Nginx 403 error while using kubernetes volumes

docker nginx kubernetes persistent-volumes

I am trying to use Kubernetes volumes for Nginx, but am facing an issue with it. After volumes are set Nginx is unable to serve the HTML page. Also am tried with PV and PVS this time also got the same error.

nginx.yml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx-deployment
  labels: 
    app: nginx 

spec: 
  replicas: 2
  selector: 
    matchLabels: 
      app: nginx
  template:
    metadata: 
      labels:
        app: nginx
    spec: 
      volumes:
        - name: nginxhtml
          # persistentVolumeClaim: 
          #   claimName: pvc
          hostPath:
            path: /home/amjed/Documents/SPS/k8s/mongo/mnt
      containers:
        - name: nginx
          image: nginx
          volumeMounts:
            - name: nginxhtml 
              mountPath: /usr/share/nginx/html
              
          ports: 
            - containerPort: 80



---
apiVersion: v1
kind: Service
metadata:
  name: nginx-service
spec:
  selector: 
    app: nginx
  type: LoadBalancer
  ports:
    - protocol: TCP
      port: 80
      targetPort: 80

First, create folder that you want to mount inside minikube:

dobrucki@minikube:~$ minikube ssh
Last login: Tue Jan 11 13:54:50 2022 from 192.168.49.1
docker@minikube:~$ ls -l 
total 4
drwxr-xr-x 2 docker docker 4096 Jan 11 13:56 nginx-mount

This folder is what is mapped to /usr/share/nginx/html inside Pods, so files you paste here will be displayed when you connect to your service. Make sure that you have some .html file inside that folder, otherwise you will get 403 error. For me, example index.html is this:

<html>
 <head>
 </head>
 <body>
   <h1>Hello World<h1>
 </body>
</html>

You also need to add securityContext fsGroup inside your Deployment manifest, so that /usr/share/nginx/html is owned by nginx user (101 uid).

Then, apply Deployment and LoadBalancer resources using this:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx-deployment
  labels: 
    app: nginx 
spec:
  replicas: 2
  selector: 
    matchLabels: 
      app: nginx
  template:
    metadata: 
      labels:
        app: nginx
    spec:
      securityContext:
        fsGroup: 101
      volumes:
        - name: nginxhtml
          hostPath:
            path: /home/docker/nginx-mount
      containers:
        - name: nginx
          image: nginx
          volumeMounts:
            - name: nginxhtml 
              mountPath: /usr/share/nginx/html       
          ports: 
            - containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
  name: nginx-service
spec:
  selector: 
    app: nginx
  type: LoadBalancer
  ports:
    - protocol: TCP
      port: 80
      targetPort: 80

After that you can check if the content is served correctly

dobrucki@minikube:~$ curl $(minikube service nginx-service --url)
<html>
 <head>
 </head>
 <body>
   <h1>Hello World<h1>
 </body>
</html>

Let me know if you have more questions.

Related

Error When Compiling a Simple C Program File in Windows 10 CMD Prompt Using MinGW (gcc: error: No such file or directory)
Unix get final directory name in a symlink
What is it called when words are deliberately spelled incorrectly but pronunciation is kept unchanged?
Why do we say "try and" [verb] instead of "try to" [verb]? (E.g., "Try and call me tomorrow.")
Noun for "person with intermediate skill"
Terms for collections of animals
Use of a semicolon before and comma after "however"
Placement of comma before quotation mark
Why are not "infamous" and "inflammable" the opposite of "famous" and "flammable"?
What is the difference between "electric" and "electrical" and their usage?
Precise names for parts of a day
What is the best way to explain how to choose between "its" and "it's"?