修改 aks + auzre file & pvc & volume & mysql 关联文件夹的所属用户
问题:mysql 容器中 /var/lib/mysql 执行时需要属于mysql用户
StorageClass
kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
name: smartide-file-storageclass
provisioner: file.csi.azure.com # replace with "kubernetes.io/azure-file" if aks version is less than 1.21
allowVolumeExpansion: true
mountOptions:
- dir_mode=0700
- file_mode=0700
- uid=0
- gid=0
- mfsymlinks
- cache=strict
- actimeo=30
parameters:
skuName: Premium_LRS
PVC
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: ruoyi-db-pvc-claim
namespace: 666fff
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 2Gi
storageClassName: smartide-file-storageclass-db
解决方案1:(不成功)
正在initContainer中增加chown脚本,修改文件夹权限
https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
Deployment
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
reuoyi.service: ruoyi-db
name: ruoyi-db
namespace: 666fff
spec:
replicas: 1
selector:
matchLabels:
reuoyi.service: ruoyi-db
strategy:
type: Recreate
template:
metadata:
labels:
reuoyi.service: ruoyi-db
spec:
restartPolicy: Always
volumes:
- name: ruoyi-db-pvc-claim-storage
persistentVolumeClaim:
claimName: ruoyi-db-pvc-claim
#emptyDir: {}
containers:
- name: ruoyi-db
env:
- name: MYSQL_ROOT_PASSWORD
value: "123"
image: mysql:5.6
ports:
- containerPort: 3306
volumeMounts:
- mountPath: /var/lib/mysql
name: ruoyi-db-pvc-claim-storage
subPath: smartide-db
initContainers:
- name: ruoyi-db-init
image: mysql:5.6
imagePullPolicy: IfNotPresent
securityContext:
runAsUser: 0
privileged: true
command:
- sh
- -c
- echo 'change owner' && chown -R 999:999 /var/lib/mysql && chgrp 999 /var/lib/mysql && ls -la /var/lib/mysql #echo `apt install coreutils` &&
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /var/lib/mysql
name: ruoyi-db-pvc-claim-storage
subPath: smartide-db
解决方案2: (不成功)
修改securityContext
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
reuoyi.service: ruoyi-db
name: ruoyi-db
namespace: 666fff
spec:
replicas: 1
selector:
matchLabels:
reuoyi.service: ruoyi-db
strategy:
type: Recreate
template:
metadata:
labels:
reuoyi.service: ruoyi-db
spec:
restartPolicy: Always
volumes:
- name: ruoyi-db-pvc-claim-storage
persistentVolumeClaim:
claimName: ruoyi-db-pvc-claim
#emptyDir: {}
securityContext:
fsGroup: 999 # 修改文件夹所属用户组为mysql
runAsUser: 999 # 修改容器中的运行用户为mysql
containers:
- name: ruoyi-db
env:
- name: MYSQL_ROOT_PASSWORD
value: "123"
image: mysql:5.6
securityContext:
runAsUser: 999
allowPrivilegeEscalation: false
args:
- --default-authentication-plugin=mysql_native_password
- --character-set-server=utf8mb4
- --collation-server=utf8mb4_unicode_ci
ports:
- containerPort: 3306
volumeMounts:
- mountPath: /var/lib/mysql
name: ruoyi-db-pvc-claim-storage
subPath: smartide-db
解决方案3: (成功)
修改storageClass中的执行用户及组
kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
name: smartide-file-storageclass
provisioner: file.csi.azure.com # replace with "kubernetes.io/azure-file" if aks version is less than 1.21
allowVolumeExpansion: true
mountOptions:
- dir_mode=0700
- file_mode=0700
- uid=999
- gid=999
- mfsymlinks
- cache=strict
- actimeo=30
parameters:
skuName: Premium_LRS
参考:
-
设置volumemount的用户和用户组 https://stackoverflow.com/questions/43544370/kubernetes-how-to-set-volumemount-user-group-and-file-permissions
-
aks 上安装 mysql https://portworx.com/blog/run-ha-mysql-azure-kubernetes-service/
-
WordPress + MySQL + AzureFile https://medium.com/@manumv1/running-wordpress-and-mysql-on-kubernetes-cluster-using-azurefile-as-persistent-volume-type-e63393b19d8c
同样的方法做一次确不成功!
-
mysql官方库中的issue,nfs + 动态配置无法运行,有一些相似性 https://github.com/docker-library/mysql/issues/647
欢迎在评论区留下你宝贵的意见,不论好坏都是我前进的动力(cnblogs 排名提升)!
如果喜欢,记得点赞、推荐、关注、收藏、转发 ... ;)