boilerplates
boilerplates copied to clipboard
Traefik Kubernetes doesn't start for ititContainer Back-off restarting failed container
Hi,
I'm following your setup for Traefik on K8s with Persistent Volume and initContainer for permnission issues.
My implementation has traefik beign installed in the traefik namespace, with glusterfs-based volume and claim:
ubuntu@k8cp1:~$ kubectl get pv
NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE
traefik-ssl-volume 128Mi RWX Retain Bound traefik/traefik-ssl-claim 2d11h
ubuntu@k8cp1:~$ kubectl get pvc -n traefik
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
traefik-ssl-claim Bound traefik-ssl-volume 128Mi RWX 2d11h
And here's my persistence and initContainer sections of Traefik values:
deployment:
additionalContainers: []
additionalVolumes: []
annotations: {}
enabled: true
imagePullSecrets: []
initContainers:
- name: volume-permissions
image: busybox
securityContext:
runAsUser: 0
command: ["sh", "-c", "chmod -Rv 600 /ssl-certs/*"]
volumeMounts:
- name: ssl-certs
mountPath: /ssl-certs
kind: Deployment
labels: {}
minReadySeconds: 0
podAnnotations: {}
podLabels: {}
replicas: 1
shareProcessNamespace: true
terminationGracePeriodSeconds: 60
persistence:
accessMode: ReadWriteMany
annotations: {}
enabled: true
name: ssl-certs
path: /ssl-certs
size: 128Mi
existingClaim: traefik-ssl-claim
What can the problem be? The initContainer in the wrong namespace? Traefik works without the initContainer, but I get "permission errors" on ssl-certs contents, so I need the initContainer.
Thanks,