Container platform
OCP 4
Version
I have tried to deploy the Postgres with 15 and its failing to be able to run with volume mounts in OCP 4.7 (latest).
OS version of the container image
RHEL 8
Bugzilla, Jira
Description
I have tried the below quote blocks along with multiple other settings with various securityContext params for container & pods specs. None of them are being acceptable as they are being blocked by SecurityContextConstraints I presume default to OCP.
Also I have seen that the volumes in OCP is yet to fixed as per line 72 of Dockerfile in below link.
https://catalog.redhat.com/software/containers/rhel8/postgresql-15/63d29a05fd1c4f5552a305b3?image=678fe0ad976ab6d74f5e4074&architecture=arm64&container-tabs=dockerfile
The git issue seem not relevant as the issue mentioned in Dockerfile is already closed, so I'm lost. Also tried to use the other $HOME directory for the volume by building and then felt it to be pointless as fix-permissions script is resolving to postgres user which is running with root privilege.
Need assistance with this.
apiVersion: v1
kind: PersistentVolume
metadata:
name: postgres-pv
labels:
app: postgres
spec:
capacity:
storage: 8Gi
accessModes:
- ReadWriteOnce
persistentVolumeReclaimPolicy: Retain
storageClassName: localblock-sc
volumeMode: Filesystem
hostPath:
path: /var/lib/pgsql/data
nodeAffinity:
required:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/hostname
operator: In
values:
- dev-node-01
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: postgres-pvc
namespace: supervity
labels:
app: postgres
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 8Gi
volumeName: postgres-pv
storageClassName: localblock-sc
volumeMode: Filesystem
apiVersion: apps/v1
kind: Deployment
metadata:
name: postgres
namespace: test
labels:
app: postgres
spec:
replicas: 1
selector:
matchLabels:
app: postgres
template:
metadata:
creationTimestamp: null
labels:
app: postgres
spec:
volumes:
- name: postgres-pvc
persistentVolumeClaim:
claimName: postgres-pvc
securityContext:
fsGroup: 26
containers:
- resources: {}
terminationMessagePath: /dev/termination-log
name: container
env:
- name: POSTGRESQL_USER
value: test
- name: POSTGRESQL_PASSWORD
value: verySecureDBtestpswd
- name: POSTGRESQL_DATABASE
value: supervity
ports:
- containerPort: 5432
protocol: TCP
imagePullPolicy: IfNotPresent
volumeMounts:
- name: postgres-pvc
mountPath: /var/lib/pgsql/data
readOnly: false
terminationMessagePolicy: File
image: 'registry.redhat.io/rhel8/postgresql-15:1-90'
securityContext: {}
restartPolicy: Always
terminationGracePeriodSeconds: 30
dnsPolicy: ClusterFirst
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/hostname
operator: In
values:
- node-01
schedulerName: default-scheduler
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 25%
maxSurge: 25%
revisionHistoryLimit: 10
progressDeadlineSeconds: 600
Reproducer
No response
Container platform
OCP 4
Version
I have tried to deploy the Postgres with 15 and its failing to be able to run with volume mounts in OCP 4.7 (latest).
OS version of the container image
RHEL 8
Bugzilla, Jira
Description
I have tried the below quote blocks along with multiple other settings with various securityContext params for container & pods specs. None of them are being acceptable as they are being blocked by SecurityContextConstraints I presume default to OCP.
Also I have seen that the volumes in OCP is yet to fixed as per line 72 of Dockerfile in below link.
https://catalog.redhat.com/software/containers/rhel8/postgresql-15/63d29a05fd1c4f5552a305b3?image=678fe0ad976ab6d74f5e4074&architecture=arm64&container-tabs=dockerfile
The git issue seem not relevant as the issue mentioned in Dockerfile is already closed, so I'm lost. Also tried to use the other $HOME directory for the volume by building and then felt it to be pointless as fix-permissions script is resolving to postgres user which is running with root privilege.
Need assistance with this.
Reproducer
No response