Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Running zookeeper container as 1010 user #125

Open
amrit-35 opened this issue Sep 8, 2021 · 1 comment
Open

Running zookeeper container as 1010 user #125

amrit-35 opened this issue Sep 8, 2021 · 1 comment

Comments

@amrit-35
Copy link

amrit-35 commented Sep 8, 2021

I am trying to run the zookeeper:latest container in kubernates as 1010 user, using the following statefulset.yaml

apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: zookeeper
  namespace: default
spec:
  podManagementPolicy: Parallel
  replicas: 1
  selector:
    matchLabels:
      app: zookeeper
  serviceName: zookeeper-headless
  template:
    metadata:
      labels:
        app: zookeeper
      name: zookeeper
    spec:
      containers:
      - command:
        - bash
        - -ec
        - |
          ORD=$(echo `hostname -s` | sed 's/[^0-9]//g')
          export ZOO_MY_ID=$((ORD + 1 ))
          /docker-entrypoint.sh
          zkServer.sh start-foreground
        env:
        - name: ALLOW_ANONYMOUS_LOGIN
          value: "yes"
        - name: ZOO_SERVERS
          value: server.1=zookeeper-0.zookeeper-headless.default.svc.cluster.local:2888:3888;2181
        - name: ZOO_4LW_COMMANDS_WHITELIST
          value: srvr, mntr, ruok
        image: zookeeper
        imagePullPolicy: IfNotPresent
        livenessProbe:
          exec:
            command:
            - /bin/bash
            - -c
            - echo "ruok" | timeout 2 nc -w 2 localhost 2181 | grep imok
          failureThreshold: 6
          initialDelaySeconds: 30
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 5
        name: zookeeper
        ports:
        - containerPort: 2181
          name: client
          protocol: TCP
        - containerPort: 2888
          name: follower
          protocol: TCP
        - containerPort: 3888
          name: election
          protocol: TCP
        readinessProbe:
          exec:
            command:
            - /bin/bash
            - -c
            - echo "ruok" | timeout 2 nc -w 2 localhost 2181 | grep imok
          failureThreshold: 6
          initialDelaySeconds: 5
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 5
        resources:
          limits:
            memory: 1Gi
          requests:
            cpu: 10m
            memory: 1Gi
      restartPolicy: Always
      securityContext:
        fsGroup: 1010
        runAsGroup: 1010
        runAsUser: 1010

Expected behavior

start the zookeeper as 1010 user, user 1000 seems to work perfectly fine.

Actual behavior

Fails to start with following error

/docker-entrypoint.sh: line 43: /conf/zoo.cfg: Permission denied

Steps to reproduce the behavior

use the above yaml to and deploy in any k8s cluster

System configuration

windows 10
any k8s cluster
@wood-j
Copy link

wood-j commented Sep 21, 2022

same issue in zookeeper:3.7.0 arm64

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@wood-j @amrit-35 and others