chown:更改"/data/db"的所有权:不允许操作 [英] chown: changing ownership of '/data/db': Operation not permitted
问题描述
我们可以使用nfs卷插件在kubernetes集群中维护高可用性和灾难恢复吗?
Can we use nfs volume plugin to maintain the High Availability and Disaster Recovery among the kubernetes cluster?
我正在使用MongoDB运行Pod.收到错误
I am running the pod with MongoDB. Getting the error
chown:更改'/data/db'的所有权:不允许操作.
chown: changing ownership of '/data/db': Operation not permitted .
阴云密布,请建议我如何解决错误? (或)
Cloud any body, Please suggest me how to resolve the error? (or)
在kubernetes集群中是否建议使用任何替代的卷插件来实现HA-DR?
Is any alternative volume plugin is suggestible to achieve HA- DR in kubernetes cluster?
推荐答案
chown:更改'/data/db'的所有权:不允许操作.
chown: changing ownership of '/data/db': Operation not permitted .
您可能希望以root的形式启动mongo容器,以便可以 chown目录,或者如果图像禁止该目录(因为某些图像已经具有root),然后执行以下两项操作之一:用containers:中的securityContext节取代用户,或使用initContainer:抢先将目标文件夹更改为mongo UID:
You'll want to either launch the mongo container as root, so that you can chown the directory, or if the image prohibits it (as some images already have a USER mongo clause that prohibits the container from escalating privileges back up to root), then one of two things: supersede the user with a securityContext stanza in containers: or use an initContainer: to preemptively change the target folder to be the mongo UID:
方法1:
containers:
- name: mongo
image: mongo:something
securityContext:
runAsUser: 0
(可能需要更改集群的配置,以使此类内容出现在PodSpec中)
方法2(这是我与Elasticsearch图像一起使用的方法):
Approach #2 (which is the one I use with Elasticsearch images):
initContainers:
- name: chmod-er
image: busybox:latest
command:
- /bin/chown
- -R
- "1000" # or whatever the mongo UID is, use string "1000" not 1000 due to yaml
- /data/db
volumeMounts:
- name: mongo-data # or whatever
mountPath: /data/db
containers:
- name: mongo # then run your container as before
这篇关于chown:更改"/data/db"的所有权:不允许操作的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
