Skip to content

Commit

Permalink
Add option to disable initContainer chown update (#102)
Browse files Browse the repository at this point in the history
* Add option to disable initContainer chown update

Signed-off-by: Aaron Layfield <[email protected]>

* True default, not false.

Signed-off-by: Aaron Layfield <[email protected]>

* Remove trailing spaces

Signed-off-by: Aaron Layfield <[email protected]>

* Updating CHANGELOG and README

Signed-off-by: Aaron Layfield <[email protected]>
  • Loading branch information
DandyDeveloper authored Oct 28, 2021
1 parent 9c407b9 commit 2565fb1
Show file tree
Hide file tree
Showing 5 changed files with 19 additions and 2 deletions.
14 changes: 14 additions & 0 deletions charts/opensearch/CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,11 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
### Fixed
### Security

---
## [1.2.3]
### Added
- Support to disable the initContainer `fsgroup-volume` for chown updates.

---
## [1.2.2]
### Added
Expand All @@ -21,6 +26,15 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
### Removed
### Fixed
- [Issue #105](https://github.com/opensearch-project/helm-charts/issues/105) OpenSearch chart fails when RBAC is enabled.
### Security

---
## [1.2.1]
### Added
### Changed
### Deprecated
### Removed
### Fixed
- Missing `labels` key is added into role.yaml.
### Security

Expand Down
2 changes: 1 addition & 1 deletion charts/opensearch/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 1.2.2
version: 1.2.3

# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
Expand Down
1 change: 1 addition & 0 deletions charts/opensearch/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -70,6 +70,7 @@ helm uninstall my-release
| `nodeGroup` | This is the name that will be used for each group of nodes in the cluster. The name will be `clusterName-nodeGroup-X` , `nameOverride-nodeGroup-X` if a `nameOverride` is specified, and `fullnameOverride-X` if a `fullnameOverride` is specified | `master` |
| `nodeSelector` | Configurable [nodeSelector][] so that you can target specific nodes for your OpenSearch cluster | `{}` |
| `persistence` | Enables a persistent volume for OpenSearch data. | see [values.yaml][] |
| `persistence.enableInitChown` | Disable the `fsgroup-volume` initContainer that will update permissions on the persistent disk. | `true` |
| `podAnnotations` | Configurable [annotations][] applied to all OpenSearch pods | `{}` |
| `podManagementPolicy` | By default Kubernetes [deploys StatefulSets serially][]. This deploys them in parallel so that they can discover each other | `Parallel` |
| `podSecurityContext` | Allows you to set the [securityContext][] for the pod | see [values.yaml][] |
Expand Down
2 changes: 1 addition & 1 deletion charts/opensearch/templates/statefulset.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -211,7 +211,7 @@ spec:
{{- end }}
{{- if or (.Values.extraInitContainers) (.Values.keystore) (.Values.persistence.enabled) }}
initContainers:
{{- if .Values.persistence.enabled }}
{{- if and .Values.persistence.enabled .Values.persistence.enableInitChown }}
- name: fsgroup-volume
image: "{{ template "opensearch.dockerRegistry" . }}busybox:latest"
command: ['sh', '-c']
Expand Down
2 changes: 2 additions & 0 deletions charts/opensearch/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -171,6 +171,8 @@ podSecurityPolicy:

persistence:
enabled: true
# Set to false to disable the `fsgroup-volume` initContainer that will update permissions on the persistent disk.
enableInitChown: true
labels:
# Add default labels for the volumeClaimTemplate of the StatefulSet
enabled: false
Expand Down

0 comments on commit 2565fb1

Please sign in to comment.