Recently I configured Azure Files provisioned statically according to this manual: https://docs.microsoft.com/en-us/azure/aks/azure-files-volume I have run my application on a pod and mounted Azure Files to it. Unfortunately, when I try to create some file on this Azure Files storage from my application, I get java.io.IOException: Permission denied... Is there any way to change permissions of this Azure Files? Below is the yaml file of my deployment:
apiVersion: apps/v1beta1
kind: Deployment
metadata:
name: vm-wojtek
spec:
replicas: 1
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 1
template:
metadata:
labels:
app: vm-wojtek
spec:
containers:
- name: vm-wojtek
image: <image_name>
ports:
- containerPort: 8080
- containerPort: 8443
imagePullPolicy: Always
volumeMounts:
- mountPath: "/mnt/azure"
name: volume
readOnly: false
volumes:
- name: volume
azureFile:
secretName: azure-secret
shareName: vm-share
readOnly: false
EDIT:
Below is the output of kubectl get pod -o yaml
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: 2019-03-01T07:08:29Z
generateName: vm-wojtek-7674c7b54d-
labels:
app: vm-wojtek
pod-template-hash: "3230736108"
name: vm-wojtek-7674c7b54d-js6d6
namespace: default
ownerReferences:
- apiVersion: extensions/v1beta1
blockOwnerDeletion: true
controller: true
kind: ReplicaSet
name: vm-wojtek-7674c7b54d
uid: d12ee2d5-3bf0-11e9-a82b-aaf390a8b6f0
resourceVersion: "60801"
selfLink: /api/v1/namespaces/default/pods/vm-wojtek-7674c7b54d-js6d6
uid: d1329b70-3bf0-11e9-a82b-aaf390a8b6f0
spec:
containers:
- env:
- name: KUBERNETES_PORT_443_TCP_ADDR
value: vm-tf-agent-b84257d1.hcp.westeurope.azmk8s.io
- name: KUBERNETES_PORT
value: tcp://vm-tf-agent-b84257d1.hcp.westeurope.azmk8s.io:443
- name: KUBERNETES_PORT_443_TCP
value: tcp://vm-tf-agent-b84257d1.hcp.westeurope.azmk8s.io:443
- name: KUBERNETES_SERVICE_HOST
value: vm-tf-agent-b84257d1.hcp.westeurope.azmk8s.io
image: ...
imagePullPolicy: Always
name: vm-wojtek
ports:
- containerPort: 8080
protocol: TCP
- containerPort: 8443
protocol: TCP
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /mnt/azure
name: volume
- mountPath: /var/run/secrets/kubernetes.io/serviceaccount
name: default-token-n2vjm
readOnly: true
dnsPolicy: ClusterFirst
nodeName: aks-default-36880111-0
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
serviceAccount: default
serviceAccountName: default
terminationGracePeriodSeconds: 30
tolerations:
- effect: NoExecute
key: node.kubernetes.io/not-ready
operator: Exists
tolerationSeconds: 300
- effect: NoExecute
key: node.kubernetes.io/unreachable
operator: Exists
tolerationSeconds: 300
volumes:
- azureFile:
secretName: azure-secret
shareName: vm-share
name: volume
- name: default-token-n2vjm
secret:
defaultMode: 420
secretName: default-token-n2vjm
status:
conditions:
- lastProbeTime: null
lastTransitionTime: 2019-03-01T07:08:29Z
status: "True"
type: Initialized
- lastProbeTime: null
lastTransitionTime: 2019-03-01T07:10:31Z
status: "True"
type: Ready
- lastProbeTime: null
lastTransitionTime: 2019-03-01T07:08:29Z
status: "True"
type: PodScheduled
containerStatuses:
- containerID: docker://17781db099f449df1b56e53b358021c06f7e140f9610d9d09bb4cf366956c687
image: vmrdacr.azurecr.io/vm-2.0.4:v11
imageID: ...
lastState: {}
name: vm-wojtek
ready: true
restartCount: 0
state:
running:
startedAt: 2019-03-01T07:10:31Z
hostIP: 10.240.0.4
phase: Running
podIP: 10.244.0.9
qosClass: BestEffort
startTime: 2019-03-01T07:08:29Z