From 7baf2dbf669abb383b895d4fa5bb624b19d9ea63 Mon Sep 17 00:00:00 2001 From: Andreas Geissler Date: Fri, 10 Dec 2021 07:50:46 +0000 Subject: [COMMON] Changed mongo storage location to enable persistance Added initContainer to fix the permissions of the to be mounted volume and changed intent Issue-ID: OOM-2864 Signed-off-by: Andreas Geissler Change-Id: I188d7f6002405e810dd54d1043824979b4d83d42 --- kubernetes/common/mongo/templates/statefulset.yaml | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) (limited to 'kubernetes/common/mongo/templates') diff --git a/kubernetes/common/mongo/templates/statefulset.yaml b/kubernetes/common/mongo/templates/statefulset.yaml index 11602054e8..e156db27db 100644 --- a/kubernetes/common/mongo/templates/statefulset.yaml +++ b/kubernetes/common/mongo/templates/statefulset.yaml @@ -39,6 +39,23 @@ spec: {{ include "common.podSecurityContext" . | indent 6 }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" + initContainers: + # we shouldn't need this but for unknown reason, it's fsGroup is not + # applied + - name: fix-permission + command: + - /bin/sh + args: + - -c + - | + chown -R {{ .Values.securityContext.user_id }}:{{ .Values.securityContext.group_id }} /data + image: {{ include "repositoryGenerator.image.busybox" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + securityContext: + runAsUser: 0 + volumeMounts: + - name: {{ include "common.fullname" . }}-data + mountPath: /data containers: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image }} @@ -72,7 +89,7 @@ spec: periodSeconds: {{ .Values.readiness.periodSeconds }} volumeMounts: - name: {{ include "common.fullname" . }}-data - mountPath: /var/lib/mongo + mountPath: /data/db resources: {{ include "common.resources" . | nindent 12 }} {{ include "common.containerSecurityContext" . | indent 10 }} {{- if .Values.nodeSelector }} -- cgit 1.2.3-korg