K
Q

kubernetes mongodb non-root keyfile secret permission denied

2/15/2018

I followed this post to create a mongodb StatefulSet

When I try to run as a non-root User, mongo encounters a permission denied error while trying to read the keyFile (a Secret, PodSpec.volumes[n].secret.defaultMode=256)

How can I run as a non-root User and still have permission to read the file? It seems like I need to set the Secret/file ownership to the non-root User, but I'm not sure how to do that.

Also, I've been doing some reading on understanding file permissions, but I'm not all that familiar with it

-- cfann61
file-permissions
kubernetes
mongodb

Similar Questions

gke removing instance groups from internal load balancers
What is port 0 used for in Kubernetes services?
have only readonly access to kubernetes dashboard
Best way to check if a bucket is ready in node.js

1 Answer

4/15/2018

Hello from the future,

I figured out what is wrong. The post you referenced incorrectly generates the mongodb secret.

I created a fixed implementation that correctly uses mongo secrets with the right permissions and also uses local storage with minikube here:

https://github.com/MichaelScript/kubernetes-mongodb

I found this out by running kubectl get secrets mongosecret -o yaml and realizing it had no data...

-- MichaelGreen
Source: StackOverflow