Configurable volume mount options

Question

Configurable volume mount options

Opened this issue 3 years ago · 4 comments

I'm struggling with deploying a container with mounted volume. Container uses non-root user. I realized that Konlet mounts a device as root and doesn't let one to pass any custom mount options . Because of permission issues the container doesn't work as expected.

Maybe I'm looking at wrong place. Maybe the problem should be solved in a different way, not on the Konlet side.

I'll appreciate any suggestions.

Answer 1 · 2021-08-12T20:57:42.000Z

^ @pderkowski

Answer 2 · 2022-03-14T14:58:19.000Z

What kind of error are you getting ?

Answer 3 · 2022-05-23T17:19:13.000Z

@jfragoulis — I'm also running into an issue where I think I'd benefit from more configuration options for how persistent disks are mounted:

The mount points on the host are created with permissions 0755 and are owned by root. My container is running as a non-root user, so cannot write to directory that this mounted disk is subsequently bound to. I think that I'd like the option to set the permissions of the mount point (or perhaps the owning user).

My planned work around is either to:

add a startup-script to the instances that manually creates the mountpoint so that MkdirAll is a noop (though I worry about the brittleness of hardcoding the expected path)
somehow change the docker image to initially run as root before dropping permissions (though this is a mostly-vendor supplied image that I don't have a ton of visibility into)
Would appreciate any suggestions on workarounds too.

Answer 4 · 2022-10-25T14:41:21.000Z

@louissobel I'm in the same situation - non root container, external regional disks attached to per-instance-configs. I ended up using cloud-init (via user-data metadata key) to makefs, mount, and chmod the resulting dir:

metadata = {
    user-data = file("${path.module}/cloud-init.yaml")
}

cloud-init.yaml:

#cloud-config

runcmd:
  - ['/sbin/mkfs.ext4', '-m', '0', '-E', 'lazy_itable_init=0,lazy_journal_init=0,discard', '/dev/disk/by-id/google-data']
  - ['mkdir', '-p', '/mnt/disks/data']
  - ['mount', '-o', 'discard,defaults', '/dev/disk/by-id/google-data', '/mnt/disks/data']
  - 'echo -en "UUID=$(/sbin/blkid -s UUID -o value /dev/disk/by-id/google-data) /mnt/disks/data ext4 discard,defaults,nofail 0 2\n" >> /etc/fstab'
  - ['chmod', 'a+w', '/mnt/disks/data']

cloud-init runs on every restart, so updating /etc/fstab is probably unnecessary. /etc/ is reset on each boot, so these commands should all be idempotent.

Due to how cloud-init functionality is limited by cos special features, I was unable to get cloud-init's fs_setup & mounts modules to work, so just threw everything into runcmd instead.