• How kubernetes hides away the volumeMounts complexity

    If we try compare volumeMounts with the actual mounts that we have on a pod using, for example, df it can be quite confusing due to the usage of the overlay filesystem

    Let's consider the volumeMounts section of a deploy:

    $ kubectl get deploy pet2cattle -o yaml
              - mountPath: /opt/pet2cattle/conf
                name: config
              - mountPath: /opt/pet2cattle/data
                name: pet2cattle
                subPath: data
              - mountPath: /opt/pet2cattle/lib
                name: pet2cattle
                subPath: lib
              - mountPath: /tmp
                name: tmp-dir

    And compare it with the filesystem we see on the pod:

    $ kubectl exec pet2cattle-8475d6697-jbmsm -- df -hP
    Filesystem      Size  Used Avail Use% Mounted on
    overlay         100G  9.7G   91G  10% /
    tmpfs            64M     0   64M   0% /dev
    tmpfs           3.9G     0  3.9G   0% /sys/fs/cgroup
    /dev/xvda1      100G  9.7G   91G  10% /tmp
    shm              64M     0   64M   0% /dev/shm
    /dev/xvdcu       20G  2.5G   18G  13% /opt/pet2cattle/lib
    tmpfs           3.9G   12K  3.9G   1% /run/secrets/kubernetes.io/serviceaccount
    tmpfs           3.9G     0  3.9G   0% /proc/acpi
    tmpfs           3.9G     0  3.9G   0% /proc/scsi
    tmpfs           3.9G     0  3.9G   0% /sys/firmware


  • kubernetes: Access secrets through a volumes

    To be able to use a secret on a deployment (or generally speaking, any pod) we can choose to share it by using either volumes or environment variables. Let's take a look hwo it would look like using an volume mount



From pet to cattle
Treat your kubernetes clusters like cattle, not pets