I'm playing with kubernetes and google container engine (GKE).
I deployed a container from this image jupyter/all-spark-notebook
This is my replication controller :
{
"apiVersion": "v1",
"kind": "ReplicationController",
"metadata": {
"name": "datalab-notebook"
},
"spec": {
"replicas": 1,
"selector": {
"app": "datalab-notebook"
},
"template": {
"metadata": {
"name": "datalab-notebook",
"labels": {
"environment": "TEST",
"app": "datalab-notebook"
}
},
"spec": {
"containers": [{
"name": "datalab-notebook-container",
"image": "jupyter/all-spark-notebook",
"env": [],
"ports": [{
"containerPort": 8888,
"name": "datalab-port"
}],
"volumeMounts": [{
"name": "datalab-notebook-persistent-storage",
"mountPath": "/home/jovyan/work"
}]
}],
"volumes": [{
"name": "datalab-notebook-persistent-storage",
"gcePersistentDisk": {
"pdName": "datalab-notebook-disk",
"fsType": "ext4"
}
}]
}
}
}
}
As you can see I mounted a Google Compute Engine Persistent Disk. My issue is that the container uses a non-root user and the mounted disk is owned by root. so my container can not write to the disk.
- Is there a way to mount GCE persistent disks and make them read/write for containers without non-root users?
- Another general question : is it safe to run container with root user in Google Container Engine?
Thank you in advance for your inputs