Skip to content

Understanding Kubernetes Storage Objects

Volumes are the primary way to configure storage for apps running under Kubernetes. Volumes are declared at the pod level, then mounted at the container level, as shown below:

apiVersion: v1
kind: Pod
metadata:
  name: cka-volumes
spec:
  restartPolicy: OnFailure
  containers:
    - name: cka-volume
      image: alpine
      command:
      - top
      volumeMounts:
      - name: applogs
        mountPath: /logs
  volumes:
    - name: applogs
      hostPath:
        path: /tmp/app/logs

 
Most volume lifespans are tied to the pods they are configured for, and usually expire when the pod is removed. To decouple storage from pod lifecycles, Kubernetes has PersistentVolume objects. PersistentVolumes are resources within the cluster that provide storage that persists outside of pod lifespans.
 

$ kubectl get pv

NAME         CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS      CLAIM                 STORAGECLASS   REASON   AGE
app-log-pv   1Gi        RWO,ROX        Retain           Bound       default/app-log-pvc                           89m
fivegigpv    5Gi        RWO            Retain           Available                                                 78m

$

 
Pods may use PersistentVolumes (PVs) directly, but another way to use PVs are through PersistentVolumeClaims (PVCs). PVCs are abstract requests for storage that claim persistent volumes. If a PVC finds an existing PV that fulfills its requests (access mode and capacity), then that PV is bound to the PVC. PVCs can also describe PVs as templates that dynamically provision PVs from the desired specifications.
 

$ kubectl get pvc

NAME          STATUS   VOLUME       CAPACITY   ACCESS MODES   STORAGECLASS   AGE
app-log-pvc   Bound    app-log-pv   1Gi        RWO,ROX                       85m

$

 
StorageClasses allow PVCs to dynamically provision PVs. Each StorageClass object uses a plugin specific to a storage provider’s backend to create a new PV. The example below shows a basic gp2 StorageClass for AWS:
 

apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: mod4-aws-storageclass
provisioner: kubernetes.io/aws-ebs
parameters:
  type: gp2

 
Learn more about how Kubernetes handles storage

Persistent Volumes

A persistent volume is a storage object provisioned from the cluster’s infrastructure that is managed by the Kubernetes cluster. Persistent volumes allow storage to remain beyond an individual pod’s lifespan. Persistent volumes describe details of a storage implementation for the cluster, including:

  • Access modes for the volume
  • The total capacity of the volume
  • What happens to the data after the volume is unclaimed
  • The type of storage
  • An optional, custom storage class identifier

 
The following example shows a statically provisioned persistent volume. This volume is bound to the host’s filesystem at /tmp/pvc and claims 50 gigabytes of storage.
 

apiVersion: v1
kind: PersistentVolume
metadata:
  name: fivegigpv
spec:
  capacity:
    storage: 5Gi
  accessModes:
    - ReadWriteOnce
  persistentVolumeReclaimPolicy: Retain
  hostPath:
    path: /tmp/pvc

 
PersistentVolumes exist as resources in the cluster that any pod can claim using a standard volume mount or through a PersistentVolumeClaim.
 
Learn more about PersistentVolumes

Volume Access Modes

Persistent Volumes use the accesModes array to ensure that the resulting volume mounts in a way supported by the resource provider’s filesystem.

There are three access modes supported by Kubernetes:

  • ReadWriteOnce (RWO) – A single node may mount the volume with read-write permissions
  • ReadOnlyMany (ROX) – Many nodes may mount the volume with read-only permissions
  • ReadWriteMany (RWX) – Many nodes may mount the volume with read-write permissions

Below is an example of a PersistentVolume that allows ReadWriteOnce and ReadOnlyMany access modes

 

apiVersion: v1
kind: PersistentVolume
metadata:
  name: app-pv
spec:
  capacity:
    storage: 50Gi
  accessModes:
    - ReadWriteOnce
    - ReadOnlyMany
  persistentVolumeReclaimPolicy: Retain
  hostPath:
    path: "/app/logs"

Learn more about access modes for volumes

Persistent Volume Claims

A PersistentVolumeClaim is a request for storage and is an abstraction of persistent volumes. PersistentVolumeClaims bind to PersistentVolumes on a number of factors like label selectors, storage class name, storage capacity, and access mode. PersistentVolumeClaims will bind to existing PersistentVolumes in the cluster that fulfill their requirements or dynamically create PersistentVolumes using an existing StorageClass.
 
Below is an example of a PersistentVolumeClaim that binds to the PersistentVolume example shown above:
 

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: app-pvc
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 50Gi

 
The PersistentVolumeClaim must find a PersistentVolume with up to 50 gigabytes of storage and the ReadWriteOnce access mode in its manifest.
 
Learn more about PersistentVolumeClaims

Configure Applications with Persistent Storage

The volumes array under a pod manifest and volumeMounts array in a container manifest configure how applications running under Kubernetes use persistent storage.

Entries under the volumes array in a pod manifest declare what storage plugins or objects a pod has available for its containers to use as storage. Certain volume types, PersistentVolumes, PersistentVolumeClaims, ConfigMaps and Secrets are all valid entries under the volumes array. Each volume entry is given a name.

Containers under pods use the volumeMounts array to mount any volumes made available by the pod. The container references the volume by the name configured on the pod level.

The example below shows a pod configured to expose a host directory and the PersistentVolumeClaim example above for its containers to use:

apiVersion: v1
kind: Pod
metadata:
  name: cka-volumes
spec:
  restartPolicy: OnFailure
  containers:
    - name: cka-volumes
      image: alpine
      command:
      - top
      volumeMounts:
      - name: app-logs
        mountPath: /logs
      - name: app-certs
        mountPath: /certs
  volumes:
    - name: app-logs
      persistentVolumeClaim:
        claimName: app-log-pvc
    - name: app-certs
      hostPath:
        path: /etc/ssl/certs

This example uses a PersistentVolumeClaim to store application log data and also mounts a hostPath to use certificates of its host.

Learn more about using persistent storage with your applications on Kubernetes using:

Practice Drill

Create a pod that runs centos/httpd and stores its log directory at /var/log/httpd under /tmp/httpd/ on the host.

As an additional exercise, create a storage class that uses the local storage class plugin and a PVC that uses that storage class.

RX-M can provide more help with preparing for the CKA exam in one of our CKA Boot Camps; we offer open enrollments and private engagements for teams or organizations.

KTP-logo.svg
KCSP-logo.svg
cncf-member-silver.svg
lf-atp-logo.svg
apache-bronze-sponsor-logo.svg
devops-institute-partner-logo-2021-150.png
scrumorg-ptn-logo-sq-150.png

Our team has been trusted to work alongside some of the world's leading companies

grey-client-logos-16-mar-2020.svg