Open rohanarora opened 2 years ago
To resolve this, use one of the following storage classes instead of the default ibmc-file-bronze
:
gid file storage class
Documentation hereblock storage class
Documentation hereWhen using gid storage class
one needs to set securityContext.fsGroup
. The following is an example of a custom resource YAML to be used on IKS:
# Based on https://github.com/turbonomic/t8c-install/blob/master/operator/deploy/crds/charts_v1alpha1_xl_cr.yaml
apiVersion: charts.helm.k8s.io/v1
kind: Xl
metadata:
name: xl-release
spec:
global:
repository: turbonomic
tag: 8.4.5
storageClassName: ibmc-file-bronze-gid
securityContext:
fsGroup: 65531
The value 65531
is the default group ID for the following storage classes:
ibmc-file-bronze-gid
ibmc-file-silver-gid
ibmc-file-gold-gid
Block storage classes do not need n securityContext.fsGroup
to be set.
hi @rohanarora I ran into the same issue a while ago, but in my case I followed the IBM documentation at https://cloud.ibm.com/docs/containers?topic=containers-cs_storage_nonroot and used the
spec:
global:
storageClassName: ibmc-file-bronze-gid
securityContext:
fsGroup: 65531
configuration in the custom resource
Thanks @esara. Yes and that is what I documented in a way via the comment here
sorry, I was reading the original question only
Aha. I see. No problem at all. Wondering if this has a home in the Wiki or we could leave it here as well. Feel free to close this issue. Thank you both, @esara and @evat-pm!
While setting up Turbonomic on IKS one may witness a few Turbonomic pods reporting CrashloopBackOff, logging the following lines as an example:
This is because the default storage class for IKS is
ibmc-file-bronze
that does not allow other non-root users to write to the mounted storage