I have a service which needs secret to be available before the pod starts.
I added a volume for secret
- name: cert
secret:
secretName: service-bhr-proxy-certificate
This volume is mounted in init-container.
image: gaming-nginx-ssl-proxy:1.0.0
imagePullPolicy: IfNotPresent
name: service-bhr-proxy-certificate
volumeMounts:
- mountPath: /etc/nginx/certs_intermit
name: cert
My understanding is secret file will available under /etc/nginx/certs_intermit before container starts. I even tried creating a another empty volume and mounting it on init-container and copying the secret to it. No luck. Any kind of help is appreciated.
2
Answers
Did you tried mounting the volume to main container also ?
Please refer this:
Full example
In your case, you need to use a
shared volume
. And you need to Mount this volume both in the init-container and main container. Then data or file will be inmain-container
of thepod
. you can read more about shared volume here.Lets discuss a example here:
step-1: First we need create a secret. Lets create a dummy one.
secret.yaml
let’s apply this one:
step-2 Now, Lets create a pod with shared volume mount in
init-container
and also onmain container
.Now let’s apply this one:
then you can see the log:
you can also check with exec into pod:
let’s
ls
/shared
path.