Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

readonly mount is not supported in kubernetes yaml #7550

Closed
x70b1 opened this issue Sep 6, 2020 · 5 comments · Fixed by #7586
Closed

readonly mount is not supported in kubernetes yaml #7550

x70b1 opened this issue Sep 6, 2020 · 5 comments · Fixed by #7586
Assignees
@ashley-cui
Labels
kind/feature Categorizes issue or PR as related to a new feature. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.

Comments

@x70b1
Copy link

x70b1 commented Sep 6, 2020

Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)

/kind feature

Description

At the moment a setting like readonly: true is ignored for a mount in a kubernetes yaml.
I found out that it seems to be supported for a cli run: #6380

Steps to reproduce the issue:

spec:
  hostname: dns
  restartPolicy: always
  containers:
    - image: ...
      name: ...
      volumeMounts:
        - name: dnsovertls-config
          mountPath: /etc/unbound/unbound.conf
          readonly: true                                              <------------------------------

  volumes:
    - name: dnsovertls-config
      hostPath:
        path: /srv/podman/dns/dnsovertls/config/unbound.conf
        type: File

Describe the results you received:

The container is still able to write in a file.

Describe the results you expected:

The container should not be able to change a file on the host.

Output of podman version:

podman version 2.0.6
@openshift-ci-robot openshift-ci-robot added the kind/feature Categorizes issue or PR as related to a new feature. label Sep 6, 2020
@vrothberg
Copy link
Member

Thanks for opening the issue, @x70b1!

@ashley-cui, do you have cycles to tackle the issue?

@ashley-cui
Copy link
Member

@vrothberg i'll take a stab at it

@ashley-cui ashley-cui mentioned this issue Sep 10, 2020
Merged
@x70b1
Copy link
Author

x70b1 commented Sep 11, 2020

@ashley-cui Thanks a lot for your work.

I have a note here:

In my initial request I used readonly in the yaml tree.
But the Kubernetes docs call it readOnly.

Should this be fixed? Sorry if this creates work again.
But if podman would be compatible to the kubernetes pod yaml that woud be cool for the future.

@ashley-cui
Copy link
Member

ashley-cui commented Sep 11, 2020
edited
Loading

@x70b1 both readonly and readOnly work with this fix

@x70b1
Copy link
Author

x70b1 commented Sep 11, 2020

Oh, awesome! Thx!

@github-actions github-actions bot added the locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. label Sep 22, 2023
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 22, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@ashley-cui ashley-cui

Labels
kind/feature Categorizes issue or PR as related to a new feature. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add read-only volume mount to play kube ashley-cui/podman
4 participants
@x70b1 @vrothberg @openshift-ci-robot @ashley-cui