Hi, I setup ceph rbd with openshift origin 3.6.
I read document about ceph volume and volume security. https://docs.okd.io/3.6/install_config/persistent_storage/pod_security_context.html#supplemental-groups https://docs.okd.io/3.6/install_config/persistent_storage/persistent_storage_ceph_rbd.html It seemed that for ceph rbd, fsGroups rather than supplemental groups should be used. In my test, I didn't specify fsGroup for pods. But it worked. It seemed that supplemental groups was used as file groups for mounted volumes. I also run the same test in anther testing environment. Pods failed to start and reported permission issues for the mounted volume. However, pv and pvc were created successfully. I have two questions as below, 1, Could only fsGroup be used for ceph rbd? Could supplemental groups also be used? 2, Behavior is different in my two test environments. One succeed and one failed. Except supplemental groups and fsGroups, is there any other settings that could affect volume access? -- Thanks, Jared Interested in big data, cloud computing _______________________________________________ dev mailing list dev@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/dev
