I'm trying to run my own instance of opensearch with a volume attached to it and I'm having permissions issues. On one hand opensearch doesn't allowed to be run as root, on the other hand the volume operates on a directory owned by root. So I decided to take a look at the template. I see that opensearch has created the nodes directory under /usr/share/opensearch/data as it is by default.

The volume is attached to /osdata. and nothing is written to it - no nodes directory. No env variable tells opensearch to write the data to osdata, as far as I can see from the template definition.

I see in the documentation of the template:

Persistent volume for OpenSearch data (/usr/share/opensearch/data)

So, how does the storage to the volume work in the template when the volume mount directory is owned by root but the data is written to /usr/share/opensearch/data?

EDIT: if I understand correctly, the group of osdata should be changed to opensearch and group permissions for /osdata should be changed to rwx, and path.data for the container should be changed to /osdata, in order for opensearch's data to be persisted to the volume. Am I correct?

In the template, OpenSearch writes data to whatever directory is defined in path.data. If your volume is mounted at /osdata, then you need to change path.data to /osdata and make sure the OpenSearch user has write permissions on that directory. If instead you mount the volume directly at /usr/share/opensearch/data, you can keep the default path.data value and no further changes are required.