Back to all scenarios
Scenario #317
Storage
Kubernetes v1.20, CephFS

File Permissions Reset on Pod Restart

Pod volume permissions reset after each restart, breaking application logic.

Find this helpful?
What Happened

App wrote files with specific UID/GID. After restart, files were inaccessible due to CephFS resetting ownership.

Diagnosis Steps
  • 1Compared ls -l before/after restart.
  • 2Storage class used fsGroup: 9999 by default.
Root Cause

PodSecurityContext didn't override fsGroup, so default applied every time.

Fix/Workaround
• Set explicit securityContext.fsGroup in pod spec.
Lessons Learned

CSI plugins may enforce ownership unless overridden.

How to Avoid
  • 1Always declare expected ownership with securityContext.
Previous ScenarioNext Scenario