Search code examples
kubernetespersistent-volumes

Kubernetes, how to share read/write persistent volume as read only volume with other nodes

I have a persistent volume that has read/write access on one specific node.

How can I mount this persistent volume on all other nodes as read only?

Here is what I was thinking, in my pvc.yaml:

---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  # This name uniquely identifies the PVC. This is used in deployment.
  name: public-pv-claim
  namespace: default
spec:
  accessModes:
    - ReadWriteOnce
    - ReadOnlyMany
  resources:
    # This is the request for storage. Should be available in the cluster.
    requests:
      storage: 1Gi

and in the specific node

      ...
      volumes:
      - name: public
        # This volume is based on PVC
        persistentVolumeClaim:
          # Name of the PVC created earlier
          claimName: public-pv-claim
      containers:
      - name: specific
        # Volume mounts for this container
        volumeMounts:
        # Volume 'public' is mounted to path '/public'
        - name: data
          mountPath: "/public"
        ...

and for pods of other nodes:

      ...
      volumes:
      - name: public
        # This volume is based on PVC
        persistentVolumeClaim:
          # Name of the PVC created earlier
          claimName: public-pv-claim
      containers:
      - name: other
      ...
      volumeMounts:
      - name: public
        mountPath: "/public"
        readOnly: true
      ...
Solution

  • The solution I found was to give the persistance volume the "ReadWriteMany" access modes: and then mount it with readOnly set to true in the definition of mounted volumes. Here are the .yaml files..

    The persistent volume claim... pvc.yaml:

    ---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  # This name uniquely identifies the PVC. This is used in deployment.
  name: public-pv-claim
  namespace: default
spec:
  accessModes:
    - ReadWriteMany # All nodes have read/write access to the volume
  resources:
    # This is the request for storage. Should be available in the cluster.
    requests:
      storage: 1Gi

    and in the specific node that should be allowed to write to the volume container_write_access_to_pv.yaml:

      ...
  volumes:
  - name: public
    # This volume is based on PVC
    persistentVolumeClaim:
      # Name of the PVC created earlier
      claimName: public-pv-claim
  containers:
  - name: specific
    # Volume mounts for this container
    volumeMounts:
    # Volume is mounted to path '/public'
    - name: data
      mountPath: "/public"
    ...

    and for pods of other nodes that should have read only access: container_with_read_only_access_to_pv.yaml:

      ...
  volumes:
  - name: public
    # This volume is based on PVC
    persistentVolumeClaim:
      # Name of the PVC created earlier
      claimName: public-pv-claim
  containers:
  - name: other
  ...
  volumeMounts:
  - name: public
    # Volume is mounted to path '/public' in read-only mode
    mountPath: "/public"
    readOnly: true
  ...