I want to use FileStore in GKE by using PVC and PV based on this official doc: https://cloud.google.com/filestore/docs/accessing-fileshares
My app is not running as root, so I would like to set wich GID/UID is used to mount the volume in the containers.
I know about some alternatives by using an InitContainer or a separate NFS middleware but will like to avoid another moving piece.
Kuberentes currently doesn't provide functionality to set volume mount permissions/owner using pod specification. All fields and their description can be found in kubernetes api reference.
The most often used method you can find on the internet is using initContiners. There doesn't really exist any other better method to do this.
You also mentioned that you would like to avoid doing chown in each deploy. You can avoid it using if statement in bash like in following example so that chown is executed only when necessary:
---
apiVersion: v1
kind: Pod
metadata:
name: my-pod
spec:
volumes:
- name: my-pv-storage
persistentVolumeClaim:
claimName: my-pv-claim
initContainers:
- name: init-myservice
image: busybox:1.28
command: ['sh', '-c', 'OWNER=`stat -c "%U:%G" /mnt/data` && if [ $OWNER == "root:root" ]; then chown -R 1000:3000 /mnt/data; fi']
volumeMounts:
- mountPath: "/mnt/data"
name: my-pv-storage
containers:
- name: my-pv-container
image: my-image
volumeMounts:
- mountPath: "/mnt/data"
name: my-pv-storage
securityContext:
runAsUser: 1000
runAsGroup: 3000Let me know it it was useful.