K
Q

Kubernetes init-container file permission mismatch

11/4/2019

I have an init container that copies files onto the volume.

I have implemented a security policy, that the user-id is not relevant, and all rights to files are set by group (0) - basically the same that is the default in OpenShift.

After creating the test instance with emptyDir instead of pvcs the container has crashed. After inspecting the image I've found out that the file permissons are broken: only the owner can write.

I've double-checked the init container. The files there have write permission for owner and other. I copy them with cp. But the final pod sees this files as writable only by owner.

To make things worse, the owner has been changed to root, although initially it was another user.

Is this a bug or a feature of emptyDir? Or I'm using them in a wrong way?

This is how I declare the volume:

  containers:
    - name: container
      volumeMounts:
      - name: storage
        mountPath: /var/storage
  initContainers:
    - name: container-init
      volumeMounts:
      - name: storage
        mountPath: /storage-mount
  volumes:
  - name: storage
    emptyDir: {}
-- 9ilsdx 9rvj 0lo
file-permissions
kubernetes

Similar Questions

Running init container on deployment update
Integrating MLFlow with Kubeflow
Prometheus alertmanager fails to send notifications due to "context deadline exceeded""
spring cloud dataflow on kubernetes error on deploy

0 Answers