Невозможно запустить OpenDistro для Elastic в kubernetes как ошибка без полномочий root-super - PullRequest
1 голос
/ 17 мая 2019

Я настраиваю OpenDistro для Elastic в Kubernetes.В кластере предусмотрена защита модулей, которая не позволяет использовать привилегированные модули.Когда я запускал кластер, журналы указывали на проблему с правами доступа /usr/share/supervisor/supervisord.log

У меня установлен securityContext при развертывании

securityContext:
  runAsUser: 1000
  fsGroup: 1000
``

The error message from kubectl logs es-master-0 is
```/usr/share/elasticsearch/config/elasticsearch.yml seems to be already configured for Security. Quit.
Traceback (most recent call last):
  File "/usr/bin/supervisord", line 9, in <module>
    load_entry_point('supervisor==4.0.2', 'console_scripts', 'supervisord')()
  File "/usr/lib/python2.7/site-packages/supervisor-4.0.2-py2.7.egg/supervisor/supervisord.py", line 358, in main
    go(options)
  File "/usr/lib/python2.7/site-packages/supervisor-4.0.2-py2.7.egg/supervisor/supervisord.py", line 368, in go
    d.main()
  File "/usr/lib/python2.7/site-packages/supervisor-4.0.2-py2.7.egg/supervisor/supervisord.py", line 70, in main
    self.options.make_logger()
  File "/usr/lib/python2.7/site-packages/supervisor-4.0.2-py2.7.egg/supervisor/options.py", line 1472, in make_logger
    backups=self.logfile_backups,
  File "/usr/lib/python2.7/site-packages/supervisor-4.0.2-py2.7.egg/supervisor/loggers.py", line 417, in handle_file
    handler = RotatingFileHandler(filename, 'a', maxbytes, backups)
  File "/usr/lib/python2.7/site-packages/supervisor-4.0.2-py2.7.egg/supervisor/loggers.py", line 212, in __init__
    FileHandler.__init__(self, filename, mode)
  File "/usr/lib/python2.7/site-packages/supervisor-4.0.2-py2.7.egg/supervisor/loggers.py", line 159, in __init__
    self.stream = open(filename, mode)
IOError: [Errno 13] Permission denied: '/usr/share/supervisor/supervisord.log'
...