chown:更改“/data/db"的所有权:不允许操作 [英] chown: changing ownership of '/data/db': Operation not permitted
问题描述
能否使用nfs volume plugin来维护kubernetes集群间的高可用和容灾?
Can we use nfs volume plugin to maintain the High Availability and Disaster Recovery among the kubernetes cluster?
我正在使用 MongoDB 运行 pod.获取错误
I am running the pod with MongoDB. Getting the error
chown:更改/data/db"的所有权:不允许操作.
chown: changing ownership of '/data/db': Operation not permitted .
云任何机构,请建议我如何解决错误?(或)
Cloud any body, Please suggest me how to resolve the error? (or)
是否有任何替代的卷插件可以在 kubernetes 集群中实现 HA-DR?
Is any alternative volume plugin is suggestible to achieve HA- DR in kubernetes cluster?
推荐答案
chown:更改/data/db"的所有权:不允许操作.
chown: changing ownership of '/data/db': Operation not permitted .
您需要以 root
身份启动 mongo 容器,以便您可以 chown
目录,或者如果图像禁止它(因为一些图像已经有一个 USER mongo
子句,禁止容器将权限提升回 root
),然后两件事之一:用 <containers:
中的 code>securityContext 节或使用 initContainer:
抢先将目标文件夹更改为 mongo UID:
You'll want to either launch the mongo container as root
, so that you can chown
the directory, or if the image prohibits it (as some images already have a USER mongo
clause that prohibits the container from escalating privileges back up to root
), then one of two things: supersede the user with a securityContext
stanza in containers:
or use an initContainer:
to preemptively change the target folder to be the mongo UID:
方法一:
containers:
- name: mongo
image: mongo:something
securityContext:
runAsUser: 0
(这可能需要更改集群的配置以允许此类内容出现在 PodSpec
中)
方法#2(这是我用于 Elasticsearch 图像的方法):
Approach #2 (which is the one I use with Elasticsearch images):
initContainers:
- name: chmod-er
image: busybox:latest
command:
- /bin/chown
- -R
- "1000" # or whatever the mongo UID is, use string "1000" not 1000 due to yaml
- /data/db
volumeMounts:
- name: mongo-data # or whatever
mountPath: /data/db
containers:
- name: mongo # then run your container as before
这篇关于chown:更改“/data/db"的所有权:不允许操作的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!