Reputation: 883
`kubectl cp` to a pod is failing because of Permission Denied
When I try to copy a small file to a Kubernetes pod, it fails with the following error:
:~ $kubectl cp /tmp/a default/resolver-proxy-69dc786fcf-5rplg:/usr/local/bin/ --no-preserve=true
tar: a: Cannot open: Permission denied
tar: Exiting with failure status due to previous errors
command terminated with exit code 2
Could someone please help me how to fix this? I am running Kubernetes on minikube.
I also see another Postgres Pod in a Error state because of similar error:
:~ $kubectl logs postgres-7676967946-7lp9g postgres
tar: /var/lib/postgresql/data: Cannot open: Permission denied
tar: Error is not recoverable: exiting now
Upvotes: 26
Views: 35690
Answers (3)
Reputation: 2935
I came here looking for a solution to the problem the OP described. The answer that @Tummala Dhanvi supplied appears to be the universal answer for most cases, confirmed by multiple other sites, however for mine it was not the correct solution.
We run hundreds of containers (some that run as root and some that do not). For my case specifically I was trying to kubectl cp a file into a container that wasn't running as root but trying to copy the file into the container at the root directory (/).
My fix for this just to change the destination path in the container to a lower directory where the running user did have permissions:
kubectl cp myfile.tar -c [container] [namespace]/[pod]:/opt/userwritabledirectory
Upvotes: 1
Reputation: 101
If need it for dev environment, it can be done with pod security constraints.
spec:
template:
spec:
containers:
...
securityContext:
runAsUser: 0
As a result kubectl is connected to pod as root
Upvotes: 1
Reputation: 3380
For kubectl cp try copying first to /tmp folder and then mv the file to the path required by shifting to root user
kubectl cp /tmp/a default/resolver-proxy-69dc786fcf-5rplg:/tmp/
then exec into the pod and change to root and copy to the path required.
For the second issue exec into the pod and fix the permissions by running the below command. Postgres need to be able to read and write to the Postgres path.
chown -R postgres:postgres /var/lib/postgresql/
Upvotes: 43
Related Questions
- Unable to Copy data from POD to local using kubectl cp command
- Why can't copy a file from pod to my local
- 'kubectl cp' command doesn't copy the target directory but its contents
- k8s Permission Denied issue
- Unable to copy file from pod to my local desktop
- Kubernetes kubectl copy command failing
- How to Do Kubectl cp from running pod to local,says no such file or directory
- kubectl exec: Permission denied
- Copy command crash pod startup on Kubernetes
- Permissions error while setting up kubernetes pod