Azure Files
An Azure service that offers file shares in the cloud.
1,283 questions
Permission denied while trying to mount Azure Fileshare volume in a Container App
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(252.8, 54%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVA%3C/text%3E%3C/svg%3E)
Victor Angelier@NGBlu
0
Reputation points
I receive this error when trying to create a new Container App revision.
{"TimeStamp":"2024-09-13 14:41:30 \u002B0000 UTC","Type":"Warning","ContainerAppName":"io2-api","RevisionName":"****","ReplicaName":"****","Msg":"Container \u0027io2-api\u0027 was terminated with exit code \u0027\u0027 and reason \u0027VolumeMountFailure\u0027. One or more errors occurred. (Shell command exited with non-zero status code. StatusCode = 32 | StdOut = | StdErr = mount error(13): Permission denied\nRefer to the mount.cifs(8) manual page (e.g. man mount.cifs) and kernel log messages (dmesg)\n) (Shell command exited with non-zero status code. StatusCode = 32 | StdOut = | StdErr = mount error(13): Permission denied\nRefer to the mount.cifs(8) manual page (e.g. man mount.cifs) and kernel log messages (dmesg)\n)","Reason":"ContainerTerminated","EventSource":"ContainerAppController","Count":7}
{"TimeStamp":"2024-09-13T14:41:31Z","Type":"Normal","ContainerAppName":null,"RevisionName":null,"ReplicaName":null,"Msg":"Shutting down events stream. Max connection open time reached","Reason":"CloseConnectionDueToTimeout","EventSource":"ContainerAppController","Count":1}
This is my bicep file:
volumeMounts: [
{
mountPath: '/home/storage'
volumeName: 'dev-volume'
}
]
}
]
volumes: [
{
name: 'dev-volume'
storageName: 'container-volume'
storageType: 'AzureFile'
}
]
I configured the container-volume name in the Container App Environment with staging-storage (storage account) and api (fileshare).
The Container App environment uses a managed identity and I configured the SMB contributor role.
The container is in the same VNET as the Storage and this VNET is allowed access.
I have the same setup for a different resource group and it works fine there. In the Staging resource group I can't get this to work. I hope somebody can help me out or at least give me some lead as I am out of ideas.
Sign in to answer