Asking for help? Comment out what you need so we can get more information to help you!
Cluster information:
Kubernetes version: 1.27.5+vmware
Cloud being used: TKG (Tanzu)
Installation method: TKG provisioning
#Host OS:
CNI and version: Antrea, 11.3
CRI and version: containerd:1.6.18-1
You can format your yaml by highlighting it and pressing Ctrl-Shift-C, it will make your output easier to read.
Hi, I am new to Kubernetes and have a situation on NFS volume mount
At the moment what we see is the developers are able to mount the NFS directly on to the pod.
we dont want that to happen.
Questions:
- how to restrict users NOT to have the NFS volume to be mounted directly to the pod?
- can the restrictions be performed from storage (datastore)
- what are the advantages to have it mounted to the pod versus creating PV/PVC? which approach is more wise to use
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-app-pv
labels:
app: nginx-app-pv
namespace: test-demo
spec:
replicas: 3
selector:
matchLabels:
app: nginx-app-pv
template:
metadata:
labels:
app: nginx-app-pv
spec:
volumes:
- name: test-stor
nfs:
path: /TKG-LT-PRIVATE
server: 10.97.72.5
containers:
- name: nginx-app-pv
image: harbor.tanzu.xyx.xyx.com/test-demo/nginxapp:v2
ports:
- containerPort: 80
volumeMounts:
- name: test-stor
mountPath: /var/www/
imagePullSecrets:
- name: harbor-cred