Closed Dobosz closed 6 months ago
I can confirm that setting fsGroup
on pod's security context solves the issue. I can PR this, but it's important to note it's dependent on the image's id
used in runtime.
@Dobosz I saw you pushed the commit in your fork, can you open a PR? the change LGTM and I'd do the same fix
Custom agent running on stateful set mounts volume with
755
and is owned byid=0
. Since container is running on userid=10000
there is no write permission on mounted disk. I understand this is not desired behaviour.Agent description:
Runtime
My runtime is GCP GKE cluster version
1.27.5-gke.200
running on autopilot. Thedefault
storage class is as follows:It's probably a GKE specific issue, but I've not tested it yet on other runtime yet.