Skip to content

[OpenSearch] Fix readOnlyRootFilesystem by adding emptyDir volumes#727

Open
faarshad wants to merge 1 commit intoopensearch-project:mainfrom
faarshad:fix/opensearch-readonly-root-filesystem
Open

[OpenSearch] Fix readOnlyRootFilesystem by adding emptyDir volumes#727
faarshad wants to merge 1 commit intoopensearch-project:mainfrom
faarshad:fix/opensearch-readonly-root-filesystem

Conversation

@faarshad
Copy link
Copy Markdown

@faarshad faarshad commented Feb 10, 2026

Summary

  • Fixes OpenSearch failing to start when securityContext.readOnlyRootFilesystem: true is set
  • Adds conditional emptyDir volumes for config, logs, /tmp, and data (when persistence is disabled)
  • Adds a config-dir-setup init container that copies the original config directory to a writable emptyDir
  • Volumes are only added when readOnlyRootFilesystem is enabled — no change to default behavior

Resolves #369

Changes

  • charts/opensearch/templates/statefulset.yaml:
    • Added conditional emptyDir volumes: opensearch-config, opensearch-logs, opensearch-tmp, and opensearch-data (when persistence disabled)
    • Added config-dir-setup init container to copy original config files to writable emptyDir
    • Updated initContainers condition to include readOnlyRootFilesystem
    • Added volumeMounts in main container for all writable paths
  • charts/opensearch/Chart.yaml — Bumped chart version from 3.4.0 to 3.5.0
  • charts/opensearch/CHANGELOG.md — Documented the fix under [Unreleased] > Fixed

Test plan

  • helm lint passes
  • helm template with readOnlyRootFilesystem=true renders all emptyDir volumes, mounts, and init container
  • helm template without readOnlyRootFilesystem produces no extra volumes (no regression)
  • Full E2E on kind cluster (k8s v1.27.3): deployed OpenSearch single-node with readOnlyRootFilesystem=true
    • All EROFS errors are fixed — no read-only filesystem errors in logs
    • No performance-analyzer.log write failures
    • No Java FileSystemException / createTempDirectory errors
    • No opensearch.keystore.tmp write failures
    • Pod reaches Ready 1/1 with zero restarts
  • OpenSearch Dashboards connects successfully to the readOnlyRootFilesystem-enabled OpenSearch backend

@faarshad
[OpenSearch] Fix readOnlyRootFilesystem support by adding emptyDir vo…
e05a379 
…lumes

When securityContext.readOnlyRootFilesystem is set to true, OpenSearch
fails to start due to EROFS errors writing to the config directory
(opensearch.keystore.tmp), logs directory (performance-analyzer.log),
and /tmp (Java temp directories).

This adds conditional emptyDir volumes for config, logs, and /tmp when
readOnlyRootFilesystem is enabled, along with a config-dir-setup init
container that copies the original config files into the writable
emptyDir. Also adds an opensearch-data emptyDir when persistence is
disabled.

Resolves opensearch-project#369

Signed-off-by: Fahad Arshad <26278466+faarshad@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@TheAlgo TheAlgo Awaiting requested review from TheAlgo TheAlgo is a code owner

@DandyDeveloper DandyDeveloper Awaiting requested review from DandyDeveloper DandyDeveloper is a code owner

@peterzhuamazon peterzhuamazon Awaiting requested review from peterzhuamazon peterzhuamazon is a code owner

@prudhvigodithi prudhvigodithi Awaiting requested review from prudhvigodithi prudhvigodithi is a code owner

@gaiksaya gaiksaya Awaiting requested review from gaiksaya gaiksaya is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

first-time-contributor

Projects

Engineering Effectiveness Board
Status: No status

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[BUG][OpenSearch] OpenSearch fails to start when readOnlyRootFilesystem set to 'true'

1 participant

@faarshad