cp: can't create directory '/etc/haproxy/lua': Permission denied

[sektorhybrid]

Hello and thanks for your work on this ingress controller.

We tested with many different settings but we keep getting the following error:

• installation

helm upgrade --install -n haproxy-ingress haproxy-ingress haproxy-ingress/haproxy-ingress --version 0.12.6 -f values.yaml

• error

[root@xxxxxxxxxxxxx-01 haproxy]# kubectl -n haproxy-ingress logs haproxy-ingress-f7b8dc97f-znlq4 haproxy-ingress
cp: can't create directory '/etc/haproxy/lua': Permission denied

NAME                                               READY   STATUS             RESTARTS   AGE
haproxy-ingress-7f64d48f4b-ml24c                   0/2     CrashLoopBackOff   10         4m43s

• values.yaml

values-lab.yaml.txt

[jcmoraisjr]

Hi, thanks for reporting this. What OS are you using? Any special hardening, eg selinux enabled? Can you allow the process to create files and directories under /etc/haproxy?

[sektorhybrid]

Hi, I am using RHEL 7.7 vanilla. This cp command runs inside the docker image and the error is from the image, it didn't seem to me that it refers to /etc folder in OS host level. Adding to that, I didn't see any volumes in the config that refer to host OS /etc mount. Am I missing something ? In the meanwhile I will try to create the folder and assign permissions in OS level just of curiosity but this doesn't seem to be a valid option as we need isolation.

[jcmoraisjr]

Please check if the container process is running as root or uid 1001, otherwise if so we have some RHEL magic in place, like selinux enabled, which usually doesn't like an ordinary process messing the /etc subdir. We currently need this due to external haproxy support. I'll give a centos 7 box a try.