Setting access rights on Kubernetes volume for Elasticsearch

February 21, 2019 1.1k views
Elasticsearch Kubernetes

I’m working on deploying Elasticsearch to a DO Kubernetes cluster. To persist the data I’ve created a PersitentVolumeClaim that I have made available to the pod running Elasticsearch. Problem is that Elasticsearch fails to start with a Access Denied error on the data mount.

Elasticsearch does not run as root. Instead it runs as user and group 1000. So for it to have access to the data volume the user 1000 has to be given access rights on the volume.

PeristentVolumes have an annotation pv.beta.kubernetes.io/gid: "1000" that can normally be used. However with the DO implementation of Kubernetes only a PVC is created and not a PersistentVolume and a PVC.

How to proceed and give the user 1000 read-write access to the PVC?

1 Answer

Hey friend!

Try to chown the mount directory to the user. For safety, go ahead and make it recursive. So if user 1000 is “user1” and the mount it “/mnt” then it would be like:

chown -R user1. /mnt

Jarland

Have another answer? Share your knowledge.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!