CODEWITHSUNDEEP
kubernetes
Dolphin
Dolphin

Reputation: 39095

how to make chown command worked in nfs share folder

I am make a nfs file share and using it in kubernetes pods, but when I start pods, it give me tips :

2020-05-31 03:00:06+00:00 [Note] [Entrypoint]: Entrypoint script for MySQL Server 5.7.30-1debian10 started.
chown: changing ownership of '/var/lib/mysql/': Operation not permitted

I searching from internet and understand the nfs default map other root login to nfsnobody account, if the privillege not correct, this error should happen, but I follow the steps and still not solve it. This is the ways I having tried:

1 addd unsecure config no_root_squash in /etc/exports:

/mnt/data/apollodb/apollopv *(rw,sync,no_subtree_check,no_root_squash)

2 remove the PVC and PV and directly using nfs in pod like this:

volumes:
        - name: apollo-mysql-persistent-storage
          nfs:
            server: 192.168.64.237
            path: /mnt/data/apollodb/apollopv
      containers:
        - name: mysql
          image: 'mysql:5.7'
          ports:
            - name: mysql
              containerPort: 3306
              protocol: TCP
          env:
            - name: MYSQL_ROOT_PASSWORD
              value: gfwge4LucnXwfefewegLwAd29QqJn4
          resources: {}
          volumeMounts:
            - name: apollo-mysql-persistent-storage
              mountPath: /var/lib/mysql
          terminationMessagePath: /dev/termination-log
          terminationMessagePolicy: File
          imagePullPolicy: IfNotPresent
      restartPolicy: Always
      terminationGracePeriodSeconds: 30
      dnsPolicy: ClusterFirst
      securityContext: {}
      schedulerName: default-scheduler

this tell me the problem not in pod define but in the nfs config itself.

3 give every privillege using this command

chmod 777 /mnt/data/apollodb/apollopv

4 chown to nfsnobody like this

sudo chown nfsnobody:nfsnobody -R apollodb/
sudo chown 999:999 -R apollodb

but the problem still not solved,so what should I try to make it works?

Upvotes: 0

Views: 4373

Answers (1)

coderanger
coderanger

Reputation: 54267

You wouldn't set this via chown, you would use fsGroup security setting instead.

Upvotes: 4

Related Questions