permissions, you'll need to adjust the ownership of your local directory accordingly.

For more comprehensive information about non-root containers and their significance for security, you can explore the following resources:

These references provide valuable insights into the best practices and considerations when working with non-root containers in Bitnami applications.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@carrodher carrodher

Labels
postgresql tech-issues The user has a technical issue about an application triage Triage is needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mahmud2011 @carrodher