Podman Kube Play with --userns=auto - How to chown volumes? #22848
-
|
I'm trying to understand how I can use rootfull containers with --userns=auto. I have a Kubernetes YAML spec generated with podman kube generate. The problem is, with the hostUsers set to false, the HUSER could change UID and then it will not be possible for the pod to change files in the volume mount. How can I update the Kubernetes YAML spec to tell Podman to chown (change owner) of the volume to new UID created with hostUsers: false? My current Kubernetes YAML spec: apiVersion: v1
kind: Pod
metadata:
creationTimestamp: "2024-05-15T07:29:14Z"
labels:
app: dns-server-pod
name: dns-server-pod
spec:
hostUsers: false
containers:
- args:
- /etc/dns
env:
- name: DNS_SERVER_DOMAIN
value: dns-server
image: docker.io/technitium/dns-server:latest
name: dns-server
ports:
- containerPort: 53
hostPort: 53
- containerPort: 5380
hostPort: 5380
- containerPort: 53
hostPort: 53
protocol: UDP
volumeMounts:
- mountPath: /etc/dns
name: technitium_config-pvc
volumes:
- name: technitium_config-pvc
persistentVolumeClaim:
claimName: technitium_config
|
Beta Was this translation helpful? Give feedback.
Replies: 2 comments
-
|
if we want to follow what Kubernetes does, then when |
Beta Was this translation helpful? Give feedback.
-
|
I've moved this one to an issue: #22853 |
Beta Was this translation helpful? Give feedback.
I've moved this one to an issue: #22853