Django can't access Azure mounted storage

Question

I am running my Djagno app (python 2.7, django 1.11) on an Azure server using AKS (kubernetes).

I have a persistent storage volume mounted at /data/media . When I try to upload files through my app, I get the following error:

Exception Value: [Errno 13] Permission denied: '/data/media/uploads/<some_dir>'
Exception Location: /usr/local/lib/python2.7/os.py in makedirs, line 157

The problematic line in os.py is the one trying to create a directory mkdir(name, mode) .

When I use kubectl exec -it <my-pod> bash to access the pod (user is root), I can easily cd into the /data/media directory, create sub-folders and see them reflected in the Azure portal. So my mount is perfectly fine.

I tried chmoding /data/media but that does not work. It seems like I cannot change the permissions of the folders on the mounted persistent volume, nor can I add users or change groups. So, it seems there is no problem accessing the volume from my pod, but since Django is not running as root, it cannot access it.

Ho do I resolve this? Thanks.

Answer 1

It turns out that since the Azure file share mount is actually owned by the k8s cluster, the Docker containers running in the pods only mount it as an entry point but cannot modify its permissions since they do not own it.

The reason it started happening now is explained here:

... it turned out that the default directory mode and file mode differs between Kubernetes versions. So while the the access mode is 0777 for Kubernetes v1.6.x, v1.7.x, in case of v1.8.6 or above it is 0755

So for me the fix was adding the required access permissions for the mounted volume to k8s spec like so:

---
apiVersion: v1
kind: PersistentVolume
metadata:
  name: <volumeName>
  annotations:
    volume.beta.kubernetes.io/storage-class: <className>
spec:
  mountOptions:
    - dir_mode=0777
    - file_mode=0777
  accessModes:
    - ReadWriteMany
...

** I wrote 0777 as an example. You should carefully set what's write for you.

Hope this helps anyone.