Is azureFile volume only works with namespace 'default'?

[neerajkr1988]

Kubernetes version: 1.19.7

[GitHub](https://github.com/kubernetes/examples/tree/master/staging/volumes/azure_file)

---

apiVersion: v1
data:
azurestorageaccountkey: *******
azurestorageaccountname: *******
kind: Secret
metadata:
name: custom-secret-sa
namespace: custom
type: Opaque

---

apiVersion: v1
kind: Pod
metadata:
name: azure
namespace: custom
spec:
containers:

• image: kubernetes/pause
  name: azure
  volumeMounts:
  • name: azure
    mountPath: /mnt/azure
    volumes:
  • name: azure
    azureFile:
    secretName: custom-secret-sa
    shareName: myshare
    readOnly: true

##Error: MountVolume.SetUp failed for volume "azure" : Couldn't get secret default/custom-secret-sa

I am trying to create a pod to namespace 'custom', but it fails due to the unavailability of storage account secret to namespace 'default', Am I missing something?

[houchenshead]

Hi,

After upgrading to v1.19.7 we noted that all azure file mounts in our cluster failed to read secrets from anywhere but the default namespace. I'm not sure if this was intentional but it certainly was unexpected as previously the secret was read from the colocated namespace, which is our preference, rather than default. Looking at https://github.com/kubernetes/examples/blob/master/staging/volumes/azure_file/azure-pv.yaml I can see that a namespace can be defined but we found that this failed validation.

For now the secrets have been moved into the default namespace but any guidance on how we can avoid this would be greatly received.

Many thanks,

Col

[matt-byrne]

I'm seeing exactly the same issue after upgrading to 1.19.7. Regardless of the namespace of the deployment/pod referencing the azurefile resource, it wants the secret to be in the default namespace. Any update on this?

[sonata82]

It seems this commit fixes the problem.

[k8s-triage-robot]

The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs.

This bot triages issues and PRs according to the following rules:

• After 90d of inactivity, lifecycle/stale is applied
• After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
• After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

• Mark this issue or PR as fresh with /remove-lifecycle stale
• Mark this issue or PR as rotten with /lifecycle rotten
• Close this issue or PR with /close
• Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

[k8s-triage-robot]

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs.

This bot triages issues and PRs according to the following rules:

• After 90d of inactivity, lifecycle/stale is applied
• After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
• After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

• Mark this issue or PR as fresh with /remove-lifecycle rotten
• Close this issue or PR with /close
• Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle rotten

[k8s-triage-robot]

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs.

This bot triages issues and PRs according to the following rules:

• After 90d of inactivity, lifecycle/stale is applied
• After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
• After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

• Reopen this issue or PR with /reopen
• Mark this issue or PR as fresh with /remove-lifecycle rotten
• Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/close

[k8s-ci-robot]

@k8s-triage-robot: Closing this issue.

In response to this:

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs.

This bot triages issues and PRs according to the following rules:

• After 90d of inactivity, lifecycle/stale is applied
• After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
• After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

• Reopen this issue or PR with /reopen
• Mark this issue or PR as fresh with /remove-lifecycle rotten
• Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/close

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.