Storage (10%)¶
This domain covers Kubernetes storage concepts including volumes, persistent volumes, and storage classes.
Volumes¶
emptyDir¶
Temporary storage that exists for the Pod's lifetime.
apiVersion: v1
kind: Pod
metadata:
name: pod-with-emptydir
spec:
containers:
- name: app
image: nginx
volumeMounts:
- name: cache
mountPath: /cache
volumes:
- name: cache
emptyDir: {}
Memory-backed emptyDir¶
hostPath¶
Mount a file or directory from the host node.
apiVersion: v1
kind: Pod
metadata:
name: pod-with-hostpath
spec:
containers:
- name: app
image: nginx
volumeMounts:
- name: data
mountPath: /data
volumes:
- name: data
hostPath:
path: /data
type: DirectoryOrCreate
hostPath Types¶
| Type | Description |
|---|---|
"" | No checks (default) |
DirectoryOrCreate | Create directory if not exists |
Directory | Directory must exist |
FileOrCreate | Create file if not exists |
File | File must exist |
Socket | Unix socket must exist |
Persistent Volumes (PV)¶
PersistentVolume¶
apiVersion: v1
kind: PersistentVolume
metadata:
name: pv-volume
spec:
capacity:
storage: 10Gi
accessModes:
- ReadWriteOnce
persistentVolumeReclaimPolicy: Retain
storageClassName: manual
hostPath:
path: /mnt/data
Access Modes¶
| Mode | Abbreviation | Description |
|---|---|---|
ReadWriteOnce | RWO | Single node read-write |
ReadOnlyMany | ROX | Multiple nodes read-only |
ReadWriteMany | RWX | Multiple nodes read-write |
ReadWriteOncePod | RWOP | Single pod read-write |
Reclaim Policies¶
| Policy | Description |
|---|---|
Retain | Manual reclamation |
Delete | Delete volume when PVC is deleted |
Recycle | Basic scrub (deprecated) |
PersistentVolumeClaim (PVC)¶
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: pvc-claim
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 5Gi
storageClassName: manual
Using PVC in Pod¶
apiVersion: v1
kind: Pod
metadata:
name: pod-with-pvc
spec:
containers:
- name: app
image: nginx
volumeMounts:
- name: data
mountPath: /data
volumes:
- name: data
persistentVolumeClaim:
claimName: pvc-claim
Storage Classes¶
StorageClass¶
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: fast
provisioner: kubernetes.io/aws-ebs
parameters:
type: gp3
iopsPerGB: "10"
reclaimPolicy: Delete
allowVolumeExpansion: true
volumeBindingMode: WaitForFirstConsumer
Volume Binding Modes¶
| Mode | Description |
|---|---|
Immediate | Bind PV immediately when PVC is created |
WaitForFirstConsumer | Delay binding until Pod is scheduled |
Dynamic Provisioning¶
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: dynamic-pvc
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
storageClassName: fast # Uses StorageClass for dynamic provisioning
ConfigMap as Volume¶
apiVersion: v1
kind: Pod
metadata:
name: pod-with-configmap
spec:
containers:
- name: app
image: nginx
volumeMounts:
- name: config
mountPath: /etc/config
volumes:
- name: config
configMap:
name: my-config
items:
- key: config.json
path: app-config.json
Secret as Volume¶
apiVersion: v1
kind: Pod
metadata:
name: pod-with-secret
spec:
containers:
- name: app
image: nginx
volumeMounts:
- name: secret
mountPath: /etc/secrets
readOnly: true
volumes:
- name: secret
secret:
secretName: my-secret
defaultMode: 0400
Projected Volumes¶
Combine multiple volume sources into a single directory.
apiVersion: v1
kind: Pod
metadata:
name: pod-with-projected
spec:
containers:
- name: app
image: nginx
volumeMounts:
- name: all-in-one
mountPath: /projected-volume
volumes:
- name: all-in-one
projected:
sources:
- secret:
name: my-secret
- configMap:
name: my-config
- downwardAPI:
items:
- path: labels
fieldRef:
fieldPath: metadata.labels
Volume Expansion¶
# StorageClass must have allowVolumeExpansion: true
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: expandable-pvc
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 20Gi # Increase from original size
storageClassName: fast
Storage Commands¶
# List PersistentVolumes
kubectl get pv
# List PersistentVolumeClaims
kubectl get pvc
# List StorageClasses
kubectl get sc
# Describe PV
kubectl describe pv pv-volume
# Delete PVC
kubectl delete pvc pvc-claim
# Patch PVC to expand
kubectl patch pvc pvc-claim -p '{"spec":{"resources":{"requests":{"storage":"20Gi"}}}}'
Volume Snapshots¶
VolumeSnapshotClass¶
apiVersion: snapshot.storage.k8s.io/v1
kind: VolumeSnapshotClass
metadata:
name: csi-snapclass
driver: ebs.csi.aws.com
deletionPolicy: Delete
VolumeSnapshot¶
apiVersion: snapshot.storage.k8s.io/v1
kind: VolumeSnapshot
metadata:
name: my-snapshot
spec:
volumeSnapshotClassName: csi-snapclass
source:
persistentVolumeClaimName: my-pvc
Restore from Snapshot¶
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: restored-pvc
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
dataSource:
name: my-snapshot
kind: VolumeSnapshot
apiGroup: snapshot.storage.k8s.io
Key Concepts to Remember¶
- PV - Cluster-level storage resource
- PVC - Request for storage by a user
- StorageClass - Dynamic provisioning template
- Access Modes - RWO, ROX, RWX, RWOP
- Reclaim Policies - Retain, Delete, Recycle
Practice Questions¶
- What is the difference between PV and PVC?
- How do you create a PVC that uses dynamic provisioning?
- What access mode allows multiple nodes to read and write?
- How do you expand a PVC?
- What is the purpose of volumeBindingMode: WaitForFirstConsumer?
← Previous: Services & Networking | Back to CKA Overview | Next: Troubleshooting →