⌂ Home

🗂️ Kubernetes Volume Types Comparison

Repository YAML Files:
📦

emptyDir

🔄 Ephemeral
📍 Pod Scope
⚡ Fast
💾

hostPath

💾 Host Persistent
🖥️ Node Scope
⚠️ Node-Bound
🗄️

PV/PVC

✅ Persistent
🌐 Cluster Scope
🔒 Decoupled
⚙️

ConfigMap

📄 Config Data
📖 Read-Only
🔄 Dynamic
🔐

Secret

🔑 Sensitive Data
📖 Read-Only
🔒 Encoded
Type Persistence Scope Multi-Pod Access Primary Use Case
emptyDir Ephemeral Pod Within Pod Temporary cache, scratch space
hostPath Host-Bound Node Same Node Only Access host logs/files, testing
PV/PVC Persistent Cluster Yes (RWX) Databases, stateful apps
ConfigMap Persistent Cluster Yes Non-sensitive configuration
Secret Persistent Cluster Yes Passwords, tokens, certificates

Persistence Timeline

Pod Lifetime Pod Created → Running → Terminated Duration: Minutes to Hours emptyDir Dies with Pod ✗ No persistence Node Lifetime Survives Pod restarts Duration: Days to Weeks hostPath Tied to Node ⚠ Node-bound Cluster Lifetime Independent of Pods/Nodes Duration: Weeks to Years PV/PVC True Persistence ✓ Survives everything Reclaim: Retain/Delete Ephemeral (lost on Pod deletion) Host-bound (lost if node fails) Persistent (independent lifecycle)

Storage Chain: StorageClass → PV → PVC → Pod

StorageClass standard provisioner: k8s.io/ minikube-hostpath type: pd-standard Provisions PersistentVolume pv-example capacity: 5Gi accessModes: RWO storageClass: standard Binds To PersistentVolumeClaim pvc-example requests: 5Gi accessModes: RWO storageClass: standard Mounts Pod my-app-pod volumes: - pvc: pvc-example mountPath: /data Storage Provisioning Flow 1. Admin creates StorageClass (or uses default) 2. User creates PVC → StorageClass dynamically provisions PV → PVC binds to PV 3. Pod references PVC → Kubernetes mounts volume at specified path

🎯 Decision Tree: Which Volume Type to Use?

Need temporary data during Pod lifetime? → Use emptyDir
• Shared cache between containers • Temporary processing • Scratch space
Need to access host node files/directories? → Use hostPath
• Access host logs • Testing/debugging • Single-node clusters only
Need persistent storage across Pod restarts? → Use PV/PVC
• Databases • User uploads • Application state
Need to inject configuration data? → Use ConfigMap
• Application config • Environment variables • Non-sensitive settings
Need to store sensitive information? → Use Secret
• Database passwords • API keys • TLS certificates

📦 emptyDir Example

apiVersion: v1
kind: Pod
metadata:
  name: emptydir-example
spec:
  containers:
  - name: app
    image: busybox
    command: ["/bin/sh", "-c"]
    args: ["echo 'Writing to cache' > /data/cache.txt && sleep 3600"]
    volumeMounts:
    - mountPath: "/data"
      name: cache-volume
  - name: sidecar
    image: busybox
    command: ["/bin/sh", "-c"]
    args: ["while true; do cat /data/cache.txt 2>/dev/null; sleep 5; done"]
    volumeMounts:
    - mountPath: "/data"
      name: cache-volume
  volumes:
  - name: cache-volume
    emptyDir: {}  # Deleted when Pod terminates

💾 hostPath Example

apiVersion: v1
kind: Pod
metadata:
  name: hostpath-example
spec:
  containers:
  - name: log-reader
    image: busybox
    command: ["/bin/sh", "-c"]
    args: ["tail -f /host/syslog"]
    volumeMounts:
    - mountPath: "/host"
      name: host-volume
      readOnly: true
  volumes:
  - name: host-volume
    hostPath:
      path: /var/log  # Accesses host node's /var/log
      type: Directory  # Must exist on host

🗄️ PV/PVC Example

---
apiVersion: v1
kind: PersistentVolume
metadata:
  name: pv-example
spec:
  capacity:
    storage: 5Gi
  accessModes:
    - ReadWriteOnce  # RWO, ROX, or RWX
  persistentVolumeReclaimPolicy: Retain
  storageClassName: standard
  hostPath:
    path: /mnt/data
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: pvc-example
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 5Gi
  storageClassName: standard
---
apiVersion: v1
kind: Pod
metadata:
  name: pvc-pod
spec:
  containers:
  - name: app
    image: nginx
    volumeMounts:
    - mountPath: "/usr/share/nginx/html"
      name: storage
  volumes:
  - name: storage
    persistentVolumeClaim:
      claimName: pvc-example

⚙️ ConfigMap Example

---
apiVersion: v1
kind: ConfigMap
metadata:
  name: app-config
data:
  app.properties: |
    database.host=db.example.com
    database.port=5432
    log.level=INFO
  ui.json: |
    {
      "theme": "dark",
      "language": "en"
    }
---
apiVersion: v1
kind: Pod
metadata:
  name: configmap-pod
spec:
  containers:
  - name: app
    image: myapp:1.0
    volumeMounts:
    - name: config
      mountPath: "/etc/config"
      readOnly: true
  volumes:
  - name: config
    configMap:
      name: app-config  # Mounts all keys as files

🔐 Secret Example

---
apiVersion: v1
kind: Secret
metadata:
  name: db-secret
type: Opaque
data:
  # Base64 encoded values
  username: YWRtaW4=        # 'admin'
  password: cGFzc3dvcmQxMjM=  # 'password123'
---
apiVersion: v1
kind: Pod
metadata:
  name: secret-pod
spec:
  containers:
  - name: app
    image: postgres:13
    env:
    - name: POSTGRES_USER
      valueFrom:
        secretKeyRef:
          name: db-secret
          key: username
    - name: POSTGRES_PASSWORD
      valueFrom:
        secretKeyRef:
          name: db-secret
          key: password
    volumeMounts:
    - name: secret-volume
      mountPath: "/etc/secrets"
      readOnly: true
  volumes:
  - name: secret-volume
    secret:
      secretName: db-secret  # Also mountable as files