Edit This Page

Configure a Pod to Use a Projected Volume for Storage

This page shows how to use a projected volume to mount several existing volume sources into the same directory. Currently, secret, configMap, downwardAPI, and serviceAccountToken volumes can be projected.

Note: serviceAccountToken is not a volume type.

• Before you begin
• Configure a projected volume for a pod
• What's next

Before you begin

You need to have a Kubernetes cluster, and the kubectl command-line tool must be configured to communicate with your cluster. If you do not already have a cluster, you can create one by using Minikube, or you can use one of these Kubernetes playgrounds:

• Katacoda
• Play with Kubernetes

To check the version, enter kubectl version.

Configure a projected volume for a pod

In this exercise, you create username and password Secrets from local files. You then create a Pod that runs one Container, using a projected Volume to mount the Secrets into the same shared directory.

Here is the configuration file for the Pod:

pods/storage/projected.yaml
apiVersion: v1 kind: Pod metadata: name: test-projected-volume spec: containers: - name: test-projected-volume image: busybox args: - sleep - "86400" volumeMounts: - name: all-in-one mountPath: "/projected-volume" readOnly: true volumes: - name: all-in-one projected: sources: - secret: name: user - secret: name: pass

1. Create the Secrets:

   # Create files containing the username and password:
      echo -n "admin" > ./username.txt
      echo -n "1f2d1e2e67df" > ./password.txt
   
   # Package these files into secrets:
      kubectl create secret generic user --from-file=./username.txt
      kubectl create secret generic pass --from-file=./password.txt

2. Create the Pod:

      kubectl create -f https://k8s.io/examples/pods/storage/projected.yaml

3. Verify that the Pod’s Container is running, and then watch for changes to the Pod:

      kubectl get --watch pod test-projected-volume

   The output looks like this:

      NAME                    READY     STATUS    RESTARTS   AGE
      test-projected-volume   1/1       Running   0          14s

4. In another terminal, get a shell to the running Container:

      kubectl exec -it test-projected-volume -- /bin/sh

5. In your shell, verify that the projected-volume directory contains your projected sources:

      ls /projected-volume/

What's next

• Learn more about projected volumes.
• Read the all-in-one volume design document.

Feedback

Was this page helpful?

Thanks for the feedback. If you have a specific, answerable question about how to use Kubernetes, ask it on Stack Overflow. Open an issue in the GitHub repo if you want to report a problem or suggest an improvement.