Kubernetes/Minikube: After mounting volume, pod mounted directory is empty

8/15/2019

I am new to k8s. I am following official tutorial on setting up Nginx pods in k8s using minikube, mounting a volume and serving index.html.

When I mount and go to hompe page, i receive this error that directory index of "/usr/share/nginx/html/" is forbidden.

If I dont mount anything, i receive a "Welcome to Nginx" page.

This is the content of that folder before mount. And after mount is empty

root@00c1:/usr/share/nginx/html# ls -l
total 8
-rw-r--r-- 1 root root 494 Jul 23 11:45 50x.html
-rw-r--r-- 1 root root 612 Jul 23 11:45 index.html

Why is mounted folder inside pod empty after mounting?

This is my setup

apiVersion: v1
kind: PersistentVolume
metadata:
  name: task-pv-volume
  labels:
    type: local
spec:
  storageClassName: manual
  capacity:
    storage: 10Mi
  accessModes:
    - ReadWriteOnce
  hostPath:
    path: "/home/my_username/test/html"
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: task-pv-claim
spec:
  storageClassName: manual
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 3Mi
---
apiVersion: v1
kind: ReplicationController
metadata:
  name: nginx-hello-rc
spec:
  replicas: 2
  selector:
    app: hello-nginx-tester
  template:
    metadata:
      labels:
        app: hello-nginx-tester
    spec:
      securityContext:
        fsGroup: 1000
      volumes:
        - name: task-pv-storage
          persistentVolumeClaim:
            claimName: task-pv-claim
      containers:
        - name: task-pv-container
          image: nginx
          ports:
            - containerPort: 80
              name: "http-server"
          volumeMounts:
            - mountPath: "/usr/share/nginx/html"
              name: task-pv-storage
---
apiVersion: v1
kind: Service
metadata:
  name: nginx-tester
  labels:
    app: hello-nginx-tester
spec:
  type: NodePort
  ports:
  - port: 80
    nodePort: 30500
    protocol: TCP
  selector:
    app: hello-nginx-tester

Any info would be appreciated. thanks

-- bevelod
kubernetes
kubernetes-pod
minikube

2 Answers

8/15/2019

The owner of the directory "/usr/share/nginx/html" will be 1000 because you have set the SecurityContext fsGroup values. Hence you have unable to access the directory. if you remove the SecurityContext section, the owner of the mounted volume will be set as root. You won't get access issues.

-- Subramanian Manickam
Source: StackOverflow

8/16/2019

I've checked your configuration on my running k8s environment. After some adjustments the following manifest works smoothly for me:

apiVersion: v1
kind: PersistentVolume
metadata:
  name: task-pv-volume
  labels:
    type: local
spec:
  storageClassName: manual
  capacity:
    storage: 10Mi
  accessModes:
    - ReadWriteOnce
  hostPath:
    path: "/home/my_username/test/html"
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: task-pv-claim
spec:
  storageClassName: manual
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 3Mi
  volumeName: task-pv-volume
---
apiVersion: v1
kind: ReplicationController
metadata:
  name: nginx-hello-rc
spec:
  replicas: 2
  selector:
    app: hello-nginx-tester
  template:
    metadata:
      labels:
        app: hello-nginx-tester
    spec:
      securityContext:
        fsGroup: 1000
      volumes:
        - name: task-pv-volume
          persistentVolumeClaim:
            claimName: task-pv-claim
      containers:
        - name: task-pv-container
          image: nginx
          ports:
            - containerPort: 80
              name: "http-server"
          volumeMounts:
            - mountPath: "/usr/share/nginx/html"
              name: task-pv-volume
---
apiVersion: v1
kind: Service
metadata:
  name: nginx-tester
  labels:
    app: hello-nginx-tester
spec:
  type: NodePort
  ports:
  - port: 80
    nodePort: 30500
    protocol: TCP
  selector:
    app: hello-nginx-tester
-- mk_sta
Source: StackOverflow