Pods accessing Trident provided NFS PVs fail with Permission Denied on certain nodes
Applies to
- Trident for Kubernetes/Openshift
- SELinux based Redhat Enterprise Linux (RHEL) 7.9 or 8.x nodes
Issue
When deploying a pod to (mostly) newly deployed RHEL nodes that run with SELinux enabled, the pod comes online with the trident provided ontap-nas PVs, but fails on the defined mount with the following error:
sh-4.4$ cd
/mnt/pvc-trident-test/
sh-4.4$ touch test
touch: cannot touch 'test': Permission denied
Access is working normally from the node based mount:
[<USER>@<NODE_NAME> trident_test] # mkdir test_of_directory
[<USER>@<NODE_NAME> trident_test] # touch test-of-directory/touched_file
[<USER>@<NODE_NAME> trident_test] # ls -la test-of-directory
total 8
drwxrwxrwx. 2 1001600000 root 4096 Sep 14 10:35 .
drwxrwxrwx. 3 1001600000 root 4096 Sep 14 10:35 ..
-rw-rw-rw-. 1 1001600000 root 0 Sep 14 10:35 touched_file