I am using packer for creating my project's docker image and pushing to a cluster. In packer config json file I have provided commands for giving read, write, execute of certain folders in provisioners key like this:

"provisioners": [
    {... some other config},
    {
      "type": "shell",
      "inline": [
        "echo provisioning all the things",
        "mkdir -p /home/ubuntu/bin/",
        "mv /tmp/entrypoint.sh /home/ubuntu/bin/",
        "sudo chmod -R 777 /home/ubuntu",
        "sudo chmod -R 777 /mnt",
        "sudo chmod -R 777 /var"
      ]
    },
    {... some other config}
]

But after the image creation when I am using this image for deployments in kubernetes. In pod logs I am getting access related errors like:

home/ubuntu/bin/entrypoint.sh: line 27: /home/ubuntu/INSTANCE_ID: Read-only file system
/home/ubuntu/bin/entrypoint.sh: line 33: cannot create temp file for here-document: Read-only file system
/home/ubuntu/bin/entrypoint.sh: line 34: /mnt/.instance_metadata: Read-only file system
ln: failed to create symbolic link '/etc/apache2/sites-available/moatbot-dashboard.conf': Read-only file system
ERROR: Site moatbot-dashboard does not exist!
Module wsgi already enabled
chown: changing ownership of '/mnt/beaker': Read-only file system
htpasswd: cannot create file /mnt/passwords
mkdir: cannot create directory '/var/run/apache2': Read-only file system
mktemp: failed to create directory via template '/var/lock/apache2.XXXXXXXXXX': Read-only file system

I have read the official doc for packer and they are suggesting to put permissions/access related commands in provisioners like I have. So, not sure what is wrong here.

Deployment.yaml that I am using is:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: &DeploymentName abc
spec:
  replicas: 1
  selector:
    matchLabels: &appName
      app: *DeploymentName
  template:
    metadata:
      name: main
      labels:
        <<: *appName
    spec:
      securityContext:
        runAsUser: 1000
        runAsGroup: 3000
        fsGroup: 2000
      containers:
        - name: *DeploymentName
          image: imagePath
          ports:
            - containerPort: 80
          readinessProbe:
              tcpSocket:
                port: 80
              initialDelaySeconds: 180
              periodSeconds: 60
          livenessProbe:
              tcpSocket:
                port: 80
              initialDelaySeconds: 300
              periodSeconds: 180
          imagePullPolicy: Always
          tty: true
          env:
            - name: POD_NAME
              valueFrom:
                fieldRef:
                  fieldPath: metadata.name
          envFrom:
            - configMapRef:
                name: *DeploymentName
          resources:
            limits:
              cpu: 1
              memory: 2Gi
            requests:
              cpu: 1
              memory: 2Gi
---
apiVersion: autoscaling/v1
kind: HorizontalPodAutoscaler
metadata:
  name: &hpaName abc
spec:
  maxReplicas: 1
  minReplicas: 1
  scaleTargetRef:
    apiVersion: extensions/v1beta1
    kind: Deployment
    name: *hpaName
  targetCPUUtilizationPercentage: 60

Please note that containers do not have sudo access inside the cluster in which I am deploying my kubernetes deployments/pods.

Also, let me know if any info is needed reg this that I may have missed while asking this question. I will be happy to share.