{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 Fickle 薄情 的问题《How to change permission of mapped volume in kuber》','https://www.manongdao.com/q-1320707.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I just created image using Docker file and for changing user I just used:
USER myuser
We are using a directory to store data, we change that directory permission using:
chown -R myuser:myuser /data-dir
This Docker file is for etcd, where we want /data-dir use by etcd to store data. Now, we map the /data-dir to efs volume using kubernetes yml file.
With the below code:
volumeMounts:
- name: etcdefs
mountPath: /data-dir
volumes:
- name: etcdefs
persistentVolumeClaim:
claimName: efs-etcd
After this, I expect, that mapped directory /data-dir should have permission as myuser:myuser but it making the directory as root:root
Can any one suggest what I am doing wrong here ?
This is because of docker. It mounts volume with only root permission and you can change it with
chmodbut only after the container is started.You can read more about it here https://github.com/moby/moby/issues/2259 This issues is here for a long time.
What you can do in kubernetes is use
fsGroupand force that volume is writable by GID specified. This is working solution and documented as well. More information here https://kubernetes.io/docs/tasks/configure-pod-container/security-context/Here is an example deployment: