I am running kubernetes in Azure where I have created a storage account and an azure file (file share)
From my local Ubuntu machine I can successfully mount the share with:
$ sudo mount -t cifs //mystorage.....windows.net/data /home/demo/azureshare -o vers=3.0,username=mystorage,password=-C5DM...tHRow==
But when I try to do the same from a running ubuntu pod I get:
$ kubectl exec diag-app-9d8fcc878e-5r6g -it bash
root@diag-app-9d8fcc878e-5r6g:~# sudo mount -vv -t cifs //mystorage.....windows.net/data /home/user/azureshare -o vers=3.0,username=mystorage,password=-C5DM...tHRow==
mount.cifs kernel mount options: ip=xx.xxx.xxx.xxx,unc=\\mystorage.....windows.net\data,vers=3.0,user=mystorage,pass=********
mount error(13): Permission denied
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs) and kernel log messages (dmesg)
I have tried with securityContext:
apiVersion: extensions/v1beta1
kind: Deployment
...
spec:
securityContext:
runAsUser: 0
containers:
...
But that gives:
Unable to apply new capability set.
So I have added:
apiVersion: extensions/v1beta1
kind: Deployment
...
spec:
securityContext:
runAsUser: 0
containers:
...
securityContext:
capabilities:
add:
- NET_ADMIN
- SYS_ADMIN
- DAC_READ_SEARCH
But still the same error. And also tried:
apiVersion: extensions/v1beta1
kind: Deployment
...
spec:
containers:
...
securityContext:
runAsUser: 0
capabilities:
add:
- NET_ADMIN
- SYS_ADMIN
- DAC_READ_SEARCH
Still same error.
The above is NOT something I am planning on doing in production I am just trying to understand why I cannot mount the share directly from inside a pod.
Any suggestions?
