K
Q

How to create pod with default uid:gid and multiple groups access gids( 4 to 5 ) that's needed to access nfs shares.?

1/26/2021

I'm trying to containerize a workflow that touches nfs shares. For a successful run it requires user to have default uid:gid and also additional 4 or 5 groupid access. group ids are random and ideally i would like to avoid giving range of gid's in the yaml file. Is there an efficient way to get this done ? Would anyone be able to show any examples in yaml or point me to reference documents please. Thanks

-- user15087554
kubernetes
security-context

Similar Questions

how to find location of a docker image in pod in GCP?
Liveness / Health probe for Java threaded application
Kubernetes service selector used to select another service and not deployment?
Why does GCE Load Balancer behave differently through the domain name and the IP address?
Why does a Kubernetes Ingress create *two* healthchecks by default on its Load Balancers?

1 Answer

1/27/2021

The setting is called supplementalGroups. Take a look at the example:

apiVersion: v1
kind: Pod
...
spec:
  containers:
  - name: ...
    image: ...
    volumeMounts:
    - name: nfs 
      mountPath: /mnt 
  securityContext: 
    supplementalGroups:
    - 5555
    - 6666
    - 12345 
  volumes:
  - name: nfs 
    nfs:
      server: <nfs_server_ip_or_host>
      path: /opt/nfs
-- Vasili Angapov
Source: StackOverflow