search

kubernetes-sigs / nfs-subdir-external-provisioner

Dynamic sub-dir volume provisioner on a remote NFS server.
Apache License 2.0
2.52k stars 751 forks source link

v4 support and read only mounts #329

Open dberardo-com opened 6 months ago

dberardo-com commented 6 months ago

hi there, my use case:

so basically i already have data in nfs server and need the container to access that in readonly mode ...

the problem is that if i create a PVC the provisioner complains with "read only file system" ... which is correct ... but how to achieve this then ?

4censord commented 6 months ago

It sounds like you don't need a provisioner, but a simple PV or just a volume option. Kubernetes can directly mount NFS as a pod volume.

apiVersion: v1
kind: Pod
metadata:
  name: test-pd
spec:
  containers:
  - image: registry.k8s.io/test-webserver
    name: test-container
    volumeMounts:
    - mountPath: /my-nfs-data
      name: test-volume
  volumes:
  - name: test-volume
    nfs:
      server: my-nfs-server.example.com
      path: /my-nfs-volume
      readOnly: true
      # unsure if works
      # mountOptions: []
dberardo-com commented 6 months ago

thanks for the hint. i indeed was aware of this, but since i am using k3s as distribution, there NFS is not available out of the box so i am not sure what to do to install it

4censord commented 6 months ago

check if your host has all the tools for mounting nfs (e.g. on debian apt install nfs-common) If it still does not work, i'm not sure. Check the docs of k3s maybe

dberardo-com commented 6 months ago

hi there, i had checked k3s doc already and could not find out any official way to install a new nfs "storageclass" although i wouldnt call it that way in the case of k8s.

currently i am mounting the nfs volume manually on the host (i.e. outside k8s) and then i pods are accessing via hostPath mount ... which is not ideal of course.

that's why i was looking for a way to deal with it directly in k8s ... should i perhaps try a different approach and use rather a cifs provider ? https://www.datree.io/helm-chart/cifs-share-lippertmarkus

4censord commented 6 months ago

Can you specify again exactly what you are trying to do? You are confusing me.

In the original post you said you have an NFSv4 server, that already contains data. You want to mount this into a pod. It should be mounted read-only.

What i don't get is why you want to use a provisioner for that.

4censord commented 6 months ago

Why don't you just create a PV from your NFSv4 server, and then use that in your pod?

https://kubernetes.io/docs/concepts/storage/volumes/#nfs

apiVersion: v1
kind: PersistentVolume
metadata:
  name: nfs
spec:
  capacity:
    storage: 1Mi
  accessModes:
    - ReadOnlyMany
  nfs:
    server: nfs-server.default.svc.cluster.local
    path: "/"
  mountOptions:
    - nfsvers=4.2

That should also work with k3s no problem.

dberardo-com commented 6 months ago

i will try that once again, but i recall having given it a shot and it was not working. as also highlighted in this recent post: https://zaher.dev/blog/k3s-with-nfs-storage-class

k8s-triage-robot commented 3 months ago

The Kubernetes project currently lacks enough contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

You can:

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

dberardo-com commented 3 months ago

/remove-lifecycle stale

k8s-triage-robot commented 3 days ago

The Kubernetes project currently lacks enough contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

You can:

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale