Mysql container not starting up on Kubernetes

Question

I was using this image to run my application in docker-compose . However, when I run the same on a Kubernetes cluster I get the error

[ERROR] Could not open file '/opt/bitnami/mysql/logs/mysqld.log' for error logging: Permission denied

Here's my deployment file

apiVersion: apps/v1
kind: Deployment
metadata:
  annotations:
    kompose.cmd: kompose convert
    kompose.version: 1.21.0 ()
  creationTimestamp: null
  labels:
    io.kompose.service: common-db
  name: common-db
spec:
  replicas: 1
  selector:
    matchLabels:
      io.kompose.service: common-db
  strategy:
    type: Recreate
  template:
    metadata:
      annotations:
        kompose.cmd: kompose convert
        kompose.version: 1.21.0 ()
      creationTimestamp: null
      labels:
        io.kompose.service: common-db
    spec:
      containers:
      - env:
        - name: ALLOW_EMPTY_PASSWORD
          value: "yes"
        - name: MYSQL_DATABASE
          value: "common-development"
        - name: MYSQL_REPLICATION_MODE
          value: "master"
        - name: MYSQL_REPLICATION_PASSWORD
          value: "repl_password"
        - name: MYSQL_REPLICATION_USER
          value: "repl_user"
        image: bitnami/mysql:5.7
        imagePullPolicy: ""
        name: common-db
        ports:
        - containerPort: 3306
        securityContext:
          runAsUser: 0
        resources:
          requests:
            memory: 512Mi
            cpu: 500m
          limits:
            memory: 512Mi
            cpu: 500m
        volumeMounts:
          - name: common-db-initdb
            mountPath: /opt/bitnami/mysql/conf/my_custom.cnf
      volumes:
        - name: common-db-initdb
          configMap:
            name: common-db-config
      serviceAccountName: ""

status: {}

The config map has the config my.cnf data. Any pointers on where I could be going wrong? Specially if the same image works in the docker-compose ?

Answer 1

Try changing the file permission using init container as in official bitnami helm chart they are also updating file permissions and managing security context.

helm chart: https://github.com/bitnami/charts/blob/master/bitnami/mysql/templates/master-statefulset.yaml

UPDATE :

 initContainers:
      - command:
        - /bin/bash
        - -ec
        - |
          chown -R 1001:1001 /bitnami/mysql
        image: docker.io/bitnami/minideb:buster
        imagePullPolicy: Always
        name: volume-permissions
        resources: {}
        securityContext:
          runAsUser: 0
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
        volumeMounts:
        - mountPath: /bitnami/mysql
          name: data
      restartPolicy: Always
      schedulerName: default-scheduler
      securityContext:
        fsGroup: 1001
        runAsUser: 1001
      serviceAccount: mysql

Answer 2

You may need to use subpath. To know details about subpath click here

volumeMounts:
  - name: common-db-initd
    mountPath: /opt/bitnami/mysql/conf/my_custom.cnf
    subPath: my_custom.cnf

Also, you can install bitnami mysql using helm chart easily.