Closed voipas closed 4 years ago
Hi @voipas thanks for opening this issue.
bitnami/postgresql
is a non-root image so it needs some adjustments to be able to write your volume since your volume owner is pi:pi
and the container expects to be pi:root
at least. We include an init container in our chart to avoid this kind of error but you need to enable it please could you add the following to your values.yaml
?
postgresql:
volumePermissions:
enabled: true
Hi @dani8art , thanks for response, I idid this , but still have problems...
values.yaml
postgresql:
# If `true`, the Postgresql dependency is enabled
enabled: true
postgresqlDataDir: /data/pgdata
# PostgreSQL User to create
postgresqlUsername: keycloak
# PostgreSQL Password for the new user
postgresqlPassword: keycloak
# PostgreSQL Database to create
postgresqlDatabase: keycloak
image:
registry: docker.io
repository: "postgres"
tag: "9.6.19"
pullPolicy: IfNotPresent
# Persistent Volume Storage configuration
persistence:
enabled: true # Change to true
mountPath: /data/
existingClaim: "keycloak-ssd" # Persistent Volume Claim created earlier
#accessMode: ReadWriteOnce
#size: "2Gi"
volumePermissions:
enabled: true
Pod status
$ kubectl get pods -n security
NAME READY STATUS RESTARTS AGE
keycloak-0 0/1 Init:0/1 0 45s
keycloak-postgresql-0 0/1 Init:CrashLoopBackOff 2 45s
Pod logs
$ kubectl logs keycloak-postgresql-0 -n security
Error from server (BadRequest): container "keycloak-postgresql" in pod "keycloak-postgresql-0" is waiting to start: PodInitializing
Pod describe
$ kubectl describe pod keycloak-postgresql-0 -n security
Name: keycloak-postgresql-0
Namespace: security
Priority: 0
Node: k8s-slave-03/192.168.0.23
Start Time: Thu, 20 Aug 2020 17:24:41 +0000
Labels: app.kubernetes.io/instance=keycloak
app.kubernetes.io/managed-by=Helm
app.kubernetes.io/name=postgresql
controller-revision-hash=keycloak-postgresql-5b74cf8d59
helm.sh/chart=postgresql-9.1.1
role=master
statefulset.kubernetes.io/pod-name=keycloak-postgresql-0
Annotations: <none>
Status: Pending
IP: 10.42.2.7
IPs:
IP: 10.42.2.7
Controlled By: StatefulSet/keycloak-postgresql
Init Containers:
init-chmod-data:
Container ID: containerd://20d164d0f310d61640978b144a7442eeb7c1abd533f9c73ec196bac4ecf01823
Image: docker.io/bitnami/minideb:buster
Image ID: docker.io/bitnami/minideb@sha256:8a773f4021425654cbb6e31176098632370d1c7eac221cef643476e10d5a3af2
Port: <none>
Host Port: <none>
Command:
/bin/sh
-cx
mkdir -p /data//data
chmod 700 /data//data
find /data/ -mindepth 1 -maxdepth 1 -not -name "conf" -not -name ".snapshot" -not -name "lost+found" | \
xargs chown -R 1001:1001
chmod -R 777 /dev/shm
State: Waiting
Reason: CrashLoopBackOff
Last State: Terminated
Reason: Error
Exit Code: 1
Started: Thu, 20 Aug 2020 17:27:42 +0000
Finished: Thu, 20 Aug 2020 17:27:42 +0000
Ready: False
Restart Count: 5
Requests:
cpu: 250m
memory: 256Mi
Environment: <none>
Mounts:
/data/ from data (rw)
/dev/shm from dshm (rw)
/var/run/secrets/kubernetes.io/serviceaccount from default-token-7nd68 (ro)
Containers:
keycloak-postgresql:
Container ID:
Image: docker.io/postgres:9.6.19
Image ID:
Port: 5432/TCP
Host Port: 0/TCP
State: Waiting
Reason: PodInitializing
Ready: False
Restart Count: 0
Requests:
cpu: 250m
memory: 256Mi
Liveness: exec [/bin/sh -c exec pg_isready -U "keycloak" -d "dbname=keycloak" -h 127.0.0.1 -p 5432] delay=30s timeout=5s period=10s #success=1 #failure=6
Readiness: exec [/bin/sh -c -e exec pg_isready -U "keycloak" -d "dbname=keycloak" -h 127.0.0.1 -p 5432
] delay=5s timeout=5s period=10s #success=1 #failure=6
Environment:
BITNAMI_DEBUG: false
POSTGRESQL_PORT_NUMBER: 5432
POSTGRESQL_VOLUME_DIR: /data/
PGDATA: /data/pgdata
POSTGRES_USER: keycloak
POSTGRES_PASSWORD: <set to the key 'postgresql-password' in secret 'keycloak-postgresql'> Optional: false
POSTGRES_DB: keycloak
POSTGRESQL_ENABLE_LDAP: no
POSTGRESQL_ENABLE_TLS: no
Mounts:
/data/ from data (rw)
/dev/shm from dshm (rw)
/var/run/secrets/kubernetes.io/serviceaccount from default-token-7nd68 (ro)
Conditions:
Type Status
Initialized False
Ready False
ContainersReady False
PodScheduled True
Volumes:
dshm:
Type: EmptyDir (a temporary directory that shares a pod's lifetime)
Medium: Memory
SizeLimit: 1Gi
data:
Type: PersistentVolumeClaim (a reference to a PersistentVolumeClaim in the same namespace)
ClaimName: keycloak-ssd
ReadOnly: false
default-token-7nd68:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-7nd68
Optional: false
QoS Class: Burstable
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s
node.kubernetes.io/unreachable:NoExecute for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled <unknown> default-scheduler Successfully assigned security/keycloak-postgresql-0 to k8s-slave-03
Normal Created 3m49s (x4 over 4m36s) kubelet, k8s-slave-03 Created container init-chmod-data
Normal Started 3m49s (x4 over 4m35s) kubelet, k8s-slave-03 Started container init-chmod-data
Warning BackOff 3m21s (x7 over 4m33s) kubelet, k8s-slave-03 Back-off restarting failed container
Normal Pulling 3m6s (x5 over 4m37s) kubelet, k8s-slave-03 Pulling image "docker.io/bitnami/minideb:buster"
Normal Pulled 3m4s (x5 over 4m36s) kubelet, k8s-slave-03 Successfully pulled image "docker.io/bitnami/minideb:buster"
It seems like init-chmod-data
is not working properly could you add its logs, please?
$ kubectl logs keycloak-postgresql-0 init-chmod-data
Hey, here is an outcome:
$ kubectl logs keycloak-postgresql-0 init-chmod-data -n security
standard_init_linux.go:211: exec user process caused "exec format error"
Try to remove the mountPath or the /
At the end
persistence:
enabled: true # Change to true
mountPath: /data/
Sorry for late response. I have still the same issues, same errors. I wanted to double check, if on Master server and I'm using NFS mountpoint and from my previuos messages I have created PV and PVC:
hostPath:
path: "/mnt/ssd/keycloak-ps"
so when I try to install Posgresql - so which mount path I should use?
I tried mountPath=/mnt/ssd/keycloak-ps
Name: postgresql-postgresql-0
Namespace: security
Priority: 0
Node: k8s-slave-02/192.168.0.22
Start Time: Thu, 27 Aug 2020 02:52:34 +0000
Labels: app.kubernetes.io/instance=postgresql
app.kubernetes.io/managed-by=Helm
app.kubernetes.io/name=postgresql
controller-revision-hash=postgresql-postgresql-d64999946
helm.sh/chart=postgresql-9.3.2
role=master
statefulset.kubernetes.io/pod-name=postgresql-postgresql-0
Annotations: <none>
Status: Pending
IP: 10.42.3.9
IPs:
IP: 10.42.3.9
Controlled By: StatefulSet/postgresql-postgresql
Init Containers:
init-chmod-data:
Container ID: containerd://148c5695f56419fce24a7cfc9eb236531b7e9cf331339cbf898c8c2071420c1a
Image: docker.io/bitnami/minideb:buster
Image ID: docker.io/bitnami/minideb@sha256:8a773f4021425654cbb6e31176098632370d1c7eac221cef643476e10d5a3af2
Port: <none>
Host Port: <none>
Command:
/bin/sh
-cx
mkdir -p /mnt/ssd/keycloak-ps/data
chmod 700 /mnt/ssd/keycloak-ps/data
find /mnt/ssd/keycloak-ps -mindepth 1 -maxdepth 1 -not -name "conf" -not -name ".snapshot" -not -name "lost+found" | \
xargs chown -R 1001:1001
chmod -R 777 /dev/shm
State: Waiting
Reason: CrashLoopBackOff
Last State: Terminated
Reason: Error
Exit Code: 1
Started: Thu, 27 Aug 2020 02:52:39 +0000
Finished: Thu, 27 Aug 2020 02:52:39 +0000
Ready: False
Restart Count: 1
Requests:
cpu: 250m
memory: 256Mi
Environment: <none>
Mounts:
/dev/shm from dshm (rw)
/mnt/ssd/keycloak-ps from data (rw)
/var/run/secrets/kubernetes.io/serviceaccount from default-token-j9xws (ro)
Containers:
postgresql:
Container ID:
Image: docker.io/postgres:9.6.19
Image ID:
Port: 5432/TCP
Host Port: 0/TCP
State: Waiting
Reason: PodInitializing
Ready: False
Restart Count: 0
Requests:
cpu: 250m
memory: 256Mi
Liveness: exec [/bin/sh -c exec pg_isready -U "keycloak" -d "dbname=keycloak" -h 127.0.0.1 -p 5432] delay=30s timeout=5s period=10s #success=1 #failure=6
Readiness: exec [/bin/sh -c -e exec pg_isready -U "keycloak" -d "dbname=keycloak" -h 127.0.0.1 -p 5432
] delay=5s timeout=5s period=10s #success=1 #failure=6
Environment:
BITNAMI_DEBUG: true
POSTGRESQL_PORT_NUMBER: 5432
POSTGRESQL_VOLUME_DIR: /mnt/ssd/keycloak-ps
PGDATA: /data/pgdata
POSTGRES_USER: keycloak
POSTGRES_PASSWORD: <set to the key 'postgresql-password' in secret 'postgresql'> Optional: false
POSTGRES_DB: keycloak
POSTGRESQL_ENABLE_LDAP: no
POSTGRESQL_ENABLE_TLS: no
Mounts:
/dev/shm from dshm (rw)
/mnt/ssd/keycloak-ps from data (rw)
/var/run/secrets/kubernetes.io/serviceaccount from default-token-j9xws (ro)
Conditions:
Type Status
Initialized False
Ready False
ContainersReady False
PodScheduled True
Volumes:
dshm:
Type: EmptyDir (a temporary directory that shares a pod's lifetime)
Medium: Memory
SizeLimit: 1Gi
data:
Type: PersistentVolumeClaim (a reference to a PersistentVolumeClaim in the same namespace)
ClaimName: keycloak-ssd
ReadOnly: false
default-token-j9xws:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-j9xws
Optional: false
QoS Class: Burstable
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s
node.kubernetes.io/unreachable:NoExecute for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled <unknown> default-scheduler Successfully assigned security/postgresql-postgresql-0 to k8s-slave-02
Warning BackOff 15s (x2 over 16s) kubelet, k8s-slave-02 Back-off restarting failed container
Normal Pulling 3s (x3 over 21s) kubelet, k8s-slave-02 Pulling image "docker.io/bitnami/minideb:buster"
Normal Pulled 1s (x3 over 19s) kubelet, k8s-slave-02 Successfully pulled image "docker.io/bitnami/minideb:buster"
Normal Created 1s (x3 over 19s) kubelet, k8s-slave-02 Created container init-chmod-data
Normal Started 1s (x3 over 19s) kubelet, k8s-slave-02 Started container init-chmod-data
OK, I found one of the problem , as I'm using raspberry pi, i had wrong minideb image, so now my command looks like this (notem now I'm playing only with postgresql):
helm install postgresql \
--set image.registry=docker.io,\
image.repository=postgres,\
image.tag="9.6.19",\
postgresqlDatabase=keycloak,\
postgresqlUsername=keycloak,\
postgresqlPassword=keycloak,\
persistence.enabled=true,\
persistence.existingClaim=keycloak-ssd,\
persistence.mountPath=/mnt/ssd/keycloak-ps,\
postgresqlDataDir=/data/pgdata,\
persistence.accessModes=ReadWriteOnce,\
persistence.size="2Gi",\
volumePermissions.enabled=true,\
volumePermissions.image.repository=yeoncomi/minideb-armv7l,\
volumePermissions.image.tag="latest",\
securityContext.fsGroup=1000,\
securityContext.runAsUser=1000 \
bitnami/postgresql \
--namespace security
General logs
keycloak $ kubectl logs postgresql-postgresql-0 -n security
mkdir: cannot create directory ‘/data’: Permission denied
Init Chmod data logs
keycloak $ kubectl logs postgresql-postgresql-0 init-chmod-data -n security
+ mkdir -p /mnt/ssd/keycloak-ps/data
+ chmod 700 /mnt/ssd/keycloak-ps/data
+ find /mnt/ssd/keycloak-ps -mindepth 1 -maxdepth 1 -not -name conf -not -name .snapshot -not -name lost+found
+ xargs chown -R 1000:1000
+ chmod -R 777 /dev/shm
Pod Describe
keycloak $ kubectl describe pod postgresql-postgresql-0 -n security
Name: postgresql-postgresql-0
Namespace: security
Priority: 0
Node: k8s-slave-02/192.168.0.22
Start Time: Thu, 27 Aug 2020 03:25:54 +0000
Labels: app.kubernetes.io/instance=postgresql
app.kubernetes.io/managed-by=Helm
app.kubernetes.io/name=postgresql
controller-revision-hash=postgresql-postgresql-69bb5b6484
helm.sh/chart=postgresql-9.3.2
role=master
statefulset.kubernetes.io/pod-name=postgresql-postgresql-0
Annotations: <none>
Status: Running
IP: 10.42.3.12
IPs:
IP: 10.42.3.12
Controlled By: StatefulSet/postgresql-postgresql
Init Containers:
init-chmod-data:
Container ID: containerd://bb16f3d03840c33a3d73a6386ce2964cc1cbf3c053e2842cb5249c1551c165c4
Image: docker.io/yeoncomi/minideb-armv7l:latest
Image ID: docker.io/yeoncomi/minideb-armv7l@sha256:1d346e37ca721958c44ec7557b16e7fa0554003a4dfd7659c8f642728ae895c3
Port: <none>
Host Port: <none>
Command:
/bin/sh
-cx
mkdir -p /mnt/ssd/keycloak-ps/data
chmod 700 /mnt/ssd/keycloak-ps/data
find /mnt/ssd/keycloak-ps -mindepth 1 -maxdepth 1 -not -name "conf" -not -name ".snapshot" -not -name "lost+found" | \
xargs chown -R 1000:1000
chmod -R 777 /dev/shm
State: Terminated
Reason: Completed
Exit Code: 0
Started: Thu, 27 Aug 2020 03:26:53 +0000
Finished: Thu, 27 Aug 2020 03:26:53 +0000
Ready: True
Restart Count: 0
Requests:
cpu: 250m
memory: 256Mi
Environment: <none>
Mounts:
/dev/shm from dshm (rw)
/mnt/ssd/keycloak-ps from data (rw)
/var/run/secrets/kubernetes.io/serviceaccount from default-token-j9xws (ro)
Containers:
postgresql:
Container ID: containerd://cb141ade3b73985dfd570ef10ac1d786a3379e9faa79fe7de4c806be99504da6
Image: docker.io/postgres:9.6.19
Image ID: docker.io/library/postgres@sha256:9aa0b86ae3be8de6f922441b913e8914e840c652b6880a642f42f98f5e2aaeaf
Port: 5432/TCP
Host Port: 0/TCP
State: Waiting
Reason: CrashLoopBackOff
Last State: Terminated
Reason: Error
Exit Code: 1
Started: Thu, 27 Aug 2020 03:33:31 +0000
Finished: Thu, 27 Aug 2020 03:33:31 +0000
Ready: False
Restart Count: 6
Requests:
cpu: 250m
memory: 256Mi
Liveness: exec [/bin/sh -c exec pg_isready -U "keycloak" -d "dbname=keycloak" -h 127.0.0.1 -p 5432] delay=30s timeout=5s period=10s #success=1 #failure=6
Readiness: exec [/bin/sh -c -e exec pg_isready -U "keycloak" -d "dbname=keycloak" -h 127.0.0.1 -p 5432
] delay=5s timeout=5s period=10s #success=1 #failure=6
Environment:
BITNAMI_DEBUG: false
POSTGRESQL_PORT_NUMBER: 5432
POSTGRESQL_VOLUME_DIR: /mnt/ssd/keycloak-ps
PGDATA: /data/pgdata
POSTGRES_USER: keycloak
POSTGRES_PASSWORD: <set to the key 'postgresql-password' in secret 'postgresql'> Optional: false
POSTGRES_DB: keycloak
POSTGRESQL_ENABLE_LDAP: no
POSTGRESQL_ENABLE_TLS: no
Mounts:
/dev/shm from dshm (rw)
/mnt/ssd/keycloak-ps from data (rw)
/var/run/secrets/kubernetes.io/serviceaccount from default-token-j9xws (ro)
Conditions:
Type Status
Initialized True
Ready False
ContainersReady False
PodScheduled True
Volumes:
dshm:
Type: EmptyDir (a temporary directory that shares a pod's lifetime)
Medium: Memory
SizeLimit: 1Gi
data:
Type: PersistentVolumeClaim (a reference to a PersistentVolumeClaim in the same namespace)
ClaimName: keycloak-ssd
ReadOnly: false
default-token-j9xws:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-j9xws
Optional: false
QoS Class: Burstable
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s
node.kubernetes.io/unreachable:NoExecute for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled <unknown> default-scheduler Successfully assigned security/postgresql-postgresql-0 to k8s-slave-02
Normal Pulling 7m53s kubelet, k8s-slave-02 Pulling image "docker.io/yeoncomi/minideb-armv7l:latest"
Normal Pulled 7m kubelet, k8s-slave-02 Successfully pulled image "docker.io/yeoncomi/minideb-armv7l:latest"
Normal Created 6m56s kubelet, k8s-slave-02 Created container init-chmod-data
Normal Started 6m56s kubelet, k8s-slave-02 Started container init-chmod-data
Normal Pulling 6m55s kubelet, k8s-slave-02 Pulling image "docker.io/postgres:9.6.19"
Normal Pulled 6m24s kubelet, k8s-slave-02 Successfully pulled image "docker.io/postgres:9.6.19"
Normal Pulled 5m23s (x3 over 6m20s) kubelet, k8s-slave-02 Container image "docker.io/postgres:9.6.19" already present on machine
Normal Created 5m23s (x4 over 6m20s) kubelet, k8s-slave-02 Created container postgresql
Normal Started 5m22s (x4 over 6m20s) kubelet, k8s-slave-02 Started container postgresql
Warning BackOff 2m49s (x20 over 6m19s) kubelet, k8s-slave-02 Back-off restarting failed container
OK, I solved the problem, so deployment looks like:
helm install postgresql \
--set image.registry=docker.io,\
image.repository=postgres,\
image.tag="9.6.19",\
postgresqlDatabase=keycloak,\
postgresqlUsername=keycloak,\
postgresqlPassword=keycloak,\
persistence.enabled=true,\
persistence.existingClaim=keycloak-ssd,\
persistence.mountPath=/data,\
postgresqlDataDir=/data/pgdata,\
persistence.accessModes=ReadWriteOnce,\
persistence.size="2Gi",\
volumePermissions.enabled=true,\
volumePermissions.image.repository=yeoncomi/minideb-armv7l,\
volumePermissions.image.tag="latest",\
securityContext.fsGroup=1000,\
securityContext.runAsUser=1000 \
bitnami/postgresql \
--namespace security
Hi,
Good to know that it was solved. If you come across other issues, do not hesitate to open a new ticket :)
This Issue has been automatically marked as "stale" because it has not had recent activity (for 15 days). It will be closed if no further activity occurs. Thanks for the feedback.
Due to the lack of activity in the last 5 days since it was marked as "stale", we proceed to close this Issue. Do not hesitate to reopen it later if necessary.
Which chart: postgresql-9.1.1
Describe the bug I'm creating o K3S homelab cluster on Raspberry PI and I want to install Keycloak from codecentric and the dependency is PostgresSQL from bitnami. Unfortunatelly deployment fails withpostgresql deployment - CrashLoopBackOff and I can't deploy keycloak.
To Reproduce Steps to reproduce the behavior:
Expected behavior Sucessfully deploy Postgresql using existing PV and PVC
Version of Helm and Kubernetes:
helm version
:kubectl version
:Name Space creation
Persistent Volume YAML
Ownership of location
PV and PVC Status
Keycloak Values Yaml
Describe Pod
Pod Logs