Question

Setting access rights on Kubernetes volume for Elasticsearch

Posted February 21, 2019 1.2k views
ElasticsearchKubernetes

I’m working on deploying Elasticsearch to a DO Kubernetes cluster. To persist the data I’ve created a PersitentVolumeClaim that I have made available to the pod running Elasticsearch. Problem is that Elasticsearch fails to start with a Access Denied error on the data mount.

Elasticsearch does not run as root. Instead it runs as user and group 1000. So for it to have access to the data volume the user 1000 has to be given access rights on the volume.

PeristentVolumes have an annotation pv.beta.kubernetes.io/gid: "1000" that can normally be used. However with the DO implementation of Kubernetes only a PVC is created and not a PersistentVolume and a PVC.

How to proceed and give the user 1000 read-write access to the PVC?

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer

Hey friend!

Try to chown the mount directory to the user. For safety, go ahead and make it recursive. So if user 1000 is “user1” and the mount it “/mnt” then it would be like:

chown -R user1. /mnt

Jarland

Submit an Answer