Set volume mount user group and file permissions in kubernetes

0 votes

I'm using kops to run my kubernetes cluster. I'm trying to use an EBS volume with a container which is visible from my app by it shows it as read only because my app is not running as root. I want to use the PVC as a user other than root. I cannot find any control  by which I can change the user or group or file permissions for the mounted path.

My deployment YAML:

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: notebook-1
spec:
  replicas: 1
  template:
    metadata:
      labels:
        app: notebook-1
    spec:
      volumes:
      - name: notebook-1
        persistentVolumeClaim:
          claimName: notebook-1
      containers:
      - name: notebook-1
        image: jupyter/base-notebook
        ports:
        - containerPort: 8888
        volumeMounts:
        - mountPath: "/home/jovyan/work"
          name: notebook-1
Jan 16, 2019 in Kubernetes by Damon Salvatore
 • 5,980 points 27,952 views

1 answer to this question.

0 votes

There's a setting in Pod Security Context called fsGroup. This will allow you to set the group ID that has the volume. example:

apiVersion: v1
kind: Pod
metadata:
  name: hello-world
spec:
  containers:
  # specification of the pod's containers
  # ...
  securityContext:
    fsGroup: 1234

More info: https://kubernetes.io/docs/concepts/policy/security-context/

For further details, refer to the Kubernetes Course.

answered Jan 16, 2019 by ajs3033
 • 7,300 points

Related Questions In Kubernetes

0 votes
1 answer

Can somebody define Persistent Volume (PV) and Persistent Volume Claim (PVC) of kubernetes in simple terms?

PVs are resources in the cluster. PVCs ...READ MORE

answered Feb 4, 2020 in Kubernetes by Sirajul
 • 59,230 points 1,178 views
0 votes
2 answers

How do I create a volume in kubernetes so that it doesn't get detroyed when pods die?

if you need to do this is ...READ MORE

answered Jul 26, 2020 in Kubernetes by Akash Gupta
 1,638 views
0 votes
3 answers

Using multiple commands in a kubernetes yaml file

Try something like this: containers: - name: ...READ MORE

answered Apr 23, 2019 in Kubernetes by lyza
 49,859 views
0 votes
1 answer

ConfigMaps volume not creating file in container

Did a little research and found the ...READ MORE

answered Sep 6, 2018 in Kubernetes by Atul
 • 10,240 points 1,186 views
+6 votes
1 answer

Web UI (Dashboard): https://kubernetes.io/docs/tasks/access-application-cluster/web-ui-dashboard/

Hey @nmentityvibes, you seem to be using ...READ MORE

answered Dec 13, 2018 in Kubernetes by Kalgi
 • 52,350 points 7,899 views
+1 vote
1 answer

set up kubernetes NGINX ingress in AWS with SSL termination

Try using ingress itself in this manner except ...READ MORE

answered Oct 10, 2018 in Kubernetes by Kalgi
 • 52,350 points 3,079 views
0 votes
3 answers

Error while joining cluster with node

Hi Kalgi after following above steps it ...READ MORE

answered Jan 17, 2019 in Others by anonymous
 15,455 views
+15 votes
2 answers

Git management technique when there are multiple customers and need multiple customization?

Consider this - In 'extended' Git-Flow, (Git-Multi-Flow, ...READ MORE

answered Mar 27, 2018 in DevOps & Agile by DragonLord999
 • 8,450 points 4,024 views
0 votes
1 answer

Kubernetes: Insufficient CPU's and MatchNodeSelector in Openshift.

That error message does not mean that ...READ MORE

answered Sep 7, 2018 in Kubernetes by ajs3033
 • 7,300 points 2,724 views
0 votes
1 answer

How to use gravitational teleport in a container/kubernetes environment?

You can use teleport to augment kubernetes ...READ MORE

answered Jun 28, 2018 in Kubernetes by ajs3033
 • 7,300 points 2,463 views
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP
"PMP®","PMI®", "PMI-ACP®" and "PMBOK®" are registered marks of the Project Management Institute, Inc. MongoDB®, Mongo and the leaf logo are the registered trademarks of MongoDB, Inc.