WSL2 Kubernetes - How to mount local folder with specifying user/group rights
I can think of three possible solutions for this issue:
- You could use the Init Containers. This way the container in a pod which is running as a non-root user can have permissions for the mounted volume. See the example below:
initContainers:- name: set-permissions image: <image_name> # Give user id 555 permissions for the mounted volume command: - chown - -R - 555:555 - /var/lib/data volumeMounts: - name: data mountPath: /var/lib/data
- Another way to give the non-root user an access to the folder where it wants to read and write data is to follow the steps below:
Create user group and assign group ID in Dockerfile.
Create user with user ID and add to the group in Dockerfile.
Change ownership recursively for the folders the user process wants to read/write.
Add the following lines into your Deployment's Pod spec:
spec: securityContext: runAsUser: 1099 runAsGroup: 1099 fsGroup: 1099
runAsUser
: Specifies that for any Containers in the Pod, all processes run with user ID1099
.runAsGroup
: Specifies the primary group ID of1099
for all processes within any containers of the Pod. If this field is omitted, the primary group ID of the containers will beroot(0)
. Any files created will also be owned by user1099
and group1099
whenrunAsGroup
is specified.fsGroup
: Specifies the owner of any volume attached will be owner by group ID1099
.
- Configure volume permission and ownership change policy for Pods (I know it does not suit your use case but I will leave this option here for other community members).