CODEWITHSUNDEEP
kubernetespoc
samucabrave
samucabrave

Reputation: 11

Permission denied @ rb_sysopen - /home/oxidized/.config/oxidized/pid

I'm trying to implement Oxidized and have chosen to use Kubernetes. I created a storage account in Azure where there are the main files that oxidized needs, which are config, router.db and the logs and crash folder that are created after execution. The problem is that I am getting the error Permission denied @rb_sysopen - /home/oxidized/.config/oxidized/pid. I'm building my deploy inside a Terraform file using the deploy_kubernetes resource.

I am using initContainers and even so, the folder permissions are not changed. Accessing the pod using kubectl exec -it -- bash and using the commands to change permissions doesn't work either.

Here's my code...

resource "kubernetes_deployment" "poc-oxidized" {
  metadata {
    name      = "poc-oxidized"
    namespace = kubernetes_namespace.namespace_poc-oxidized.metadata.0.name
  }
  spec {
    replicas = 1
    selector {
      match_labels = {
        app = "poc-oxidized"
      }
    }
    template {
      metadata {
        labels = {
          app = "poc-oxidized"
        }
      }
      spec {
        init_container {
          name = "set-permissions"
          image = "busybox"
          command = ["sh", "-c", "chmod -R 775 /home/oxidized/.config/oxidized"]
          security_context {
            privileged = true
          }
          volume_mount {
            name       = "poc-oxidized-pvc"
            mount_path = "/home/oxidized/.config/oxidized"
          }
        }
        container {
          name  = "poc-oxidized"
          image = "oxidized/oxidized:latest"

          env {
            name = "HOME"
            value = "/home/oxidized"
          }

          port {
            name           = "http"
            container_port = __port__
          }

          volume_mount {
            name       = "poc-oxidized-pvc"
            mount_path = "/home/oxidized/.config/oxidized"
          }
        }
        volume {
          name = "poc-oxidized-pvc"
          persistent_volume_claim {
            claim_name = kubernetes_persistent_volume_claim.claim.metadata.0.name
          }
        }
      }
    }
  }

Upvotes: 0

Views: 75

Answers (1)

ralphyjade
ralphyjade

Reputation: 197

In this topic of Dockers by the Github community, it is a must to have file location of your pid file, router.db, logs, crash folder etc. into your home directory, you may change the file location of your pid file by kubectl plugins to avoid denied permission.

Upvotes: 0

Related Questions