k8s部署mysql报错‘/var/lib/mysql/‘: Operation not permitted

前言

环境：k8s 1.22.6、nfs-server后端存储

部署mysql

kind: StatefulSet
apiVersion: apps/v1
metadata:
  name: mysql-his
  namespace: his
  labels:
    app: mysql-his
  annotations:
    kubesphere.io/alias-name: mysql-his
    kubesphere.io/creator: dev-liu
    kubesphere.io/description: his项目的数据库
spec:
  replicas: 1
  selector:
    matchLabels:
      app: mysql-his
  template:
    metadata:
      creationTimestamp: null
      labels:
        app: mysql-his
      annotations:
        kubesphere.io/creator: dev-liu
        kubesphere.io/imagepullsecrets: '{}'
        logging.kubesphere.io/logsidecar-config: '{}'
    spec:
      volumes:
        - name: host-time
          hostPath:
            path: /etc/localtime
            type: ''
      containers:
        - name: container-91dh9a
          image: 'mysql:5.7.35'
          ports:
            - name: tcp-3306
              containerPort: 3306
              protocol: TCP
            - name: tcp-33060
              containerPort: 33060
              protocol: TCP
          env:
            - name: MYSQL_ROOT_PASSWORD
              value: Aa123456
          resources: {}
          volumeMounts:
            - name: host-time
              mountPath: /etc/localtime
            - name: mysql-his
              mountPath: /var/lib/mysql
          terminationMessagePath: /dev/termination-log
          terminationMessagePolicy: File
          imagePullPolicy: IfNotPresent
          securityContext:
            privileged: true
      restartPolicy: Always
      terminationGracePeriodSeconds: 30
      dnsPolicy: ClusterFirst
      serviceAccountName: default
      serviceAccount: default
      securityContext:
        runAsNonRoot: false
      schedulerName: default-scheduler
  volumeClaimTemplates:
    - kind: PersistentVolumeClaim
      apiVersion: v1
      metadata:
        name: mysql-his
        namespace: his
        creationTimestamp: null
      spec:
        accessModes:
          - ReadWriteOnce
        resources:
          requests:
            storage: 1Gi
        storageClassName: nfs-storageclass
        volumeMode: Filesystem
      status:
        phase: Pending
  serviceName: mysql-his-6kpe
  podManagementPolicy: OrderedReady
  updateStrategy:
    type: RollingUpdate
    rollingUpdate:
      partition: 0
  revisionHistoryLimit: 10

报错

#创建sts之后，pod启动报错，日志如下
[root@master01 ~]# kubectl  -n his  logs   mysql-his-0 
2023-10-05 15:41:02+08:00 [Note] [Entrypoint]: Entrypoint script for MySQL Server 5.7.35-1debian10 started.
chown: changing ownership of '/var/lib/mysql/': Operation not permitted
[root@master01 ~]#

解决办法

#测试使用docker启动mysql，可以正常启动
mysql -p  /my/own/datadir
docker run --name mysql -v /my/own/datadir:/var/lib/mysql -e MYSQL_ROOT_PASSWORD=Aa123456 -d mysql:5.7.35

#最后问题定位为后端存储nfs配置存在错误。
#查看nfs配置：
[root@master01 k8s]# cat /etc/exports
/data/k8s *(rw,sync)
#添加一个参数：
[root@master01 k8s]# cat /etc/exports
/data/k8s *(rw,sync,no_root_squash)
[root@master01 k8s]# exportfs -rv	#使配置立即生效，也可以systemctl reload nfs-server.service
#最后重新创建mysql pod，pod正常，问题解决