Unable to Mount Strongswan ConfigMap in /etc in containers deployment

Hello, Our project has a VPN connection which is made possible through strongwan and ipsec. The strongswan is already installed on the docker container. On deploying I get this error when I try to mount the configmap of the ipsec on the /etc path. This is the error I get

Error: failed to start container "app": Error response from daemon: OCI runtime create failed: container_linux.go:346: starting container process caused "process_linux.go:449: container init caused \"rootfs_linux.go:58: mounting \\\"/var/lib/docker/containers/bc3d69899f3daaa0a69be4484a837d2425966ed37662d6af3e7c5f42f8221e75/resolv.conf\\\" to rootfs \\\"/var/lib/docker/overlay2/66fde65c364c22afcd2ea303dd3e0ddc0cb2364637021105500ee1c5c661db0c/merged\\\" at \\\"/var/lib/docker/overlay2/66fde65c364c22afcd2ea303dd3e0ddc0cb2364637021105500ee1c5c661db0c/merged/etc/resolv.conf\\\" caused \\\"open /var/lib/docker/overlay2/66fde65c364c22afcd2ea303dd3e0ddc0cb2364637021105500ee1c5c661db0c/merged/etc/resolv.conf: read-only file system\\\"\"": unknown

This is my deployment yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: watuglobal
  labels:
    tier: backend
spec:
  replicas: 1
  selector:
    matchLabels:
      app: watuglobal
      tier: backend
  template:
    metadata:
      labels:
        app: watuglobal
        tier: backend
    spec:
      volumes:
        - name: nginx-config
          configMap:
            name: laravel-nginx-config
            items:
              - key: config
                path: default.conf
        - name: ipsec-config
          configMap:
            name: ipsec-config
            items:
              - key: config
                path: ipsec.conf
        - name: ipsec-secrets
          configMap:
            name: ipsec-secrets
            items:
              - key: config
                path: ipsec.secrets
        - name: strongswan-config
          configMap:
            name: strongswan-config
            items:
              - key: config
                path: strongswan.conf
      initContainers:
        - args:
            - /bin/bash
            - -c
            - (php artisan migrate --force|| true) && (php artisan db:seed || true) && (php artisan optimize)
          imagePullPolicy: Always
          name: artisan
          image: ${IMAGE_NAME}:$COMMIT_SHA1
      containers:
        - name: watuglobal
          image: ${IMAGE_NAME}:$COMMIT_SHA1
          ports:
            - containerPort: 80
          securityContext:
            capabilities:
              add:
                - NET_ADMIN
          volumeMounts:
            - name: nginx-config
              mountPath: /etc/nginx/sites-enabled
      imagePullSecrets:
        - name: registry-secret
---

apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: watuglobal-horizon
  name: watuglobal-horizon
spec:
  replicas: 1
  revisionHistoryLimit: 1
  selector:
    matchLabels:
      app: watuglobal-horizon
  template:
    metadata:
      labels:
        app: watuglobal-horizon
    spec:
      containers:
        - args:
            - /bin/bash
            - -c
            - php artisan horizon
          image: ${IMAGE_NAME}:$COMMIT_SHA1
          imagePullPolicy: Always
          name: watuglobal-horizon
          resources:
            limits:
              cpu: 500m
              memory: 1G
            requests:
              cpu: 250m
              memory: 500M
      imagePullSecrets:
        - name: registry-secret

Kindly assist me on this, I’ve been on this for quite a while. Thank you

It seems the yaml does not correspond with the error provided. I cannot see an “app” container, and the mount is not in /etc.

If you mount a volume in /etc, the mount will hide the files alreday in this directory, that are mandatory (ex. resolv.conf). You’ll have to mount files one by one in this directory. See for example https://stackoverflow.com/questions/58128591/kubernetes-mount-volume-on-existing-directory-with-files-inside-the-container