背景:
云平台k8s上部署gitlab代码仓库服务,其中需要把存放代码的文件夹持久化。
但是一旦将存放代码的目录挂载持久卷,则pod无法启动,并报错:“changing ownership operation not permitted”。如果不挂载这个目录的话,可以正常启动。
进入容器查看权限,发现是这个文件夹的权限问题,于是采用了"initContainers"来尝试解决,但是还是失败了:如果在initContainers中使用命令,则会报错:“Back-off restarting failed container”;如果不适用命令,则没有修改权限,报错还是“changing ownership operation not permitted”。
下面附上我的deployment的yaml:
kind: Deployment
metadata:
name: gitlab
namespace: sga
labels:
name: gitlab
spec:
replicas: 1
selector:
matchLabels:
name: gitlab
template:
metadata:
name: gitlab
creationTimestamp: null
labels:
name: gitlab
spec:
volumes:
- name: data
persistentVolumeClaim:
claimName: gitlab
initContainers:
- args:
- -c
- chmod 755 /home/git/data && chown 1000:1000 /home/git/data
command:
- /bin/sh
name: init-gitlab
image: 'centos'
resources: {}
volumeMounts:
- name: data
mountPath: /home/git/data
imagePullPolicy: IfNotPresent
securityContext:
privileged: true
procMount: Default
containers:
- name: gitlab
image: 'samegitlab:11.8.1'
ports:
- name: http
containerPort: 80
protocol: TCP
- name: ssh
containerPort: 22
protocol: TCP
env:
- name: TZ
value: Asia/Kolkata
- name: GITLAB_TIMEZONE
value: Beijing
- name: GITLAB_SECRETS_DB_KEY_BASE
value: long-and-random-alpha-numeric-string
- name: GITLAB_SECRETS_SECRET_KEY_BASE
value: long-and-random-alpha-numeric-string
- name: GITLAB_SECRETS_OTP_KEY_BASE
value: long-and-random-alpha-numeric-string
- name: GITLAB_HTTPS
value: 'true'
resources:
limits:
cpu: '4'
memory: 8Gi
requests:
cpu: '2'
memory: 4Gi
volumeMounts:
- name: data
mountPath: /home/git/data
请大家帮忙看看问题出在哪?
我想要达到的效果就是pod能够正常运行,并且能够将/home/git/data目录持久化存储
