According to this post:
https://netapp.io/2018/06/15/highly-secure-kubernetes-persistent-volumes/
You can't use/mount an NFS share in a pod if the pod is not having security context as privileged.
I am running a pod , with external NFS mounted but I have not specified any security context other than uid/gid. Working RW fine.
How can I check if my pod is a normal one or is privileged.
You can check this using kubectl get pods yourpod -o json under .spec.containers.securityContext or in metadata
As an example I created 2 nginx pods: nginx(with privileged: true)
"metadata": {
"annotations": {
"cni.projectcalico.org/podIP": "10.48.2.3/32",
"kubectl.kubernetes.io/last-applied-configuration": "{\"apiVersion\":\"v1\",\"kind\":\"Pod\",\"metadata\":{\"annotations\":{},\"labels\":{\"app\":\"nginx\"},\"name\":\"nginx\",\"namespace\":\"default\"},\"spec\":{\"containers\":[{\"image\":\"nginx\",\"name\":\"nginx\",\"ports\":[{\"containerPort\":80}],\"securityContext\":{\"privileged\":true}}]}}\n",
"securityContext": {
"privileged": trueand
nginx-nonprivileged
"metadata": {
"annotations": {
"cni.projectcalico.org/podIP": "10.48.2.4/32",
"kubectl.kubernetes.io/last-applied-configuration": "{\"apiVersion\":\"v1\",\"kind\":\"Pod\",\"metadata\":{\"annotations\":{},\"labels\":{\"app\":\"nginx\"},\"name\":\"nginx-nonprivileged\",\"namespace\":\"default\"},\"spec\":{\"containers\":[{\"image\":\"nginx\",\"name\":\"nginx\",\"ports\":[{\"containerPort\":80}]}]}}\n",