One of my friends asked me a question that was around how a single volume can be mounted across 2 different containers in separate paths for the same pod. Like under the hood, what's exactly happening? How are they seeing the same files even though they are mounted in different paths across 2 different containers?
To understand this, I found a simple pod definition example on the following link and tweaked it a bit, and added an explanation below with diagrams.
The below pod template has one volume of type emptyDir defined called shared-data and 2 containers (nginx and debian) defined which mount the same volume on 2 different paths. I tweaked the start-up command a bit but basically the 2 containers share the same volume, but mount the volume on 2 different paths /usr/share/nginx/html and /pod-data
apiVersion: v1
kind: Pod
metadata:
name: two-containers
spec:
restartPolicy: Never
volumes:
- name: shared-data
emptyDir: {}
containers:
- name: nginx-container
image: nginx
volumeMounts:
- name: shared-data
mountPath: /usr/share/nginx/html
- name: debian-container
image: debian
volumeMounts:
- name: shared-data
mountPath: /pod-data
command: ["/bin/sh"]
args: ["-c", "sleep infinity"]
The volume shared-data is of type emptyDir means that the lifespan of the volume is attached to the lifespan of the pod (so basically you lose data when pod restarts) and the volume will be created/stored on the node where the pod is scheduled to run.
I could access a simple k8s cluster online (for free) on https://killercoda.com/
There you have one control node and one worker node (node01)
I will try and create the pod and this is how the overall layout looks like (might not be super accurate but gives an idea in general)
So, since the volume is of type emptyDir (I guess you are aware there are many other types of volumes like pvc, config map, nfc, hostPath etc and k8s maintains that abstraction) it is basically a shared folder on the node01 file system.
Below screenshot shows the pod created on node, node01
To prove that the file is stored directly on node, I will create a dummy file under the debian container under the path /pod-data called test123.txt
Now, I will ssh into the k8s worker node, node01 where the pod is running and try and find the file test123.txt in its file system
As you can see there is a folder called share-data available on the worker node host and this is the only file/folder that exists.
What this means is that this is a physical folder representing the volume shared between the 2 containers nginx and debian who mount this volume under different respective paths.
This makes sense since the containers could have different folder structures internally but fundamentally they see the same set of files under their respective mounted folders.
As you can see below, the same file test123.txt is now also available in the nginx container but the relative path is different as specified in the spec.
If I do the reverse operation that is create a folder in the nginx container with a file under it I would see the same effects.
I should see this file and folder created on the node
Also, I should see this is available on the debian container under /pod-data
Now something crazy. I will try to create the file on the worker node node01 directly lets say called ghost.txt and check if this reflects on the 2 containers.
As you can see below, it works
We have used a simple example with a volume of type emptyDir but fundamentally, it should be the same for other volumes as well. Feel free to add comments here and we can discuss.
No comments:
Post a Comment