Don't be silly to distinguish these kinds of storage volumes of kubernetes

Storage volume type

Kubernetes Storage volumes provided （volume） Belong to Pod resources , Share in Pod All containers inside , Storage volumes can store relevant data outside the container's file system , It can also be independent of Pod Realize data persistent storage in the life cycle of .

By type , Roughly divided into three categories ：

The following is the storage used in the work , The persistent volume declaration corresponds to the persistent data storage type .

Detailed instructions

1. EmptyDir

EmptyDir Literally, it means empty directory . Created when the container starts , Delete when the container is removed , Therefore, it does not have the ability of persistent storage , But if as the same Pod Share files among multiple containers in , Or as a temporary storage directory for container data, it is a very easy choice .

key word ： The life cycle is the same as Pod Life cycle ; Scope is the same Pod Inside .

emptyDir The available fields of storage volume mainly include two ：

• medium： Type of storage medium , It can be taken as "default" or "Memory","default" Use the node's default storage medium , Take up disk space ;"Memory" be based on RAM Temporary file system for tmpfs, Take up memory space .

• sizeLimit： The space limit for the current storage volume , The default value is nil, Means unrestricted ; Generally in medium The field values for "Memory" It needs to be limited .

2. HostPaht

hostPath Mount the directory from the file system of the work node to pod in , It is independent of Pod Life cycle of , So it has persistence , Be similar to docker Medium -v. But if it happens pod Failover, etc , Data will not be available , Unless there is data in all nodes .

key word ： Storage of a work node .

hostPath There are two nested fields for storage volumes ："path"（ Mandatory ） and "type", It supports storage volume types （type） There are the following ：

• DirectoryOrCreate： Create this directory if it does not exist on the host
• Directory： This directory must exist on the host
• FileOrCreate： If this file does not exist on the host machine, create
• File： This file must exist on the host
• Socket： Must exist on the host Socket File path
• CharDevice： The character device file path that must exist on the host
• BlockDevice： The path of the block device file that must exist on the host

3. ConfigMap&Secret

ConfigMap and Secret As a configuration set , With key-value The form of is preserved in etcd in , In the form of storage volume or configuration reference Pod Use in , The difference lies in Secret Is the encrypted field display . Examples are as follows ：

#  newly build configMap
# my-config.yaml
apiVersion: v1
data:
  redis.conf: |
    appendonly yes
  nginx.conf: |
    welcome nginx
  project:
    edsp
kind: ConfigMap
metadata:
  name: my-conf
  namespace: default

[[email protected] test]# kubectl apply -f my-config.yaml 
configmap/my-conf created
[[email protected] test]# kubectl get cm
NAME               DATA   AGE
kube-root-ca.crt   1      11d
my-conf            3      10s
[[email protected] test]#

data Is all the real data ,key： The default is file name ,value： Content of profile .

#  newly build secret
[[email protected] secret]# echo -n "jiangxiaonan" > user
[[email protected] secret]# echo -n "xxcjxn12345" > password
[[email protected] secret]# ls
password  user
[[email protected] secret]#

kubectl create secret generic db-user-pass \
  --from-file=user \
  --from-file=password

#  Get content view 
[[email protected] secret]# kubectl get secrets
NAME                  TYPE                                  DATA   AGE
db-user-pass          Opaque                                2      7s
default-token-dp677   kubernetes.io/service-account-token   3      11d
[[email protected] secret]# kubectl get secrets db-user-pass -o=yaml
apiVersion: v1
data:
  password: eHhjanhuMTIzNDU=
  user: amlhbmd4aWFvbmFu
kind: Secret
metadata:
  creationTimestamp: "2022-07-20T14:47:10Z"
  managedFields:
  name: db-user-pass
  namespace: default
  resourceVersion: "140362"
  uid: 92095b33-385e-48a9-8418-ee5d86817cc3
type: Opaque
[[email protected] secret]# echo eHhjanhuMTIzNDU= | base64 -d
xxcjxn12345
[[email protected] secret]# 

data Is all the real data .

4. PV&PVC

PV&PVC Is based on the existence of the file system , Here we use NFS file system , Independent of Pod Realize the persistent storage of data in the life cycle of .

NFS The file system installs itself , Only prepare here pv and pvc.

# pv.yaml
apiVersion: v1
kind: PersistentVolume
metadata:
  name: pv01-10m
spec:
  capacity:
    storage: 1Gi
  accessModes:
    - ReadWriteMany
  storageClassName: nfs
  nfs:
    path: /nfs/data/01
    server: 172.31.0.2

# pvc.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: nginx-pvc
spec:
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 500Mi
  storageClassName: nfs

[[email protected] test]# kubectl get pv,pvc
NAME                        CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS   CLAIM               STORAGECLASS   REASON   AGE
persistentvolume/pv01-10m   1Gi        RWX            Retain           Bound    default/nginx-pvc   nfs                     11d

NAME                              STATUS   VOLUME     CAPACITY   ACCESS MODES   STORAGECLASS   AGE
persistentvolumeclaim/nginx-pvc   Bound    pv01-10m   1Gi        RWX            nfs            11d
[[email protected] test]# 

Complete configuration demonstration

# deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: nginx-deploy
  name: nginx-deploy
spec:
  replicas: 2
  selector:
    matchLabels:
      app: nginx-deploy
  template:
    metadata:
      labels:
        app: nginx-deploy
    spec:
      restartPolicy: Always
      containers:
        - name: mynginx
          image: nginx
          imagePullPolicy: IfNotPresent
          envFrom:
          - configMapRef:
              name: my-conf
          - secretRef:
              name: db-user-pass
          volumeMounts:
          - mountPath: /sams/redis.conf
            name: redisconf
            subPath: redis.conf
          - mountPath: /sams/nginx.conf
            name: nginxconf
            subPath: nginx.conf
          - mountPath: /sams/emptydir/test
            name: emptydir-test
          - mountPath: /sams/hostpaht/test
            name: hostpaht-test
          - mountPath: /sams/nginx
            name: my-pvc
      volumes:
      - emptyDir:
          sizeLimit: 300Mi
        name: emptydir-test
      - hostPath:
          path: /sams/hostPaht/test
          type: DirectoryOrCreate
        name: hostpaht-test
      - configMap:
          name: my-conf
        name: redisconf
      - configMap:
          name: my-conf
        name: nginxconf
      - name: my-pvc
        persistentVolumeClaim:
          claimName: nginx-pvc

adopt yaml It can be seen that ,ConfigMap and Secret The configuration reference method is used in Pod Use in , The rest use mount .

[[email protected] test]# kubectl apply -f deployment.yaml 
deployment.apps/nginx-deploy created
[[email protected] test]# kubectl get pod
NAME                           READY   STATUS    RESTARTS   AGE
nginx-deploy-744dfb6ff-f4px5   1/1     Running   0          56s
nginx-deploy-744dfb6ff-zk5zf   1/1     Running   0          58s
[[email protected] test]# 

Check and verify

Go inside the container to verify .

[[email protected] test]# kubectl exec -it nginx-deploy-744dfb6ff-f4px5 -c mynginx -- /bin/bash
[email protected]:/# cd /sams/
ro[email protected]:/sams# ls
emptydir  hostpaht  nginx  nginx.conf  redis.conf
[email protected]:/sams# 

1. EmptyDir

[email protected]:/sams# cd /sams/emptydir/test/
[email protected]:/sams/emptydir/test# pwd
/sams/emptydir/test
[email protected]:/sams/emptydir/test# 

EmptyDir Mount successfully .

2. HostPaht

[email protected]:/sams/emptydir/test# cd /sams/hostpaht/test/
[email protected]:/sams/hostpaht/test# pwd
/sams/hostpaht/test 
[email protected]:/sams/hostpaht/test# touch hostpaht.txt
[email protected]:/sams/hostpaht/test# ls
hostpaht.txt
[email protected]:/sams/hostpaht/test# 

#  see nginx-deploy-744dfb6ff-f4px5 The node is k8s-worker1
[[email protected]ster /]# kubectl describe pod nginx-deploy-744dfb6ff-f4px5
...
Events:
  Type    Reason     Age   From               Message
  ----    ------     ----  ----               -------
  Normal  Scheduled  15m   default-scheduler  Successfully assigned default/nginx-deploy-744dfb6ff-f4px5 to k8s-worker1
  Normal  Pulled     15m   kubelet            Container image "nginx" already present on machine
  Normal  Created    15m   kubelet            Created container mynginx
  Normal  Started    15m   kubelet            Started container mynginx
[[email protected] /]# 

#  To  k8s-worker1  verification 
[[email protected] test]# pwd
/sams/hostPaht/test
[[email protected] test]# ll
total 0
-rw-r--r-- 1 root root 0 Jul 21 00:39 hostpaht.txt
[[email protected] test]# 

There is /sams/hostPaht/test Folder , also hostpaht.txt It also exists ,HostPaht Mount successfully .

3. ConfigMap&Secret

[email protected]:/sams# cat redis.conf 
appendonly yes
[email protected]:/sams# cat nginx.conf 
welcome nginx
[email protected]ginx-deploy-744dfb6ff-f4px5:/sams# echo $project
edsp
[email protected]:/sams# echo $user
jiangxiaonan
[email protected]:/sams#  

ConfigMap Mount successfully ,Secret Configuration reference succeeded .

4. PV&PVC

[email protected]:/sams# cd nginx
[email protected]:/sams/nginx# touch aaa.txt
[email protected]:/sams/nginx# 

#  To NFS File system view 
[[email protected] test]# cd /nfs/data/01
[[email protected] 01]# ls
aaa.txt
[[email protected] 01]#

pvc Mount successfully .