• How to set filesystem permissions on Volumes for non-root containers

    3 min read

    kubernetes fsGroup Volume

    As a best practice we should try run containers with the minimum privileges they require: If we want to run a container with a non-root user we need to specify the user we want to use with securityContext.runAsUser (unless the container is not already using a non-privileged user).

    By doing so when working with Volumes we might get a Permission denied while accessing the container


  • fsGroupChangePolicy for Kubernetes Volumes

    2 min read

    kubernetes fsGroup Volume fsGroupChangePolicy

    When running a pod as a non-root user, you must specify a fsGroup in the securityContext section so that the volume can be readable and writable by the Pod.



From pet to cattle
Treat your kubernetes clusters like cattle, not pets