• Use kubectl describe pod ...to find the node running your Pod and the container ID (docker://...)
• SSH into the node
• run docker exec -u root ID -- /bin/bash

• 使用kubectl describe pod ...查找运行你盘上的节点和容器ID（ docker://...）
• SSH 进入节点
• 跑 docker exec -u root ID -- /bin/bash

There are some plugins for kubectl that may help you achieve this: https://github.com/jordanwilson230/kubectl-plugins

有一些 kubectl 插件可以帮助您实现这一目标：https: //github.com/jordanwilson230/kubectl-plugins

One of the plugins called, 'ssh', will allow you to exec as root user by running (for example) kubectl ssh -u root -p nginx-0

名为“ssh”的插件之一将允许您通过运行（例如）以 root 用户身份执行 kubectl ssh -u root -p nginx-0

• docker container lsto find container ID
• docker exec -it -u root ID /bin/bash

• docker container ls查找容器 ID
• docker exec -it -u root ID /bin/bash

For my case, I was in need for root access (or sudo) to container to give the chownpermission to a specific mount path.

就我而言，我需要对容器进行 root 访问（或 sudo）以chown授予特定挂载路径的权限。

I cannot SSH to machine because I designed my infrastructure to be fully automated with Terraform without any manual access.

我无法通过 SSH 连接到机器，因为我将基础架构设计为使用 Terraform 完全自动化，无需任何手动访问。

Instead, I found that initContainersdoes the job:

相反，我发现这样initContainers做可以：

  initContainers:
    - name: volume-prewarming
      image: busybox
      command: ["sh", "-c", "chown -R 1000:0 {{ .Values.persistence.mountPath }}"]
      volumeMounts:
      - name: {{ .Chart.Name }}
        mountPath: {{ .Values.persistence.mountPath }}

I've also created a whole course about Production grade running kubernetes on AWS using EKS

我还创建了一个关于使用 EKS 在 AWS 上运行 Kubernetes 的生产级的完整课程