白眉大叔 使用initContainers设置权限
spec:
template:
spec:
initContainers:
- name: fix-permissions
image: busybox
command: ['sh', '-c']
args:
- |
mkdir -p /app/logs
chown 1000:1000 /app/logs
volumeMounts:
- name: logs-volume
mountPath: /app/logs
securityContext:
runAsUser: 0 # 以root运行init container来设置权限
containers:
- name: containe-recommend
image: >-
registry.cn-hangzhou.aliyuncs.com/kattgatt-app/camet-app2-recommend:REALEASE-26
volumeMounts:
- name: host-time
readOnly: true
mountPath: /etc/localtime
- name: volume-yxyouf
readOnly: true
mountPath: /app/.env
subPath: .env
- name: logs-volume
mountPath: /app/logs
securityContext:
allowPrivilegeEscalation: false
runAsNonRoot: true
runAsUser: 1000
runAsGroup: 1000
欢迎来撩 : 汇总all
