Want to Contribute to us or want to have 15k+ Audience read your Article ? Or Just want to make a strong Backlink?

Kubernetes Volumes – DEV Community


Volumes are wanted to retailer knowledge inside a container or share knowledge amongst different containers.
All volumes requested by a Pod have to be mounted earlier than the containers inside the Pod are began. This is applicable additionally to secrets and techniques and configmaps.

Shared Quantity

Under yow will discover a pattern of the best way to create a shared quantity.
However bear in mind that one container can overwrite the information that from the opposite container.
You should utilize locking or versioning to beat this matter.

   - identify: firstcontainer
     picture: busybox
     - mountPath: /firstdir
       identify: sharevol
   - identify: secondcontainer
     picture: busybox
     - mountPath: /seconddir
       identify: sharevol
   - identify: sharevol
     emptyDir: {}  
Enter fullscreen mode

Exit fullscreen mode

$ kubectl exec -ti instance -c secondcontainer -- contact /seconddir/bla

$ kubectl exec -ti instance -c firstcontainer -- ls -l /firstdir

Persistent Quantity – PV

This can be a storage abstraction used to maintain knowledge even when the Pods is killed. Within the Pods you outline a quantity of that sort.
kubectl get pv

Pattern of a PV with hostPath Kind

type: PersistentVolume
apiVersion: v1
identify: 10Gpv01
sort: native
        storage: 10Gi
        - ReadWriteOnce
        path: "/somepath/data01"
Enter fullscreen mode

Exit fullscreen mode

Persistent Quantity Declare – PVC

With the PVC volumes may be accessed by a number of pods and permit state persistency.
The cluster attaches the Persistent Quantity.

There is no such thing as a concurrency checking, so knowledge corruption is possible except locking takes place exterior.

There are 3 entry modes for the PVC:

  1. RWO – ReadWriteOnce by a single node
  2. ROX – ReadOnlyMany by a number of nodes
  3. RWX – ReadWriteMany by many nodes

kubectl get pvc

Phases to persistent storage

  1. Provisioning: Could be performed prematurely, ie sources from a cloud supplier
  2. Binding: As soon as a watch loop on grasp notices a PVC it requests the entry.
  3. Utilizing: The amount is mounted to the Pod and may now be used.
  4. Releasing: When the pod is down, the PVC is deleted. The resident knowledge stays relying on the persitenVolumReclaimPolicy
  5. Reclaiming:
    You may have three choices: Retain, Delete, Recycle

Empty Dir

The kubelet creates an emptyDir. It’s going to create the listing within the container however not mount any storage. The info written to that storage just isn’t persistent, as will probably be deleted when the Pod is deleted.

apiVersion: v1
type: Pod
    identify: pattern
    namespace: default
    - picture: pattern
      identify: pattern
        - sleep
        - "3600"
      - mountPath: /sample-mount
        identify: sample-volume
    - identify: sample-volume
            emptyDir: {}
Enter fullscreen mode

Exit fullscreen mode

Different Quantity sorts

GCEpersistenDisk and awsElsaticBlockStore

You possibly can mount your GCE or your EBS into your Pods.


This mounts a useful resource from the host node filesystem. The useful resource have to be already prematurely to be able to be used.

  • DirectoryOrCreate
  • FileOrCreate

and plenty of extra

NFS – Community File System
iSCSI – Web Small Laptop System Interface
RBD (RADOS Block Gadget) – RBD is a block storage gadget that runs on prime of the Ceph distributed storage system. It permits you to create block units that may be mounted and used like an everyday disk. RBD is commonly utilized in virtualization environments, offering storage for digital machines.
CephFS – CephFS is a distributed file system constructed on prime of the Ceph storage system.
GlusterFS – open-source, distributed file system that may scale out to petabytes of storage. It really works by aggregating varied storage sources throughout nodes right into a single, world namespace.

Dynamic Provisioning

With the sort StorageClass, a person can request a declare, which the API Server fills by way of auto-provisioning. Widespread selections for dynamic storage are AWS and GCE.

Pattern for gce:

apiVersion: storage.k8s.io/v1        
type: StorageClass
  identify: you-name-it                        
provisioner: kubernetes.io/gce-pd
  sort: pd-ssd 
Enter fullscreen mode

Exit fullscreen mode


This sort of storage is used to retailer delicate knowledge, that doesn’t should be encoded, however shouldn’t be saved inside the software itself.
Utilizing configmaps we are able to decouple the container picture from the configuration artifacts.
If configmaps are marked as “optionally available” they do not should be mounted earlier than a pod desires to make use of them.

They are often consumed in varied methods:

  • Pod environmental variables from single or a number of ConfigMaps
  • Use ConfigMap values in Pod instructions
  • Populate Quantity from ConfigMap
  • Add ConfigMap knowledge to a particular path in Quantity
  • Set file names and entry mode in Quantity from ConfigMap knowledge
  • Can be utilized by system parts and controllers.

Create a Configmap from literal:
kubectl create cm yourcm --from-literal yoursecret=topsecret

Create a Configmap from a file:
kubectl -f your-cm.yaml create

Pattern ConfigMap:

apiVersion: v1
  yoursecret: topsecret
  degree: "3"
type: ConfigMap
  identify: yourcm
Enter fullscreen mode

Exit fullscreen mode

learn the configmap
kubectl get configmap yourcm -o yaml

Secrets and techniques

This sort of storage is used to retailer delicate knowledge, that must be encoded.

A Secret in Kubernetes is base64-encoded by default.
If you wish to encrypt secrets and techniques, it’s important to create a EncryptionConfiguration.
There is no such thing as a restrict to the variety of secrets and techniques, however there’s a 1MB restrict to their dimension.
Secrets and techniques are saved within the tmpfs storage on the host node and are solely despatched to the host operating Pod.

Secret as an environmental variable

kubectl get secrets and techniques
kubectl create secret generic --help
kubectl create secret generic mysecret --from-literal=password=supersecret

     -image: yourimage
      identify: yourcontainername
      - identify: ROOT_PASSWORD
           identify: yoursecret
           key: password
Enter fullscreen mode

Exit fullscreen mode

Mounting secrets and techniques as volumes

    - picture: busybox
      identify: busy
        - sleep
        - "3600"
      - mountPath: /mysqlpassword
        identify: mysql
    - identify: mysql
        secretName: mysql
Enter fullscreen mode

Exit fullscreen mode

Confirm that the key is offered in thte container:
kubectl exec -ti busybox -- cat /mysqlpassword/password

Additional studying:
Volumes on Kubernetes: https://kubernetes.io/docs/concepts/storage/volumes/
Ceph: https://ubuntu.com/ceph/what-is-ceph

Add a Comment

Your email address will not be published. Required fields are marked *

Want to Contribute to us or want to have 15k+ Audience read your Article ? Or Just want to make a strong Backlink?