Kubernetes volumeMount文件夹和文件权限?

Kubernetes volumeMount folder and file permissions?

正在尝试将配置文件从 hostPath 挂载到 kubernetes 容器。这可以使用 minikube 和 VirtualBox 共享文件夹,但我无法在 Linux.

上完成这项工作

我使用 AWS EKS 和以下架构 https://aws.amazon.com/quickstart/architecture/amazon-eks/。我认为我的问题是文件需要存在于每个 EKS 节点实例上。

架构图如下:

下面是部署文件。

apiVersion: apps/v1
kind: Deployment
metadata:
  name: openhim-core-deployment
spec:
  replicas: 1
  selector:
    matchLabels:
      component: openhim-core
  template:
    metadata:
      labels:
        component: openhim-core
    spec:
      volumes:
        - name: core-config
          hostPath:
            path: /var/config/openhim-core
      containers:
        - name: openhim-core
          image: jembi/openhim-core:5.rc
          ports:
            - containerPort: 8080
            - containerPort: 5000
            - containerPort: 5001
          volumeMounts:
            - name: core-config
              mountPath: /usr/src/app/config
          env:
            - name: NODE_ENV
              value: development

在经历了很多痛苦之后,我发现我正在尝试将配置放在我可以访问 kubectl 的 Linux Bastion 主机上,但实际上这个配置必须在每个 EC2 实例上可用性区域。

我的解决方案是使用 initContainer。

apiVersion: apps/v1
kind: Deployment
metadata:
  name: openhim-core-deployment
spec:
  replicas: 1
  selector:
    matchLabels:
      component: openhim-core
  template:
    metadata:
      labels:
        component: openhim-core
    spec:
      volumes:
        - name: core-config
          hostPath:
            path: /var/config/openhim-core
      containers:
        - name: openhim-core
          image: jembi/openhim-core:5
          ports:
            - containerPort: 8080
            - containerPort: 5000
            - containerPort: 5001
          volumeMounts:
            - name: core-config
              mountPath: /usr/src/app/config
          env:
            - name: NODE_ENV
              value: development
      initContainers:
        - name: install
          image: busybox
          command:
          - wget
          - "-O"
          - "/usr/src/app/config/development.json"
          - https://s3.eu-central-1.amazonaws.com/../development.json
          volumeMounts:
            - name: core-config
              mountPath: "/usr/src/app/config"      
      volumes:
        - name: core-config
          emptyDir: {}