Is there any way to set per-volume permissions/ownership in Kubernetes declaratively?
Usecase:
sudo
We know that we can use fsGroup
, however that is a pod-level declaration. So even if we pick fsGroup equal to user in first container, then we are going to have permission issues in the other one. (ref: Kubernetes: how to set VolumeMount user group and file permissions )
One solution is to use init-container to change permissions of mounted directories .
The init-container would need to mount both volumes (from both containers), and do the needed chown
/ chmod
operations.
Drawbacks:
chown
It can be done with adding one init container with root access.
initContainers:
- name: changeowner
image: busybox
command: ["sh", "-c", "chown -R 200:200 /<volume>"]
volumeMounts:
- name: <your volume>
mountPath: /<volume>
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.