本文主要描述使用容器服务时,关于容器存储(PV、PVC、SC)的注意事项、操作配置建议和使用方法最佳实践。
挂载对象存储(TOS)类型的存储卷(PV)时,默认使用 Linux root 权限进行挂载。如果需要其它权限的用户修改 TOS 存储卷挂载配置,您可以在 TOS 静态存储卷中增加addtional_args字段,例如addtional_args: "-o allow_other"。完整的存储卷示例代码如下所示:
apiVersion: v1 kind: PersistentVolume metadata: name: pv-tos spec: accessModes: - ReadWriteMany capacity: storage: 1Gi csi: driver: tos.csi.volcengine.com volumeHandle: pv-tos volumeAttributes: # Replaced by the url of your region. url: "http://tos-s3-cn-beijing.volces.com" # Replaced by the bucket name you want to use. bucket: "csi-test" # Replaced by the subPath in bucket you want to use. path: /test # You can specify any other options used by the s3fs command in here. additional_args: "-o allow_other" nodePublishSecretRef: # Replaced by the name and namespace of your secret. name: tos-secret namespace: kube-system