Uploaded image for project: 'OpenShift Request For Enhancement'
  1. OpenShift Request For Enhancement
  2. RFE-2907

add ability to chown/chmod on files/directories behind an EFS access point

XMLWordPrintable

    • False
    • None
    • False
    • Not Selected

      1. Proposed title of this feature request:  add ability to chown/chmod on files/directories behind an EFS access point
      2. In conjunction with migrations (from 3.11.x to 4.x), The problem is that - we need to preserve the permissions and owner/groups of the files in the destination clusters so that the migrated applications can use the files.  For that to happen, rsync runs chown on the destination side to match the UID/GID of the source side.
        NFS allows remote root users to do that when no_root_squash is enabled on NFS server.
        In this case, the EFS server on the destination side is not allowing rsync to run chown (due to insufficient ownership / permissions.)
      3. From Engineering on BZ 2082570:   Please note the restrictions of unable to perform chown/chmod on files/directories behind an EFS access point does not come from EFS CSI driver or some inherent limitation of OCP. It is EFS backend which prevents chown/chmod of any file/directories behind an access point. We can't simply fix this in CSI driver. So what customer is asking as a quick "bug fix", basically involves fixing Amazon EFS backend, it is kinda impossible for us to do that.
      1. Further, from Engineering on BZ 2082570, What we can do is, create an another provisioning mode which potentially just creates subdirectories on root EFS volume. Currently plain efs volumes (i.e without using access points) are only root user readable/writable - so we will have to spend sometime designing a feature that can work and be supported in long term. We will have to also co-ordinate with Amazon about how such a feature is going to look like.
      2. See SF Case 03212961.

              rh-gs-gcharot Gregory Charot
              rhn-support-rbennett Robert Bennett
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: