1

I have a windows container module that is supposed to write to a simple text file inside the volumes folder on the host machine. The module is hardcoded to write the same thing to the same file on start up (this is for testing purposes).

Expected behavior

The module is initialized and a volume is created on the host machine and a text file is created in that volume.

Actual Behavior

The module is not allowed to write to its volume and I get the below access permission issue. Volume Access Permission Issue

If I add "Users" to the volume folder and give that group permission to modify the volume then everything works.

Question

Is there a way to do this without changing volume access options manually every time? If not what is the best practice for allowing volume access to its windows container?

Device Info Windows 10 Enterprise LTSC iotedge 1.1.3

DenaM314
  • 11
  • 1
  • You can follow the steps for using volumes with Bind option as described [here](https://learn.microsoft.com/en-us/azure/iot-edge/how-to-access-host-storage-from-module?view=iotedge-2020-11). It shows example for edgeAgent. Can be applied for any custom modules. I hope you have seen the below article on a similar requirement. [How To Share Host Folders to Docker running in Guest Virtualbox Machine (Host>VirtualMachine>Ubuntu>Docker>App)](https://www.pushcommit.com/how-to-share-host-folders-to-docker-running-in-guest-virtualbox-machine-hostvirtualmachineubuntudockerapp-%F0%9F%9B%85/) – AshokPeddakotla Jul 22 '21 at 14:05
  • I did follow that microsoft article for using volumes with Bind option. The problem still stands in that I still have to modify the volume folder access settings before everything works. – DenaM314 Jul 22 '21 at 16:29

1 Answers1

0

Do you have the same behavior in the default path for the Moby engine volumes?

Path: C:\ProgramData\iotedge-moby\volumes

Command to create/set: docker -H npipe:////./pipe/iotedge_moby_engine volume create testmodule

In this volume I never had a problem (currently we use Edge Runtime 1.1.4 + Windows Server 2019).

If we use a directory outside this "default" volume, we need to manually authorize the "Authenticated Users" (Modify, Read, Write, List and Execute) to allow the container/Moby engine to write/read there.

Matthias
  • 3
  • 1