Open jmozd opened 5 months ago
@cbosdo what do you think? It looks like this operation is failing: https://github.com/avshiliaev/uyuni/blob/master/containers/proxy-squid-image/uyuni-configure.py#L22
@cbosdo what do you think? It looks like this operation is failing: https://github.com/avshiliaev/uyuni/blob/master/containers/proxy-squid-image/uyuni-configure.py#L22
That seems to be the problem. I wonder why there is a lost+found
folder in a podman volume...
I wonder why there is a lost+found folder in a podman volume...
because Kubernetes creates a new file system on the PV - and the FS type used happens to have "lost+found"...
@cbosdo what do you think? It looks like this operation is failing: https://github.com/avshiliaev/uyuni/blob/master/containers/proxy-squid-image/uyuni-configure.py#L22
That seems to be the problem.
The actual problem is that the container is running as user "squid", and thus has no permission to access/change the content of the (fresh) PV/file system allocated for the cache, as that is belonging to user root.
still happened today with latest deployment and container image.
Problem description
When starting the containerized version of the proxy in a Kubernetes environment, multiple PVs are created and attached to the single proxy pod. One of the PVs is used by the Squid container, mounted as /var/cache/squid. Per the default configuration, the mounted file system is owned by user root, while the container (or rather the processes started in the container) runs as user "squid". Therefore, during container startup, changing ownership of the cache directory fails.
Steps to reproduce
helm install uyuni-proxy oci://registry.opensuse.org/uyuni/proxy-helm -f uyuni/config.yaml -f uyuni/httpd.yaml -f uyuni/ssh.yaml --set ingress=nginx
2.Check the logs of the Proxy pod's "squid" containerUyuni version
Uyuni proxy version (if used)
Useful logs
Additional information
Adding a side-car container running as user root and then manually changing ownership of the (root directory of the) mounted FS let's the container start up correctly.