cp: can't create directory '/etc/haproxy/lua': Permission denied

[sektorhybrid]

Hello and thanks for your work on this ingress controller.

We tested with many different settings but we keep getting the following error:

• installation

helm upgrade --install -n haproxy-ingress haproxy-ingress haproxy-ingress/haproxy-ingress --version 0.12.6 -f values.yaml

• error

[root@xxxxxxxxxxxxx-01 haproxy]# kubectl -n haproxy-ingress logs haproxy-ingress-f7b8dc97f-znlq4 haproxy-ingress
cp: can't create directory '/etc/haproxy/lua': Permission denied

NAME                                               READY   STATUS             RESTARTS   AGE
haproxy-ingress-7f64d48f4b-ml24c                   0/2     CrashLoopBackOff   10         4m43s

• values.yaml

values-lab.yaml.txt

[jcmoraisjr]

Hi, thanks for reporting this. What OS are you using? Any special hardening, eg selinux enabled? Can you allow the process to create files and directories under /etc/haproxy?

[sektorhybrid]

Hi, I am using RHEL 7.7 vanilla. This cp command runs inside the docker image and the error is from the image, it didn't seem to me that it refers to /etc folder in OS host level. Adding to that, I didn't see any volumes in the config that refer to host OS /etc mount. Am I missing something ? In the meanwhile I will try to create the folder and assign permissions in OS level just of curiosity but this doesn't seem to be a valid option as we need isolation.

[jcmoraisjr]

Please check if the container process is running as root or uid 1001, ~~otherwise~~ if so we have some RHEL magic in place, like selinux enabled, which usually doesn't like an ordinary process messing the /etc subdir. We currently need this due to external haproxy support. I'll give a centos 7 box a try.