Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Error opening bolt store: open /var/lib/authservice/data.db: permission denied #60

Open
youxingtian opened this issue Jan 27, 2021 · 12 comments
Open

Error opening bolt store: open /var/lib/authservice/data.db: permission denied #60

youxingtian opened this issue Jan 27, 2021 · 12 comments
Labels
bug Something isn't working

Comments

@youxingtian
Copy link

Is this a bug report or feature request?

  • Bug Report
    when I install the Multi-user, auth-enabled Kubeflow with kfctl_istio_dex_v1.2,I get this error.
    Describe the bug
    A clear and concise description of what the bug is.
    image
    image

How to Reproduce
Steps to reproduce the behavior:

  1. Deploy AuthService ...
  2. Perform this action ...
  3. See error

Expected behavior
A clear and concise description of what you expected to happen.

Config Files
Please provide all the relevant configuration that you can publicly share. This
includes:

  • AuthService configuration.
  • OIDC Provider configuration.

If relevant, upload your configuration files here using GitHub, there is no need
to upload them to any 3rd party services

Logs
Please provide all relevant logs (e.g., AuthService logs , OIDC Provider logs,
etc.)

Environment:

  • AuthService version: (found in image tag) gcr.io/arrikto/kubeflow/oidc-authservice: 28c59ef
  • Platform: (GKE, Azure, minikube, custom...)google cloud three VMs
  • Kubernetes version:V1.16.3

Additional context
Add any other context about the problem here.
@youxingtian youxingtian added the bug Something isn't working label Jan 27, 2021
@66li
Copy link

66li commented Feb 1, 2021
edited
Loading

can you run
kubectl describe statefulset authservice -n istio-system

@youxingtian
Copy link
Author

can you run
kubectl describe statefulset authservice -n istio-system
image
image

@66li
Copy link

66li commented Feb 2, 2021

can you describe pv and pvc of authservice

@youxingtian
Copy link
Author

can you describe pv and pvc of authservice
image
image
image
image

@66li
Copy link

66li commented Feb 2, 2021

Create a brand new pv and pvc, instead of using the one that has been mounted, may be able to solve this problem

@youxingtian
Copy link
Author

new

Create a brand new pv and pvc, instead of using the one that has been mounted, may be able to solve this problem

That works for me,Thank you!

@hx3333
Copy link

hx3333 commented Jun 27, 2021

new

Create a brand new pv and pvc, instead of using the one that has been mounted, may be able to solve this problem

That works for me,Thank you!

It doesn't work, I tried many many times, can you explain in detail ?
thx

@pythonton
Copy link

pythonton commented Sep 16, 2021
edited
Loading

new

Create a brand new pv and pvc, instead of using the one that has been mounted, may be able to solve this problem

That works for me,Thank you!

It doesn't work, I tried many many times, can you explain in detail ?
thx

I fix it.
I have two k8s cluster, one normal(already deploy kubeflow 1.3), one bad.
I copy data.db to authservice-pvc from normal cluster deployed kubeflow 1.3. , it is ok.

if you need, i could send data.db you.

@bartgras
Copy link

I had the same problem. Pod authservice-0 logs were saying "permission denied".
What helped: chmoding the PV to less restrictive and deleting Pod authservice-0.

@hx3333
Copy link

hx3333 commented Sep 22, 2021

I had the same problem. Pod authservice-0 logs were saying "permission denied".
What helped: chmoding the PV to less restrictive and deleting Pod authservice-0.

Actually it's authority problem, I've already fixed it. thx anyway

@sav116
Copy link

sav116 commented Oct 21, 2021

Help)
Pod "authservice-0" is CrashLoopBackOff.
I have the same problem. Logs report:
Error opening bolt store: open /var/lib/authservice/data.db: stale NFS file handle
My pv and pvc:
Снимок экрана 2021-10-21 в 03 47 52

@sachingupta771
Copy link

@youxingtian , I am facing same issue with Kubeflow 1.8,
error messgae:
ClientID:kubeflow-oidc-authservice ClientSecret:pUBnBOY80SnXgjibTYM9ZWNzY2xreNGQok OIDCAuthURL:/dex/auth RedirectURL:/authservice/oidc/callback OIDCScopes:[openid profile email groups] StrictSessionValidation:false OIDCStateStorePath:/var/lib/authservice/data.db AuthserviceURLPrefix:/authservice/ SkipAuthURLs:[/authservice/ /dex] AuthHeader:Authorization Audiences:[istio-ingressgateway.istio-system.svc.cluster.local] HomepageURL:/authservice/site/homepage AfterLoginURL: AfterLogoutURL:/ UserIDHeader:kubeflow-userid GroupsHeader:kubeflow-groups UserIDPrefix: UserIDTransformer:{rules:[]} UserIDClaim:email UserIDTokenHeader: GroupsClaim:groups IDTokenHeader:Authorization Hostname: Port:8080 WebServerPort:8082 ReadinessProbePort:8081 CABundlePath: SessionStorePath:/var/lib/authservice/data.db SessionMaxAge:86400 SessionSameSite:Lax ClientName:AuthService ThemesURL:themes Theme:kubeflow TemplatePath:[web/templates/default] UserTemplateContext:map[] GroupsAllowlist:[*]}"
time="2024-03-05T11:27:03Z" level=info msg="Starting readiness probe at 8081"
time="2024-03-05T11:27:03Z" level=info msg="Starting server at :8080"
time="2024-03-05T11:27:03Z" level=info msg="Starting web server at :8082"
time="2024-03-05T11:27:03Z" level=fatal msg="Error creating session store: open /var/lib/authservice/data.db: permission denied"

Please help

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
7 participants
@bartgras @sachingupta771 @66li @hx3333 @youxingtian @pythonton @sav116