Charts: [stable/grafana] Crash-looping with volume permission denied on fresh install

Created on 18 May 2018  路  2Comments  路  Source: helm/charts

Is this a BUG REPORT or FEATURE REQUEST? (choose one): BUG REPORT

Version of Helm and Kubernetes:

$ kubectl version
Server Version: version.Info{Major:"1", Minor:"10", GitVersion:"v1.10.1", GitCommit:"d4ab47518836c750f9949b9e0d387f20fb92260b", GitTreeState:"clean", BuildDate:"2018-04-12T14:14:26Z", GoVersion:"go1.9.3", Compiler:"gc", Platform:"linux/amd64"}
$ helm version
Client: &version.Version{SemVer:"v2.9.0", GitCommit:"f6025bb9ee7daf9fee0026541c90a6f557a3e0bc", GitTreeState:"clean"}
Server: &version.Version{SemVer:"v2.9.0", GitCommit:"f6025bb9ee7daf9fee0026541c90a6f557a3e0bc", GitTreeState:"clean"}

Which chart: stable/grafana

What happened:
I installed the chart for the first time using the following command:

helm install stable/grafana --name grafana --namespace monitoring --values grafana-dev.yaml

And the content of the grafana-dev.yaml:

ingress:
  enabled: true
  hosts:
  - grafana.example.com
persistence:
  enabled: true
  size: 1Gi
  accessModes:
  - ReadWriteOnce
env:
  GF_SERVER_DOMAIN: grafana.example.com
  GF_SERVER_ROOT_URL: https://grafana.example.com
envFromSecret: "grafana-secret"
rbac:
  create: false

The chart installs without problems, but the grafana pod crash-loops, here are the logs from the container:

GF_PATHS_DATA='/var/lib/grafana' is not writable.
You may have issues with file permissions, more information here: http://docs.grafana.org/installation/docker/#migration-from-a-previous-version-of-the-docker-container-to-5-1-or-later
mkdir: cannot create directory '/var/lib/grafana/plugins': Permission denied

What you expected to happen:
I expected the grafana pod to not crash-loop, and launch correctly.

How to reproduce it (as minimally and precisely as possible):
Run the command mentioned in the "What happened?" section. Fetch the logs from the container.

picture FrederikNS
👍18

Most helpful comment

Workaround to fix ownership of the persistent volume contents:

kubectl create --filename=- <<'EOF'
apiVersion: batch/v1
kind: Job
metadata: {name: grafana-chown}
spec:
  template:
    spec:
      restartPolicy: Never
      containers:
      - name: grafana-chown
        command: [chown, -R, "472:472", /var/lib/grafana]
        image: busybox:latest
        volumeMounts:
        - {name: storage, mountPath: /var/lib/grafana}
      volumes:
      - name: storage
        persistentVolumeClaim:
          claimName: grafana
EOF

(This will be unnecessary once #5576 is merged and released).

picture xmartinez on 8 Jun 2018
👍3

All 2 comments

It seems like #5386 upgraded Grafana to 5.1.2, which uses a different uid for running Grafana, which is also mentioned here: #5576

Actually it seems that they are aware of the problem.

FrederikNS picture FrederikNS on 18 May 2018

Workaround to fix ownership of the persistent volume contents:

kubectl create --filename=- <<'EOF'
apiVersion: batch/v1
kind: Job
metadata: {name: grafana-chown}
spec:
  template:
    spec:
      restartPolicy: Never
      containers:
      - name: grafana-chown
        command: [chown, -R, "472:472", /var/lib/grafana]
        image: busybox:latest
        volumeMounts:
        - {name: storage, mountPath: /var/lib/grafana}
      volumes:
      - name: storage
        persistentVolumeClaim:
          claimName: grafana
EOF

(This will be unnecessary once #5576 is merged and released).

xmartinez picture xmartinez on 8 Jun 2018
👍3
Was this page helpful?
0 / 5 - 0 ratings

Related issues

tyg03485 picture tyg03485  路  3Comments
kminehart picture kminehart  路  3Comments
paskal picture paskal  路  3Comments
ChrisCooney picture ChrisCooney  路  3Comments
onyxet picture onyxet  路  3Comments