To answer my own question. I've found this: https://github.com/kubernetes/kubernetes/issues/104095#issuecomment-1276873578 With it, we just "command inject" the correct fs to the mount command and everything works. Yeah, it's a hack, but it works ;) On Mon, 2022-12-19 at 18:21 +0000, Carlos Mogas da Silva wrote: > Hi! > > I have a Ceph cluster that has 2 cephfs filesystems, and one of them is specific to the k8s > cluster. > > Last time I did this I only had one, so this issue didn't exist. > I'm trying to mount the CephFS like this: > > volumes: > - name: data > cephfs: > monitors: > - 10.0.11.2 > path: /portainer > user: k8s > fsname: k8s > secretRef: > name: ceph-secret > > and the k8s host has this on the /etc/ceph/ceph.client.k8s.keyring file > > [client.k8s] > key = <snip> > caps mds = "allow rw fsname=k8s" > caps mgr = "profile rbd pool=k8s_rbd" > caps mon = "profile rbd, allow r fsname=k8s" > caps osd = "profile rbd pool=k8s_rbd, allow rw tag cephfs data=k8s" > > > While I can actually mount the filesystem on the host (using mount -t ceph k8s@.k8s=/ /mnt) trying > to mount the filesystem on the container fails with Permission denied which leads me to think that > it's trying to mount the other FS that exists on the cluster. > > Is there any way I can specify the fs on the yaml configuration of the k8s service, or just force > the fs on the keyring? > _______________________________________________ > ceph-users mailing list -- ceph-users@xxxxxxx > To unsubscribe send an email to ceph-users-leave@xxxxxxx _______________________________________________ ceph-users mailing list -- ceph-users@xxxxxxx To unsubscribe send an email to ceph-users-leave@xxxxxxx
 |