Keycloack operator/PotgresSQL permission denied

  • 14 December 2020
  • 1 reply

Hello everyone, 


I'm having some trouble using the keycloak operator installing on a simple Kubernetes Cluster on Karbon


Basically, what happens is that when I install a new Keycloak, the PostgresSQL is not able to run properly because it does not have permissions to create a new directory on /var/lib/pgsql/data/userdata


As far as I understood, the problem is related to the securityContext which is not set to the postgres deployment even if Postgres runs always using user 26 (as can be noted here:


I had to do a lot of workarounds to make it work, and finally I succeded by configuring manually the security context as follows:



  fsGroup: 26

  runAsUser: 26


There is any possibility to set the security context via the operator? if not, can you please point me out what is the correct solution to apply?

1 reply

Userlevel 1
Badge +5

Hello @Cecia ,

Welcome to the Karbon Clusters community!

The issue you mention above doesn’t look like it would be specific to a Kubernetes cluster deployed by Karbon Clusters.

As far as I know, you should be able to pass those settings (the whole securityContext YAML block) in the Operator manifest (the YAML file you apply via “kubectl -f apply” to create that Operator object) and it is the job of the Operator to pick it up and honor the setting.

Hope it helps,

Best regards,

Sylvain Huguet