Unable to make it work in Kubernetes

pgautoupgrade / docker-pgautoupgrade

A PostgreSQL Docker container that automatically upgrades your database

https://hub.docker.com/r/pgautoupgrade/pgautoupgrade

MIT License

507 stars 18 forks source link

Unable to make it work in Kubernetes #21

Open xeruf opened 7 months ago

xeruf commented 7 months ago

Thought I could spare myself the frenzy of reproducing the configuration outside by temporarily replacing the bitnami postgresql image in my cluster by this one. But getting this error: postgres: could not look up effective user ID 1001: user does not exist

justinclift commented 7 months ago

Oh, now that's a weird error message.

It's likely coming from when these lines run:

https://github.com/pgautoupgrade/docker-pgautoupgrade/blob/430eb9290dd9aeed421ffeefdb2502b2bec28477/docker-entrypoint.sh#L491-L494

Any idea why it would be unable to look up the effective uid in your environment?

kaplan-michael commented 2 months ago

I think that is caused by the chart setting the security context similar to this.

securityContext:
  runAsUser: 1001

but the container does not have a user with uid 1001.

when you do a Dockerfile like this

FROM pgautoupgrade/pgautoupgrade:16-alpine
RUN adduser -u 1001 -G root -s /bin/sh -D pgautoupgrade

and build it, it works fine

You will then hit postgresql.conf not being present, bcs bitnami generates it on the startup into /opt/bitnami/postgresql/conf which is mounted as empty-dir(temp dir) :facepalm: and they do the same with pg_hba.conf... pg_ident.conf is surprisingly in the data dir.

justinclift commented 2 months ago

Any idea if there's something (preferably simple) we can change with our images to get it working?

Hmmm, I wonder if changing the postgres user's uid to be 1001 might help?

(note that I've just woken up and haven't had coffee yet, so that could be an obviously bad idea in 10 mins... :wink:)

kaplan-michael commented 2 months ago

Not sure yet, I gave up on it(due to the missing configs, and just went with a pg_dump) I'm not sure if you change the postgres users uid, that it won't break things?

I wonder if you just add a user with uid 1001 if it will impact something else? from my testing so far(you don't have to do USER 1001 so the container will still run as root by default, just have a user available)

bitnami themselfs don't add the user, but instead just set USER 1001 and postgres is not super happy about that either)