jrz
Reputation: 1397
readOnlyRootFilesystem prevents my code from writing logs
I added in my deployment readOnlyRootFilesystem: true but running my code ends with the following error:
OSError: [Errno30] Read-only file system: '/project/logs/dbt.log'
But /project/logs/dbt.log is NOT a root path.
Any idea why does it happen?
here's a more elaborated manifest I'm using:
spec:
containers:
.
.
.
.
securityContext:
capabilities:
drop:
- ALL
privileged: false
readOnlyRootFilesystem: true
runAsNonRoot: true
.
.
.
.
securityContext:
fsGroup: 2000
runAsNonRoot: true
runAsUser: 101
Upvotes: 1
Views: 7744
Answers (1)
gohm'c
Reputation: 15530
You can mount a temporary volume (same lifespan as your pod) to avoid writing to root:
spec:
volumes:
- name: logs
emptyDir: {}
containers:
.
.
securityContext:
capabilities:
drop:
- ALL
privileged: false
readOnlyRootFilesystem: true
runAsNonRoot: true
volumeMounts:
- name: logs
mountPath: /project/logs
Upvotes: 1
Related Questions
- JSON variable substitution in appsettings.json file is not working in Azure DevOps Releases
- Using parameters.xml to set parameters on scope ApplicationInsights.config
- How do I substitute values appsettings.json in a test project in Azure DevOps release pipeline?
- Using appsettings.json in C# selenium automation project
- Azure : appsettings.json variable substitution in AzureRmWebAppDeployment task
- Using App.Config to derive which class/variables to use
- How to drive app config value via my test scenario
- Windows Azure: how do I expose a configuration setting as an environment variable?
- Using values from AppConfig file in C#
- Variables in XML configuration