Non root user deployment on GKE with file store mo...

abhishekshinde · 12-23-2022 03:32 AM

Please share the process of deployment on GKE with non root user whereas file share is mounted on Pods. I have tried to deployment with non root on GKE. But I have found that I got a permission denied error while writing files over a mounted file share. I have followed the steps mentioned on https://cloud.google.com/filestore/docs/access-control and https://cloud.google.com/filestore/docs/creating-instances.

We have set security context below.

securityContext:
runAsUser: 1000
runAsGroup: 1000
fsGroup: 1000

dionv

Hello abhishekshinde,

When you run the security context, was it on the pod level? Based on some of the articles I encountered, they suggested to running the security context on a pod level so it will not run as a root user.

abhishekshinde

Yes, it's pod level. I'm unable to write files over file store with non root user.

buptliuwei

hello,

facing the same problem, have you resolved it?

MaxImbrox

Hi guys,

I think that the problem is not ad pod level, so not related to containers, but on how the share is configured and mounted to the microservices. Could you please share the specific error that you encounter?

Non root user deployment on GKE with file store mounted on pods