Information about emptyDir and hostPath for persistent volumes

Hello,

I’m trying to run the operator from this page : Install Percona server for MongoDB on Kubernetes.

Operator seems to be running and it’s trying to create rs and cfg but I have a hard time with the linked persistent volumes. I use molecule to build my cluster so I don’t really want fs to be kept so I tried to uncomment the emptyDir: {} but I don’t understand if I have to put a path or not.

If I do, the operator doesn’t even start because of wrong format.

But If I don’t, my pvc throws this error :
failed to provision volume with StorageClass "standard": failed to create volume pvc-1b0d5948-0074-4149-973f-c6bcdb135c66: pods "create-pvc-1b0d5948-0074-4149-973f-c6bcdb135c66" is forbidden: unable to validate against any pod security policy: [spec.volumes[0]: Invalid value: "hostPath": hostPath volumes are not allowed to be used spec.volumes[0]: Invalid value: "hostPath": hostPath volumes are not allowed to be used]

This is the part I don’t understand because all the hostPath part is still commented.

For the cr.yaml, I used percona-server-mongodb-operator/cr.yaml at main · percona/percona-server-mongodb-operator · GitHub and just uncomment the emptyDir part.

Thanks for your help.

1 Like

I found out the answer. It was linked to the PodSecurityPolicy that was added to the cluster. I still don’t understand why the message talks about hostPath but if I looked at the start of the sentence “is forbidden: unable to validate against any pod security policy” since the start I wouldn’t have looked the wrong direction.

1 Like