I'm trying to set up an app deployment on Kubernetes. I have an image that when deployed unpacks files to /opt/app. This filesystem is not mounted on a pvc.
I was provided 2 test systems running Kubernetes 1.27.1, which I was told were setup the same. For test purposes, I am running on a single node at the moment (the control plane), so the kubelet and everything is on the host.
My pod yaml in both systems is the same, including the securityContext, which sets runAsUser and fsGroup to the same values (my user).
However, on one test system, the /opt/app folder is being created with permissions rwxrwxrwx, while on the other test system, the permissions are rwxrwxr-x. The owner/group is the same on both systems.
goal
I would like to set /opt/app in both systems to rwxrwxrwx.
After googling a lot and reading here, I thought it would be via fsGroup, but my fsGroup is set the same on both systems, so maybe that's only for mounted volumes?
How do I control the permissions on non-mounted filesystems?