Team,
I have below pod.yaml that outputs the pod's mount info but now I want it to show me the node's mount info instead or also that info. any hint how can I give privilege to the pod such that it runs the same command on the k8s hosts on which the pod is running and list that in output of pods logs?
apiVersion: v1
kind: Pod
metadata:
name: command-demo
labels:
purpose: demonstrate-command
spec:
containers:
- name: command-demo-container
image: debian
command: ["/bin/bash", "-c"]
args:
- |
echo $HOSTNAME && mount | grep -Ec '/dev/sd.*\<csi' | awk '$0 <= 64 { print "Mounts are less than 64, that is found", $0 ;} $0 > 64 { print "Mounts are more than 64", $0 ;}'
restartPolicy: OnFailure
kubectl logs pod/command-demo
command-demo
Mounts are less than 64, that is found 0
expected output:
k8s_node1 << this is hostname of the k8s node on which above pod us running
Mounts are more than 64, that is found 65
what change do i need to do in my pod.yaml such that it runs the shell command on node and not on pod?
You cannot access host filesystem inside the docker container unless you mount part's of the host filesystem as volume. You can try mounting the whole host filesytem into the pod as follows. You might need to privileged securityContext for the pod depending on what you are trying to do.
apiVersion: v1
kind: Pod
metadata:
name: dummy
spec:
containers:
- name: busybox
image: busybox
command: ["/bin/sh"]
args: ["-c", "sleep 3600"]
volumeMounts:
- name: host
mountPath: /host
volumes:
- name: host
hostPath:
path: /
type: Directory
Alternative method and probably better way is to SSH into the host machine from the pod and run the command. You can get the host IP using downward API - https://kubernetes.io/docs/tasks/inject-data-application/downward-api-volume-expose-pod-information/