Search code examples
azurekubernetesazure-files

Azure file share not getting mounted to the pod

I am trying to mount azure file share t the kubernetes pod but getting error as follows:

Events:
  Type     Reason                 Age               From                           Message
  ----     ------                 ----              ----                           -------
  Normal   Scheduled              12s               default-scheduler              Successfully assigned azurepod to k8s-agent-e90e3bbe-0
  Normal   SuccessfulMountVolume  12s               kubelet, k8s-agent-e90e3bbe-0  MountVolume.SetUp succeeded for volume "default-token-6v6lb"
  Warning  FailedMount            4s (x5 over 12s)  kubelet, k8s-agent-e90e3bbe-0  MountVolume.SetUp failed for volume "azure" : mount failed: exitstatus 32
Mounting command: mount
Mounting arguments: //006ujp7qo4bhmfmagnt0.file.core.windows.net/persistshare /var/lib/kubelet/pods/64dadbe9-dff0-11e7-a005-000d3a279b90/volumes/kubernetes.io~azure-file/azure cifs [vers=3.0,username=006ujp7qo4bhmfmagnt0,password=key1,dir_mode=0777,file_mode=0777]
Output: mount error(13): Permission denied
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs)

Please find below yaml file which I used to create the pod:

apiVersion: v1
kind: Pod
metadata:
 name: azurepod
spec:
 containers:
  - image: kubernetes/pause
    name: azure
    volumeMounts:
      - name: azure
        mountPath: /mnt/azure
 volumes:
  - name: azure
    azureFile:
      secretName: azure-secret
      shareName: persistshare
      readOnly: false
Solution

  • The access denied error typically indicates that the issues is with your account. Kubernetes needs credentials to access the file share. These credentials are stored in a Kubernetes secret, which is referenced when creating a Kubernetes pod. When creating a Kubernetes secret, the secret values must be base64 encoded. If you haven’t done this already, create Kubernetes secret exactly as mentioned in this document, first encode the name of the storage account. If needed, replace $AKS_PERS_STORAGE_ACCOUNT_NAME with the name of the Azure storage account and let us know how it goes.**

    As a side note: Currently AKS does not support Windows containers. to accomplish this, you need to deploy a Windows Kubernetes cluster using ACS Engine. ACS Engine - https://github.com/Azure/acs-engine With this in place, here are instructions on setting up a volume using an Azure disk:https://github.com/andyzhangx/Demo/tree/master/windows/azuredisk