Skip to content

Backup to S3 is broken when enabling IRSA as the mounted secret is not accessible for Solr. #775

New issue
New issue
Open
Open
Backup to S3 is broken when enabling IRSA as the mounted secret is not accessible for Solr.#775
@elangelo

Description

@elangelo
elangelo
opened on Mar 24, 2025
Contributor

When running with service accounts on a pod in EKS, a secret containing security information gets automatically mounted on /var/run/secrets/eks.amazonaws.com/serviceaccount/token
When trying to make a backup this token is unreachable for Solr and hence the backup fails with unclear error messages (In my case it was saying that the noderole under which my kuberenetes nodes are running did not have access on the S3 bucket). It was very difficult to figure out that it actually tried to access that file but couldn't do so because it was not in the allowPath.

I solved it by adding
-Dsolr.allowPaths=/var/run/secrets/eks.amazonaws.com/serviceaccount/token

Activity

elangelo
mentioned this on May 15, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

      Development

      No branches or pull requests

        Participants

        @elangelo

        Issue actions
          Backup to S3 is broken when enabling IRSA as the mounted secret is not accessible for Solr. · Issue #775 · apache/solr-operator