Nginx Question posted in
The official documentation can be found here.

when does kubernetes fetch from volume and when does it put to volume – Nginx

I’ve seen following two types of volumeMounts

volumeMounts:
- mountPath: <path>
  name: someName

and

volumeMounts:
- name: someNameHere
  mountPath: <somePathHere>

what is the difference in the two? When do we put content in volume and when do we fetch content from volume?

For e.g. in the link initContainer updates the volume, but nginx container takes data from that volume. And similarly, sidecar reads for the volume.

apiVersion: apps/v1
kind: Deployment
metadata:
  name: myapp
spec:
  selector:
    matchLabels:
      app: myapp-dep
  template:
    metadata:
      labels:
        app: myapp-dep
    spec:
      initContainers:
      - name: ssl-cert-creation
        image: deekshithsn/openssl
        command: ["/bin/sh"]
        args: ["-c","mkdir -p /etc/nginx/ssl;openssl req -newkey rsa:2048 -nodes -keyout /etc/nginx/ssl/nginx.key -x509 -days 365 -out /etc/nginx/ssl/nginx.crt -subj '/C=GB/ST=London/L=London/O=Global Security/OU=IT Department/CN=example.com'"]
        volumeMounts: 
          - name: ssl-cert
            mountPath: /etc/nginx/ssl
      containers:
      - name: myapp-dep
        image: deekshithsn/nginxhttps
        command: ["/home/auto-reload-nginx.sh"]
        ports:
        - containerPort: 443
        - containerPort: 80
        livenessProbe:
            httpGet:
              path: /index.html
              port: 80
            initialDelaySeconds: 30
            timeoutSeconds: 1
        volumeMounts:
          - mountPath: /etc/nginx/ssl
            name: ssl-cert
          - mountPath: /etc/nginx/conf.d
            name: nginx-files
          - mountPath: /var/log/nginx
            name: logs

      - name: sidecar-logs
        image: xueshanf/awscli
        command: ["/bin/sh"]
        args: ["-c","cp /root/scripts/syncs3.sh /root/syncs3.sh;chmod 777 /root/syncs3.sh;while true; do sh /root/syncs3.sh; sleep 10;done"]
        volumeMounts:
          - name: logs
            mountPath: /var/log/nginx
          - name: aws-credentials
            mountPath: /root/.aws/config
            subPath: config
          - name: aws-credentials
            mountPath: /root/scripts/syncs3.sh
            subPath: syncs3.sh
      volumes:
        - name: ssl-cert
          emptyDir: {}
        - name: logs
          emptyDir: {}
        - name: aws-credentials
          configMap:
            name: "aws-config"
        - name: nginx-files
          configMap:
            name: "nginx-config"

  replicas: 2
Tags:

2

Answers


  1. 0

    They are semantically the same. VolumeMounts is a hashmap with two keys mountPath and name. There is no difference in how Kubernetes interprets them.

    If you look at the json representation rather than yaml it might be more clear (The order of the keys does not matter)

    {
  "volumeMounts": [
    {
      "mountPath": "<path>",
      "name": "name"
    }
  ]
}

    {
  "volumeMounts": [
    {
      "name": "someNameHere",
      "mountPath": "<somePathHere>"
    }
  ]
}

    A volume mount specifies a volume to mounted on the specified file system location inside the container. Whether you read or write to that volume is entirely up to the applications running inside the container. Whether you can read or write is governed by file permissions like on any mount.

    Whether or not changes are propagated to other containers sharing the same mount depends on the mount propagation settings. Default is None in which case they will not.

    Login or Signup to reply.
  2. 0 
    volumeMounts:
- mountPath: <somePathHere>
  name: someNameHere

    volumeMounts:
- name: someNameHere
  mountPath: <somePathHere>

    First and Second both mean same, all contents stored in volume someNameHere are mounted into the Pod at path somePathHere. Volumes mount at the specified paths within the image. It means volume is mounted with pod path, now the read/write depends on the application.

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search