-
Notifications
You must be signed in to change notification settings - Fork 447
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Artifactory not starting (OpenShift) #1938
Comments
Hi @jkdev2, this seems to be failing because openshift created a read-only filesystem for the pods.
Will you please confirm if you followed the instructions here? |
Yes, I've used the OpenShift instructions to set this up. I ran some tests with different context options, and since the typical "anyuid" permission errors are no longer appearing, I think this setup is fine. The chmod errors also make sense in my opinion because those folders belong to the "artifactory" user. Given that we are using a random user in OpenShift, I think this behavior is expected.
folders in e.g. /opt/jfrog/artifactory/var/ belong to the random user
|
The router also says that it cannot join using the access endpoint It kind of feels like a chicken-and-egg problem. The router needs the access endpoint 8040 to join and access somehow needs the router to register via port 8046. Here is the log from router:
|
Can you confirm if a read-only security constraint is being enforced in your cluster? Can you also share access logs? |
The PVC is mounted with Read/write. The access log is provided above in the first post. Here is the Pod-Description, maybe it helps:
|
Just saw there is a OOMKilled error in the access-container. I think fixed this in a previous attempt, but I'll let you know if the problem is still there. |
The access-container keeps restarting. It's not quite clear what is the root-cause for the restarts. Do you think it is the System.yaml validation failed error?
|
This is only for artifactory/var directories, not the app ones. Can you make sure that there's no SecurityContextConstraints that could pose a problem? The system.yaml validation error can be ignored. |
We have the following SCC constraints. As far as I see there is no real blocker with read-only settings
|
for me it is permission denied error in the nginx and could not create service home mkdir permission denied in artifactory-0 container. we enabled anyuid and disabled pod and container context as false as per install document. Still same issue. |
Is this a request for help?: yes
Is this a BUG REPORT or FEATURE REQUEST? (choose one): BUG REPORT
Version of Helm and Kubernetes: helm 3.16.2, RKE2 kubernetes 1.26.15
Which chart: artifactory-oss
Which product license (Enterprise/Pro/oss): oss
JFrog support reference (if already raised with support team): -
What happened: We are running the chart on OpenShift. The application is always restarting and I could't identify the main issue why the application doesn't start.
I tried to keep the configuration as default as possible. It's a fresh installation. Here is the log from access and artifactory container:
access:
artifactory:
What you expected to happen: artifactory starts.
How to reproduce it (as minimally and precisely as possible):
helm upgrade --install artifactory --version 107.98.8 jfrog/artifactory-oss -f values.yaml
values.yaml:
I've also the complete combined log of all containers attatched combined_logs5.log
The text was updated successfully, but these errors were encountered: