Hi,
I'm trying to deploy ECK on OpenShift using Minishift.
I get the following error when I define a volume claim template according to the documentation:
"stacktrace": ["org.elasticsearch.bootstrap.StartupException: ElasticsearchException[failed to bind service]; nested: AccessDeniedException[/usr/share/elasticsearch/data/nodes];", "at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:163) ~[elasticsearch-7.12.1.jar:7.12.1]", "at org.elasticsearch.bootstrap.Elasticsearch.execute(Elasticsearch.java:150) ~[elasticsearch-7.12.1.jar:7.12.1]", "at org.elasticsearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:75) ~[elasticsearch-7.12.1.jar:7.12.1]", "at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:116) ~[elasticsearch-cli-7.12.1.jar:7.12.1]", "at org.elasticsearch.cli.Command.main(Command.java:79) ~[elasticsearch-cli-7.12.1.jar:7.12.1]", "at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:115) ~[elasticsearch-7.12.1.jar:7.12.1]", "at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:81) ~[elasticsearch-7.12.1.jar:7.12.1]", "Caused by: org.elasticsearch.ElasticsearchException: failed to bind service", "at org.elasticsearch.node.Node.<init>(Node.java:744) ~[elasticsearch-7.12.1.jar:7.12.1]", "at org.elasticsearch.node.Node.<init>(Node.java:278) ~[elasticsearch-7.12.1.jar:7.12.1]", "at org.elasticsearch.bootstrap.Bootstrap$5.<init>(Bootstrap.java:217) ~[elasticsearch-7.12.1.jar:7.12.1]", "at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:217) ~[elasticsearch-7.12.1.jar:7.12.1]", "at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:397) ~[elasticsearch-7.12.1.jar:7.12.1]", "at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:159) ~[elasticsearch-7.12.1.jar:7.12.1]", "... 6 more", "Caused by: java.nio.file.AccessDeniedException: /usr/share/elasticsearch/data/nodes", "at sun.nio.fs.UnixException.translateToIOException(UnixException.java:90) ~[?:?]", "at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:106) ~[?:?]", "at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:111) ~[?:?]", "at sun.nio.fs.UnixFileSystemProvider.createDirectory(UnixFileSystemProvider.java:396) ~[?:?]", "at java.nio.file.Files.createDirectory(Files.java:694) ~[?:?]", "at java.nio.file.Files.createAndCheckIsDirectory(Files.java:801) ~[?:?]", "at java.nio.file.Files.createDirectories(Files.java:787) ~[?:?]", "at org.elasticsearch.env.NodeEnvironment.lambda$new$0(NodeEnvironment.java:265) ~[elasticsearch-7.12.1.jar:7.12.1]", "at org.elasticsearch.env.NodeEnvironment$NodeLock.<init>(NodeEnvironment.java:202) ~[elasticsearch-7.12.1.jar:7.12.1]", "at org.elasticsearch.env.NodeEnvironment.<init>(NodeEnvironment.java:262) ~[elasticsearch-7.12.1.jar:7.12.1]", "at org.elasticsearch.node.Node.<init>(Node.java:352) ~[elasticsearch-7.12.1.jar:7.12.1]", "at org.elasticsearch.node.Node.<init>(Node.java:278) ~[elasticsearch-7.12.1.jar:7.12.1]", "at org.elasticsearch.bootstrap.Bootstrap$5.<init>(Bootstrap.java:217) ~[elasticsearch-7.12.1.jar:7.12.1]", "at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:217) ~[elasticsearch-7.12.1.jar:7.12.1]", "at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:397) ~[elasticsearch-7.12.1.jar:7.12.1]", "at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:159) ~[elasticsearch-7.12.1.jar:7.12.1]", "... 6 more"] } uncaught exception in thread [main]
For this test I don't change the default path.data, so I create a Persistent Volume with hostPath:
/usr/share/elasticsearch/data
I share the configuration for pv, pvc and ES cluster:
- Persistent Volume:
apiVersion: v1
kind: PersistentVolume
metadata:
name: pv-vol1
spec:
storageClassName: standard
accessModes:
- ReadWriteOnce
capacity:
storage: 5Gi
hostPath:
path: /usr/share/elasticsearch/data
persistentVolumeReclaimPolicy: Recycle
- Persistent Volume Claim:
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: elasticsearch-data-cluster-openshift-es-master-0
spec:
storageClassName: standard
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 3Gi
- Elasticsearch cluster config:
apiVersion: elasticsearch.k8s.elastic.co/v1
kind: Elasticsearch
metadata:
name: cluster-openshift
spec:
version: 7.12.1
nodeSets:
- name: master
count: 1
config:
node.roles: ["master", "data", "ingest", "transform"]
volumeClaimTemplates:
- metadata:
name: elasticsearch-data
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 3Gi
storageClassName: standard
---
apiVersion: route.openshift.io/v1
kind: Route
metadata:
name: cluster-openshift
spec:
#host: elasticsearch.example.com # override if you don't want to use the host that is automatically generated by OpenShift (<route-name>[-<namespace>].<suffix>)
tls:
termination: passthrough # Elasticsearch is the TLS endpoint
insecureEdgeTerminationPolicy: Redirect
to:
kind: Service
name: cluster-openshift-es-http
I want to point out that although in the file it was specified a volume claim name:
elasticsearch-data
I had to create a volume claim with the name:
elasticsearch-data-cluster-openshift-es-master-0
because this is the actual name of the one created by eck, and for the tests I've done, it's the only way to get to a running pod.
Finally I want to share another test: according to this topic , I try this config file for the Elasticsearch Cluster to manually change the permission of the data folder:
apiVersion: elasticsearch.k8s.elastic.co/v1
kind: Elasticsearch
metadata:
name: cluster-openshift
spec:
version: 7.12.1
nodeSets:
- name: master
count: 1
config:
node.roles: ["master", "data", "ingest", "transform"]
podTemplate:
spec:
containers:
- name: elasticsearch
env:
- name: path.data
value: "/usr/share/elasticsearch/data"
volumeMounts:
- name: elasticsearch-data
mountPath: /usr/share/elasticsearch/data
initContainers:
- name: chown-data-volumes
command: ["sh", "-c", "chown elasticsearch:elasticsearch /usr/share/elasticsearch/data"]
volumeClaimTemplates:
- metadata:
name: elasticsearch-data
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 3Gi
storageClassName: standard
---
apiVersion: route.openshift.io/v1
kind: Route
metadata:
name: cluster-openshift
spec:
#host: elasticsearch.example.com # override if you don't want to use the host that is automatically generated by OpenShift (<route-name>[-<namespace>].<suffix>)
tls:
termination: passthrough # Elasticsearch is the TLS endpoint
insecureEdgeTerminationPolicy: Redirect
to:
kind: Service
name: cluster-openshift-es-http
but the pod immediately goes into error after the init, showing this error:
Error from server (BadRequest): container "elasticsearch" in pod "cluster-openshift-es-master-0" is waiting to start: PodInitializing
How can I solve this issue?
Thank you in advance!
Leonardo