Traefik Kubernetes doesn't start for ititContainer Back-off restarting failed container

[urbaman]

Hi,

I'm following your setup for Traefik on K8s with Persistent Volume and initContainer for permnission issues.

My implementation has traefik beign installed in the traefik namespace, with glusterfs-based volume and claim:

ubuntu@k8cp1:~$ kubectl get pv
NAME                 CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS   CLAIM                       STORAGECLASS   REASON   AGE
traefik-ssl-volume   128Mi      RWX            Retain           Bound    traefik/traefik-ssl-claim                           2d11h
ubuntu@k8cp1:~$ kubectl get pvc -n traefik
NAME                STATUS   VOLUME               CAPACITY   ACCESS MODES   STORAGECLASS   AGE
traefik-ssl-claim   Bound    traefik-ssl-volume   128Mi      RWX                           2d11h

And here's my persistence and initContainer sections of Traefik values:

deployment:
  additionalContainers: []
  additionalVolumes: []
  annotations: {}
  enabled: true
  imagePullSecrets: []
  initContainers:
    - name: volume-permissions
      image: busybox
      securityContext:
        runAsUser: 0
      command: ["sh", "-c", "chmod -Rv 600 /ssl-certs/*"]
      volumeMounts:
        - name: ssl-certs
          mountPath: /ssl-certs
  kind: Deployment
  labels: {}
  minReadySeconds: 0
  podAnnotations: {}
  podLabels: {}
  replicas: 1
  shareProcessNamespace: true
  terminationGracePeriodSeconds: 60

persistence:
  accessMode: ReadWriteMany
  annotations: {}
  enabled: true
  name: ssl-certs
  path: /ssl-certs
  size: 128Mi
  existingClaim: traefik-ssl-claim

What can the problem be? The initContainer in the wrong namespace? Traefik works without the initContainer, but I get "permission errors" on ssl-certs contents, so I need the initContainer.

Thanks,