We wouldn't recommend allowing untrusted Pods to use hostPath volumes since that would effectively give them root on the Node.
Another option would be to use the NFS plugin directly as mentioned in Example 4 on http://stackoverflow.com/questions/35364367/share-persistent-volume-claims-amongst-containers-in-kubernetes-openshift You'd have to be OK with any pod in your environment being about to mount that data. That obviously won't work in every environment either. The right way for this to be solved is with an admission controller which would allow admins to enforce Pod volume defaults under certain conditions. We don't yet have a prioritized card for that so we can't commit to it just yet. --Brenton On Wed, Mar 2, 2016 at 12:51 PM, Srinivas Naga Kotaru (skotaru) <[email protected]> wrote: > Hi > > We have a requirement of of mounting a small volume across all apps. This > volume is not a application specific but required by all apps during run > time to connect to an integration component. > > This common volume is already mounted on all nodes using auto mount. Now we > want to expose this auto mount to all running pods. That is requirement. We > need only read access to this NFS based auto mount > > Since this is required by all apps, what is the best way to mount on all > apps? PV and PVC approach might not work since it required all projects and > all apps. > > NFS storage plug-in support path based mounting without PV and PVC? Is it > true? Also seen hostpath based volume mounts. What is difference on both > these approaches and what is recommended? > > > -- > Srinivas Kotaru > > _______________________________________________ > users mailing list > [email protected] > http://lists.openshift.redhat.com/openshiftmm/listinfo/users > _______________________________________________ users mailing list [email protected] http://lists.openshift.redhat.com/openshiftmm/listinfo/users
