👀 Views: 87 💬 Answers: 1 📅 Created: 2025-06-15

gcp gke filestore kubernetes nfs YAML

I can't seem to get I've been banging my head against this for hours. I have been trying to mount a GCP Filestore instance to my GKE (Google Kubernetes Engine) cluster, but I keep running into a 'Permission denied' behavior when accessing the mounted directory. I created a Filestore instance with the NFS export and I’ve ensured that my Kubernetes deployment is using a service account that has the `roles/filestore.admin` IAM role as well as necessary permissions related to GKE. Here’s how I configured my PersistentVolume (PV) and PersistentVolumeClaim (PVC): ```yaml apiVersion: v1 kind: PersistentVolume metadata: name: my-filestore-pv spec: capacity: storage: 1Gi accessModes: - ReadWriteMany nfs: path: "/my-nfs-path" server: "[YOUR_FILESTORE_IP]" --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: my-filestore-pvc spec: accessModes: - ReadWriteMany resources: requests: storage: 1Gi ``` In my deployment, I’m trying to mount the PVC like this: ```yaml apiVersion: apps/v1 kind: Deployment metadata: name: my-app spec: replicas: 1 selector: matchLabels: app: my-app template: metadata: labels: app: my-app spec: containers: - name: my-container image: gcr.io/my-project/my-image:latest volumeMounts: - mountPath: "/mnt/filestore" name: my-filestore-volume volumes: - name: my-filestore-volume persistentVolumeClaim: claimName: my-filestore-pvc ``` When I deploy this, the pod starts successfully, but when I try to write to `/mnt/filestore`, I get a `permission denied` behavior. I double-checked the IAM roles and ensured that the service account is properly associated with the GKE nodes, but I still can’t figure out why the permission scenario continues. Is there something I’m missing in the configuration, or do I need to set specific permissions on the Filestore instance itself? The project is a microservice built with Yaml. I appreciate any insights! Could this be a known issue?