-
Notifications
You must be signed in to change notification settings - Fork 4.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Is azureFile volume only works with namespace 'default'? #413
Comments
Hi, After upgrading to v1.19.7 we noted that all azure file mounts in our cluster failed to read secrets from anywhere but the default namespace. I'm not sure if this was intentional but it certainly was unexpected as previously the secret was read from the colocated namespace, which is our preference, rather than default. Looking at https://github.com/kubernetes/examples/blob/master/staging/volumes/azure_file/azure-pv.yaml I can see that a namespace can be defined but we found that this failed validation. For now the secrets have been moved into the default namespace but any guidance on how we can avoid this would be greatly received. Many thanks, Col |
I'm seeing exactly the same issue after upgrading to 1.19.7. Regardless of the namespace of the deployment/pod referencing the azurefile resource, it wants the secret to be in the default namespace. Any update on this? |
It seems this commit fixes the problem. |
The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs. This bot triages issues and PRs according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle stale |
The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs. This bot triages issues and PRs according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle rotten |
The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs. This bot triages issues and PRs according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /close |
@k8s-triage-robot: Closing this issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Kubernetes version: 1.19.7
[GitHub](https://github.com/kubernetes/examples/tree/master/staging/volumes/azure_file)apiVersion: v1
data:
azurestorageaccountkey: *******
azurestorageaccountname: *******
kind: Secret
metadata:
name: custom-secret-sa
namespace: custom
type: Opaque
apiVersion: v1
kind: Pod
metadata:
name: azure
namespace: custom
spec:
containers:
name: azure
volumeMounts:
mountPath: /mnt/azure
volumes:
azureFile:
secretName: custom-secret-sa
shareName: myshare
readOnly: true
##Error: MountVolume.SetUp failed for volume "azure" : Couldn't get secret default/custom-secret-sa
I am trying to create a pod to namespace 'custom', but it fails due to the unavailability of storage account secret to namespace 'default', Am I missing something?
The text was updated successfully, but these errors were encountered: