@buitcj Nice summary.
The only bit I dont get is how the owner of the .attach_pid* file, when created in the logs directory, gets set to 50017. Which settings are this? The JVM is still running as 500, and you have fsGroup set to 50017, but there must be an additional settings somewhere else to result in:
I’ve no k8s to hand, but chatGPT suggests this sort of thing might be at play::
aws efs create-access-point \
--file-system-id fs-12345 \
--posix-user Uid=50017,Gid=50017 \
--root-directory "Path=/var/log/app,CreationInfo={OwnerUid=50017,OwnerGid=50017,Permissions=770}"
with
spec:
...
storageClassName: efs-sc
csi:
driver: efs.csi.aws.com
volumeHandle: fs-12345::fsap-12345
?