Forseti GKE End2End gke master 1.14.10-gke.27 - proxy sql config.json failed: permission denied": unknown #72

exenin · 2020-04-23T21:14:08Z

Warning Failed 13s (x2 over 14s) kubelet, gke-forseti-cluster-default-node-pool-64338854-2rf4 Error: failed to start container "cloudsql-proxy": Error response from daemon: OCI runtime create failed: container_l inux.go:345: starting container process caused "chdir to cwd (\"/home/nonroot\") set in config.json failed: permission denied": unknown

according to this, something changed to allowe security by default but also breaks sql proxy
GoogleCloudPlatform/cloud-sql-proxy#385

editing the cloudsql-proxy deploy and changing the runAsUser

from runAsUser: 2
to
runAsUser: 65532

seems to fix it

The text was updated successfully, but these errors were encountered:

exenin mentioned this issue Apr 24, 2020

https://github.com/GoogleCloudPlatform/cloudsql-proxy/issues/385 #73

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Forseti GKE End2End gke master 1.14.10-gke.27 - proxy sql config.json failed: permission denied": unknown #72

Forseti GKE End2End gke master 1.14.10-gke.27 - proxy sql config.json failed: permission denied": unknown #72

exenin commented Apr 23, 2020

Forseti GKE End2End gke master 1.14.10-gke.27 - proxy sql config.json failed: permission denied": unknown #72

Forseti GKE End2End gke master 1.14.10-gke.27 - proxy sql config.json failed: permission denied": unknown #72

Comments

exenin commented Apr 23, 2020