我在我的 EKS 集群上运行 theia 代码编辑器,图像的默认用户是我授予 /home/project 的读写权限的 theia。但是,当我在我的 EFS 上挂载该卷 /home/project 并尝试在 /home/project 上读取或写入时,它返回权限被拒绝我尝试使用 initContainer 但仍然是同样的问题:
apiVersion: apps/v1
kind: Deployment
metadata:
name: atouati
spec:
replicas: 1
selector:
matchLabels:
app: atouati
template:
metadata:
labels:
app: atouati
spec:
initContainers:
- name: take-data-dir-ownership
image: alpine:3
command:
- chown
- -R
- 1001:1001
- /home/project:cached
volumeMounts:
- name: project-volume
mountPath: /home/project:cached
containers:
- name: theia
image: 'xxxxxxx.dkr.ecr.eu-west-1.amazonaws.com/theia-code-editor:latest'
ports:
- containerPort: 3000
volumeMounts:
- name: project-volume
mountPath: "/home/project:cached"
volumes:
- name: project-volume
persistentVolumeClaim:
claimName: local-storage-pvc
---
apiVersion: v1
kind: Service
metadata:
name: atouati
spec:
type: ClusterIP
selector:
app: atouati
ports:
- protocol: TCP
port: 80
targetPort: 3000
当我在 /home/project 上执行 ls -l
drwxr-xr-x 2 theia theia 6 Aug 21 17:33 project
在 efs 目录上:
drwxr-xr-x 4 root root 6144 Aug 21 17:32