confluentinc / kafka-images

Confluent Docker images for Apache Kafka
Apache License 2.0
30 stars 137 forks source link

kafkanb_zookeeper Permission denied: '/var/lib/zookeeper/data/myid' #213

Open troyhectorbcx opened 1 year ago

troyhectorbcx commented 1 year ago

I have been struggling with an issue for a few months now deploying a single node kafkanb_broker, kafkanb_zookeeper and kafkanb_schema_registry.

While following the deployment guide from XORUX to enable northbound streaming from Brocade SANnav to STOR2RRD Storage and SAN monitoring tool, I ran into Permission denied errors for user: appuser.

kafkanb_zookeeper logs

===> User
uid=1000(appuser) gid=1000(appuser) groups=1000(appuser)
===> Configuring ...
[Errno 13] Permission denied: '/var/lib/zookeeper/data/myid'
Command [/usr/local/bin/dub template /etc/confluent/docker/myid.template /var/lib/zookeeper/data/myid] FAILED !

From what I've read, the fix is to login via root and change the folder permissions but am unable to do so as the container simply keeps restarting. I see this has been coming on since to the log4j permission changes to the images and I'm not sure if it has been resolved in the latest docker hub image confluentinc/cp-zookeeper:latest.

Any guidance will be appreciated.

insoo67park commented 1 year ago

I also have same problem in my k8s cluster. Is there anyone solve this problem?

jaredbarranco commented 1 year ago

I have the same issue. No fix found online. I've attempted to update images to latest, reinstall docker desktop, user root user to start the cluster (user: 0:0).

Unsure where to look next

jaredbarranco commented 1 year ago

Update: I found that inside the repository that held the container resources (mounted into the container filesystem) had folder permissions changed at some point.

I could not make modifications as the host on those files/folders. So I blew away the repository, recloned, and the cluster stood up without errors. I would recommend checking all host paths that you are mounting for ownership anomalies @troyhectorbcx @insoo67park

measerv commented 9 months ago

Just add "runAsUser: 0" for "securityContext" in your yaml file.