This page shows how to use a projected
volume to mount
several existing volume sources into the same directory. Currently, secret
, configMap
, downwardAPI
,
and serviceAccountToken
volumes can be projected.
Note:serviceAccountToken
is not a volume type.
You need to have a Kubernetes cluster, and the kubectl command-line tool must be configured to communicate with your cluster. If you do not already have a cluster, you can create one by using Minikube, or you can use one of these Kubernetes playgrounds:
To check the version, enter kubectl version
.
In this exercise, you create username and password Secrets from local files. You then create a Pod that runs one Container, using a projected
Volume to mount the Secrets into the same shared directory.
Here is the configuration file for the Pod:
pods/storage/projected.yaml
|
---|
|
Create the Secrets:
# Create files containing the username and password:
echo -n "admin" > ./username.txt
echo -n "1f2d1e2e67df" > ./password.txt
# Package these files into secrets:
kubectl create secret generic user --from-file=./username.txt
kubectl create secret generic pass --from-file=./password.txt
Create the Pod:
kubectl create -f https://k8s.io/examples/pods/storage/projected.yaml
Verify that the Pod’s Container is running, and then watch for changes to the Pod:
kubectl get --watch pod test-projected-volume
The output looks like this:
NAME READY STATUS RESTARTS AGE test-projected-volume 1/1 Running 0 14s
In another terminal, get a shell to the running Container:
kubectl exec -it test-projected-volume -- /bin/sh
In your shell, verify that the projected-volume
directory contains your projected sources:
ls /projected-volume/
projected
volumes.Was this page helpful?
Thanks for the feedback. If you have a specific, answerable question about how to use Kubernetes, ask it on Stack Overflow. Open an issue in the GitHub repo if you want to report a problem or suggest an improvement.