Open linux-wizard opened 2 weeks ago
Would it help if you add securityContext as described here? https://github.com/Altinity/clickhouse-operator/issues/1370
Note, that CHK is not compatible between 0.23.7 and 0.24.0 -- see migration guide: https://github.com/Altinity/clickhouse-operator/blob/0.24.0/docs/keeper_migration_from_23_to_24.md
Would it help if you add securityContext as described here? #1370
+1, this should be helpful
spec:
securityContext:
fsGroup: 101
fsGroupChangePolicy: OnRootMismatch
runAsGroup: 101
runAsUser: 101
@chengjoey , we are hesitant to ingest it in the code by default. But maybe it is a good thing to do
I deployed ClickHouse keeper using
clickhouse-operator
0.24.0 with 3 nodes and a PVC. Unfortunately ClickHouse Keeper is in Read-Only mode because it failed to write to the snapshot directory/var/lib/clickhouse-keeper/coordination/logs/
as they have incorrect permissions.Below is error message:
I can deploy a working ClickHouse Keeper when not using PVC using
clickhouse-operator
0.23.7It seems that by default
/var/lib/clickhouse-keeper/coordination/{logs,snapshots}
are ownded by root, but we need to ensure that everyone has write access. Below are permissions when not using PVCHowever I do believe it will be better to have these directories owned by
root:clickhouse
withrwxrwx---
permissions (770)