Point PGDATA to the root of the volume mount

[jandubois]

At least with Kubernetes 1.6 a hostPath volume mount will be owned by root and have 750 permissions.

The docker-entrypoint.sh script will try to assign ownership to the postgres user:

mkdir -p "$PGDATA"
chmod 700 "$PGDATA"
chown -R postgres "$PGDATA"

But this is insufficient if PGDATA points to a subdirectory of the mount directory since the postgres user doesn't have "execute" permission and therefore cannot reach the data directory.

[irfanhabib]

@jandubois I am not able to reproduce this issue. I suspect it is a storage provisioner issue. I'd like to know more about the environment you're using and how the storage provisioner was setup.

I have tested the helm chart against Minikube (k8s 1.6.4) and CAASP (k8s 1.5.3).

In CAASP no provisioner is available, therefore, I tested with a custom built provisioner following the instructions from https://github.com/kubernetes-incubator/external-storage/tree/master/docs/demo/hostpath-provisioner.

In a CAASP cluster with the custom hostpath provisioner, I see the following permissions, stolon-data is owned by the correct user.

# ls -l stolon-data
total 0
drwx------ 1 postgres root 490 Jul 31 14:02 postgres
# ls -l stolon-data/postgres
total 52
drwx------ 1 postgres postgres    32 Jul 31 14:02 base
drwx------ 1 postgres postgres   522 Jul 31 14:02 global
drwx------ 1 postgres postgres     8 Jul 31 14:02 pg_clog
drwx------ 1 postgres postgres     0 Jul 31 14:02 pg_dynshmem
-rw------- 1 postgres postgres  4496 Jul 31 14:02 pg_hba.conf
-rw------- 1 postgres postgres  1636 Jul 31 14:02 pg_ident.conf
drwx------ 1 postgres postgres    34 Jul 31 14:02 pg_logical
drwx------ 1 postgres postgres    28 Jul 31 14:02 pg_multixact
drwx------ 1 postgres postgres     8 Jul 31 14:02 pg_notify
drwx------ 1 postgres postgres     0 Jul 31 14:02 pg_replslot
drwx------ 1 postgres postgres     0 Jul 31 14:02 pg_serial
drwx------ 1 postgres postgres     0 Jul 31 14:02 pg_snapshots
drwx------ 1 postgres postgres     0 Jul 31 14:02 pg_stat
drwx------ 1 postgres postgres    92 Aug  1 10:08 pg_stat_tmp
drwx------ 1 postgres postgres     8 Jul 31 14:02 pg_subtrans
drwx------ 1 postgres postgres     0 Jul 31 14:02 pg_tblspc
drwx------ 1 postgres postgres     0 Jul 31 14:02 pg_twophase
-rw------- 1 postgres postgres     4 Jul 31 14:02 PG_VERSION
drwx------ 1 postgres postgres    76 Jul 31 14:02 pg_xlog
-rw------- 1 postgres postgres    88 Jul 31 14:02 postgresql.auto.conf
-rw------- 1 postgres postgres 20791 Jul 31 14:02 postgresql.conf
-rw------- 1 postgres postgres    37 Jul 31 14:02 postmaster.opts
-rw------- 1 postgres postgres    82 Jul 31 14:02 postmaster.pid

I see the same permissions when testing in Minikube using the default hostpath provisioner.

I will merge this to unblock you.