apiVersion: apps/v1
kind: Deployment
metadata:
labels:
k8s-app: spms-standard-support-taskworker
name: spms-standard-support-taskworker
namespace: spms-standard
spec:
selector:
matchLabels:
k8s-app: spms-standard-support-taskworker
template:
metadata:
labels:
k8s-app: spms-standard-support-taskworker
spec:
securityContext:
# 容器运行时进程的属主
runAsUser: 1000
# 容器运行时进程的属组
runAsGroup: 1000
# 文件系统属组
fsGroup: 1000
# 策略变更
fsGroupChangePolicy: "OnRootMismatch"
volumes:
- name: nfs-logs
persistentVolumeClaim:
claimName: nfs-claim-taskworker
containers:
- name: spms-standard-support-taskworker
image: spms-standard-support-taskworker:20231208
imagePullPolicy: IfNotPresent
volumeMounts:
- name: nfs-logs
mountPath: "/logs"
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
namespace: spms-standard
name: nfs-claim-taskworker
spec:
accessModes:
- ReadWriteOnce
#storageClassName: nfs-storage
resources:
requests:
storage: 5Gi
kubernetes 中 deployment 使用 PersistentVolumeClaim使用动态卷以及为 Pod 配置卷访问权限和属主变更策略
于 2023-12-08 16:43:38 首次发布