Hi,
I tried to deploy the fdb operator v0.31.1 with the foundationdb image pulled in by the GitHub script in my locally defined OCP 4.7 env. using the deployment.yaml from the GitHub as is. I can deploy the cluster and all pods are running. Due to the setup in my env., I have to modify the runes/fsgroup to match my namespace allowed range which is in the 100xxxxx range. What I found is even though all pods are up and running, the DB is not up due to the fdbserver cannot start. Further examination show that the user for running the fdb pods cannot write to the /tmp or the mounted /var/fdb/data where the processID suppose to be created. I have tried to add the security context to the deployment.yaml and also tried to set readOnlyRootFilesystem to false but those attempts have not result in a writeable /tmp nor /var/fdb/data.
Here is the security context I added to the deployment.yaml:
securityContext:
allowPrivilegeEscalation: false
privileged: false
readOnlyRootFilesystem: true
volumeMounts:
- mountPath: /tmp
name: tmp
- mountPath: /var/log/fdb
name: logs
- mountPath: /var/fdb/data
name: data
- mountPath: /var/testfdb
name: testfdb
securityContext:
#fsGroup: 4059
#runAsGroup: 4059
#runAsUser: 4059
serviceAccountName: fdb-kubernetes-operator-controller-manager
terminationGracePeriodSeconds: 10
volumes:
- emptyDir: {}
name: tmp
- emptyDir: {}
name: logs
- emptyDir: {}
name: data
- emptyDir: {}
name: testfdb
Any help on this would be appreciated to make the user that run fdbmonitor/fdbserver can create a file in /var/fdb/data which is mounted.