Hi
If I use pv/hostpath, then the owner of the following path /tmp/pv001 on the host will be used to mount the volume within the pod if we mount it using a PVC and define a pod/volume.
As the path has perhaps been defined as owned by root on the host, do you see a trick to change the ownership of such path /tmp/pv0xx to let the pod’s user which is maybe “1001” to access as RW such path ?
Regards
Charles
I think hostPath is something you should coordinate the permissions and it is out of scope for kubernetes: it’s something specific on the host that you want to be shared with pod and, as you create that in the host too, you should handle the permissions you want when creating it. IIUC.
However, note that there is also another volume type that is local. That can be used either as a mounted filesystem or also to access local raw block devices. If you want to use it as node local storage (for perf reasons, for example) you can use the local volume and the pod can create the directories there with no permission issues.
Sorry, hit send before finishing.
Local is quite similar to host path, but it has affinity and some guarantees to the pod. If you just need some performance, it might be something worth looking at.
For the local volume, there is the local provisioner project from sig ¿node? that can help with automation.
Does that help?
What is the underlying problem you want to solve with this?
a) the easiest way - add an initContainer that runs as root and executes chown/chmod on your hostPath volume
b) a little more complex - write a flexvolume driver that allocates a directory and runs chown/chmod/whatever you need on the directory
I ended up writing my own provisioner in python, that creates local volumes from persistent volume claims.
I can share some of my scripts if anyone is interested.
Many thanks. Can you share what you did please ?
The problem that I want to solve is pretty simple. When a pod is started within a non root UID process, where a volume is mounted and persisted using HoStPath, I would like that a non root user could store something under the persisted volume -> /tmp/pv001 by example
Take a look:
I’m surprised that setting uid/gid is not implemented in stock k8s.