Is this a BUG REPORT or FEATURE REQUEST?:
/kind bug
What happened: I created a StatefulSet with the pod's securityContext specifying fsGroup: 1000 and volumeClaimTemplates[0].spec.accessModes: ["ReadWriteOncePod"]
What you expected to happen:
The PV's filesystem should have been writeable by UID 1000. Instead it was owned by root. Switching the accessMode to ReadWriteOnce fixed the issue.
the result will be "permission denied". delete the resources with kubectl delete, and also delete the PVC and PV. then change ReadWriteOncePod to ReadWriteOnce and repeat the steps above. the touch command will succeed.
Is this a BUG REPORT or FEATURE REQUEST?: /kind bug
What happened: I created a StatefulSet with the pod's securityContext specifying fsGroup: 1000 and volumeClaimTemplates[0].spec.accessModes: ["ReadWriteOncePod"]
What you expected to happen: The PV's filesystem should have been writeable by UID 1000. Instead it was owned by root. Switching the accessMode to ReadWriteOnce fixed the issue.
How to reproduce it (as minimally and precisely as possible): kubectl apply -f these resources https://gist.github.com/vrevelas/50bf5ba8c9aeecd60183ba31b90370f7 kubectl exec -ti fsgroup-issue-repro-0 -- sh touch /test/hello
the result will be "permission denied". delete the resources with kubectl delete, and also delete the PVC and PV. then change ReadWriteOncePod to ReadWriteOnce and repeat the steps above. the touch command will succeed.
Anything else we need to know?:
Environment:
uname -a): 5.4.0-193-generic