Question

Setting access rights on Kubernetes volume for Elasticsearch

I’m working on deploying Elasticsearch to a DO Kubernetes cluster. To persist the data I’ve created a PersitentVolumeClaim that I have made available to the pod running Elasticsearch. Problem is that Elasticsearch fails to start with a Access Denied error on the data mount.

Elasticsearch does not run as root. Instead it runs as user and group 1000. So for it to have access to the data volume the user 1000 has to be given access rights on the volume.

PeristentVolumes have an annotation pv.beta.kubernetes.io/gid: "1000" that can normally be used. However with the DO implementation of Kubernetes only a PVC is created and not a PersistentVolume and a PVC.

How to proceed and give the user 1000 read-write access to the PVC?


Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

Hey friend!

Try to chown the mount directory to the user. For safety, go ahead and make it recursive. So if user 1000 is “user1” and the mount it “/mnt” then it would be like:

chown -R user1. /mnt

Jarland