G'day,
I hope you are doing well.
We use the Altinity ClickHouse operator, which works great, but we did try your new operator.
The main problem is being able to use ConfigMaps to mount protobufs, so that ClickHouse can ingest protobufs.
For the Altinity, we an initContainers to fix up the permissions, so we can bind mount the protobufs
spec:
containers:
- name: clickhouse
image: "clickhouse/clickhouse-server:26.1"
volumeMounts:
- name: proto-files-volume
mountPath: /var/lib/clickhouse/data/format_schemas/
- name: google-protobuf-files-volume
mountPath: /var/lib/clickhouse/data/protos/google/protobuf/
- name: google-api-files-volume
mountPath: /var/lib/clickhouse/data/protos/google/api/
env:
- name: KAFKA_USERNAME
valueFrom:
secretKeyRef:
name: redpanda-clickhouse-k8s-logs-credentials
key: user
- name: KAFKA_PASSWORD
valueFrom:
secretKeyRef:
name: redpanda-clickhouse-k8s-logs-credentials
key: password
- name: CLICKHOUSE_DO_NOT_CHOWN
value: "1"
initContainers:
- name: set-pvc-permissions
image: busybox:1.37
command:
- sh
- -c
- |
if [ ! -d /var/lib/clickhouse/data ]; then
mkdir -p /var/lib/clickhouse/data
fi
if [ "$(stat -c '%u:%g' /var/lib/clickhouse)" != "101:101" ]; then
echo "Fixing ownership of /var/lib/clickhouse..."
chown -Rv 101:101 /var/lib/clickhouse
fi
if [ "$(stat -c '%u:%g' /var/log/clickhouse-server)" != "101:101" ]; then
echo "Fixing ownership of /var/log/clickhouse-server..."
chown -Rv 101:101 /var/log/clickhouse-server
fi
securityContext:
runAsUser: 0
We couldn't do this with the Clickhouse operator, but the initContainers works with the Altinity operator.
... To be honest, the better fix is probably to make the permissions correct in the container and bypass this hack we are doing.
Thanks,
Dave
Use case
Protobufs
Describe the solution you'd like
Fix the default permission in the container
Describe alternatives you've considered
initContainers
Additional context
Maybe this issue should be filed against https://github.com/ClickHouse/clickhouse/
G'day,
I hope you are doing well.
We use the Altinity ClickHouse operator, which works great, but we did try your new operator.
The main problem is being able to use ConfigMaps to mount protobufs, so that ClickHouse can ingest protobufs.
For the Altinity, we an initContainers to fix up the permissions, so we can bind mount the protobufs
We couldn't do this with the Clickhouse operator, but the initContainers works with the Altinity operator.
... To be honest, the better fix is probably to make the permissions correct in the container and bypass this hack we are doing.
Thanks,
Dave
Use case
Protobufs
Describe the solution you'd like
Fix the default permission in the container
Describe alternatives you've considered
initContainers
Additional context
Maybe this issue should be filed against https://github.com/ClickHouse/clickhouse/