local-path-provisioner icon indicating copy to clipboard operation
local-path-provisioner copied to clipboard

Published 20 hours ago verified publisher icon rancher

volume folder created with unexpected different user and folder

Open brightzheng100 opened this issue 1 year ago • 3 comments

Some volume folders created with an unexpected different user user, which is my current OS login user, which is NOT expected.

$ ls -al /storage/
total 24
drwxrwxrwx  6 root    root    4096 Jan 10 05:13 .
drwxr-xr-x 20 root    root    4096 Jan 10 04:38 ..
drwxrwxrwx  3 root    root    4096 Jan 10 04:45 pvc-0ea1f977-fe0c-40e8-88f3-311f685f52bf_xxx-kafka_data-0-kafka-kafka-0
drwxrwxrwx  3 root    root    4096 Jan 10 04:38 pvc-6c7303e7-30c1-411d-be91-7e3d3615a000_xxx-postgres_postgres-1
drwxrwxrwx  7 root    root    4096 Jan 10 04:39 pvc-86e2e71c-1bcf-4cda-892f-129469dd3cb9_xxx-cassandra_server-data-xxx-cassandra-default-sts-0
drwxrwxrwx  2 user user 4096 Jan 10 05:13 pvc-eff01513-6998-4763-bf8d-624cfb34e685_xxx-elasticsearch_elasticsearch-data-elasticsearch-es-default-0

I defined my custom config like this -- Note that I tried to tweak the setup script to change the owner explicitly to be root:root but didn't help:

kind: ConfigMap
apiVersion: v1
metadata:
  name: local-path-config
  namespace: local-path-storage
data:
  config.json: |-
    {
      "nodePathMap":[
        {
          "node":"DEFAULT_PATH_FOR_NON_LISTED_NODES",
          "paths":["/storage"]
        }
      ]
    }
  setup: |-
    #!/bin/sh
    set -eu
    echo mkdir -m 0777 -p "$VOL_DIR"
    mkdir -m 0777 -p "$VOL_DIR"
    echo chown root:root -R "$VOL_DIR"
    chown root:root -R "$VOL_DIR"
    echo chmod 0777 -R "$VOL_DIR"
    chmod 0777 -R "$VOL_DIR"
  teardown: |-
    #!/bin/sh
    set -eu
    rm -rf "$VOL_DIR"
  helperPod.yaml: |-
    apiVersion: v1
    kind: Pod
    metadata:
      name: helper-pod
    spec:
      priorityClassName: system-node-critical
      tolerations:
        - key: node.kubernetes.io/disk-pressure
          operator: Exists
          effect: NoSchedule
      containers:
      - name: helper-pod
        image: busybox
        imagePullPolicy: IfNotPresent

And the complete logs while creating the volume:

I0110 05:13:16.410902       1 controller.go:1337] provision "xxx-elasticsearch/elasticsearch-data-elasticsearch-es-default-0" class "local-path-data": started
time="2024-01-10T05:13:16Z" level=debug msg="config doesn't contain node itz-550004ghs4-9lf9, use DEFAULT_PATH_FOR_NON_LISTED_NODES instead"
time="2024-01-10T05:13:16Z" level=info msg="Creating volume pvc-eff01513-6998-4763-bf8d-624cfb34e685 at itz-550004ghs4-9lf9:/storage/pvc-eff01513-6998-4763-bf8d-624cfb34e685_xxx-elasticsearch_elasticsearch-data-elasticsearch-es-default-0"
time="2024-01-10T05:13:16Z" level=info msg="create the helper pod helper-pod-create-pvc-eff01513-6998-4763-bf8d-624cfb34e685 into local-path-storage"
I0110 05:13:16.417871       1 event.go:298] Event(v1.ObjectReference{Kind:"PersistentVolumeClaim", Namespace:"xxx-elasticsearch", Name:"elasticsearch-data-elasticsearch-es-default-0", UID:"eff01513-6998-4763-bf8d-624cfb34e685", APIVersion:"v1", ResourceVersion:"28154", FieldPath:""}): type: 'Normal' reason: 'Provisioning' External provisioner is provisioning volume for claim "xxx-elasticsearch/elasticsearch-data-elasticsearch-es-default-0"
time="2024-01-10T05:13:20Z" level=info msg="Volume pvc-eff01513-6998-4763-bf8d-624cfb34e685 has been created on itz-550004ghs4-9lf9:/storage/pvc-eff01513-6998-4763-bf8d-624cfb34e685_xxx-elasticsearch_elasticsearch-data-elasticsearch-es-default-0"
time="2024-01-10T05:13:20Z" level=info msg="Start of helper-pod-create-pvc-eff01513-6998-4763-bf8d-624cfb34e685 logs"
time="2024-01-10T05:13:20Z" level=info msg="mkdir -m 0777 -p /storage/pvc-eff01513-6998-4763-bf8d-624cfb34e685_xxx-elasticsearch_elasticsearch-data-elasticsearch-es-default-0"
time="2024-01-10T05:13:20Z" level=info msg="chown root:root -R /storage/pvc-eff01513-6998-4763-bf8d-624cfb34e685_xxx-elasticsearch_elasticsearch-data-elasticsearch-es-default-0"
time="2024-01-10T05:13:20Z" level=info msg="chmod 0777 -R /storage/pvc-eff01513-6998-4763-bf8d-624cfb34e685_xxx-elasticsearch_elasticsearch-data-elasticsearch-es-default-0"
time="2024-01-10T05:13:20Z" level=info msg="End of helper-pod-create-pvc-eff01513-6998-4763-bf8d-624cfb34e685 logs"
I0110 05:13:20.458905       1 controller.go:1442] provision "xxx-elasticsearch/elasticsearch-data-elasticsearch-es-default-0" class "local-path-data": volume "pvc-eff01513-6998-4763-bf8d-624cfb34e685" provisioned
I0110 05:13:20.458905       1 controller.go:1455] provision "xxx-elasticsearch/elasticsearch-data-elasticsearch-es-default-0" class "local-path-data": succeeded
I0110 05:13:20.458917       1 volume_store.go:212] Trying to save persistentvolume "pvc-eff01513-6998-4763-bf8d-624cfb34e685"
I0110 05:13:20.462941       1 volume_store.go:219] persistentvolume "pvc-eff01513-6998-4763-bf8d-624cfb34e685" saved
I0110 05:13:20.462972       1 controller.go:1337] provision "xxx-elasticsearch/elasticsearch-data-elasticsearch-es-default-0" class "local-path-data": started
I0110 05:13:20.462986       1 controller.go:1346] provision "xxx-elasticsearch/elasticsearch-data-elasticsearch-es-default-0" class "local-path-data": persistentvolume "pvc-eff01513-6998-4763-bf8d-624cfb34e685" already exists, skipping
I0110 05:13:20.462996       1 event.go:298] Event(v1.ObjectReference{Kind:"PersistentVolumeClaim", Namespace:"xxx-elasticsearch", Name:"elasticsearch-data-elasticsearch-es-default-0", UID:"eff01513-6998-4763-bf8d-624cfb34e685", APIVersion:"v1", ResourceVersion:"28154", FieldPath:""}): type: 'Normal' reason: 'ProvisioningSucceeded' Successfully provisioned volume pvc-eff01513-6998-4763-bf8d-624cfb34e685

brightzheng100 avatar Jan 10 '24 05:01 brightzheng100