How to include "readonly" and selinux context ":z" in kubernetes pod definition ?

Solution Unverified - Updated -

Issue

  • How to include "readonly" and selinux context ":z" in kubernetes pod definition ?

Snip from the pod definition

volumeMounts:
      - name: storage
        mountPath: /storage
      - name: secret
        readOnly: true
        mountPath: /secret:z

While deploying the pod, following message is seen in the logs

Mar 24 17:01:22 XXXXX docker[2242]: time="2016-03-24T17:01:22.895864834Z" level=error msg="Handler for POST /containers/{name:.*}/start returned error: Invalid volume specification: /var/lib/kubelet/pods/17182cf7-f1d5-11e5-8219-5254006f3eb2/volumes/kubernetes.io~secret/secret:/secret:z:ro"

Environment

  • Red Hat Enterprise Linux 7
  • Red Hat Enterprise Atomic Host 7
  • Kubernetes 1.2

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content