As direct mount or persistent volume claim the Azure docs show how to mount an Azure Files storage account to a Kubernetes pod. This mounts the entire storage as the mounted path. How do I instead mount a folder within the Azure Files storage to Kubernetes?
On Azure Files, I have the following:
AzureFiles
|- folder1
|- file1
|- folder2
|- file2
When I mount the Azure Files storage account to Kubernetes (to /mnt/azure) I see this:
/mnt
|- azure
|- folder1
|- file1
|- folder2
|- file2
Instead I'd like to see this when I mount Azure Files' path folder1:
/mnt
|- azure
|- file1
How do I change my Pod definition to specify this path:
apiVersion: v1
kind: Pod
metadata:
name: mypod
spec:
containers:
- // ... snip ...
volumeMounts:
- name: azure
mountPath: /mnt/azure
volumes:
- name: azure
azureFile:
secretName: azure-secret
shareName: aksshare
readOnly: false
// TODO: how to specify path in aksshare
Edit
Search for several days, I figure out how to mount a sub-folder of the Azure File Share to the AKS pod. You can set the yaml file like this:
volumes:
- name: azure
azureFile:
secretName: azure-secret
shareName: share/subfolder
readOnly: false
Just set the share name with the directory, take care, do not append / in the end. The screenshot of the result is here:
For more details, see Naming and Referencing Shares, Directories, Files, and Metadata.
I believe you can use subPath. So something like this:
apiVersion: v1
kind: Pod
metadata:
name: mypod
spec:
containers:
- // ... snip ...
volumeMounts:
- name: azure
mountPath: /mnt/azure
subPath: folder1
volumes:
- name: azure
azureFile:
secretName: azure-secret
shareName: aksshare
readOnly: false
// TODO: how to specify path in aksshare
Related
I initially had only app on Linux node and used mounted volume for it (Azure Storage Account and File Share), and everything works perfectly.
Extracted definition from YAML:
volumeMounts:
- name: test-volume
mountPath: /opt/arena/
volumes:
- name: test-volume
azureFile:
secretName: test-secret
shareName: test-share
Now for my second app (same app but deployed on Windows container) I need to use the same storage account and file share.
Only I will mount windows path.
....
volumeMounts:
- name: test-volume
mountPath: "C:\\arena"
........
volumes:
- name: test-volume
azureFile:
secretName: test-secret
shareName: test-share
When mounted for linux I am getting immediately my log directory with file "ads.log"
log
|__ads.log
But the same directory "log" and the same file "ads.log" exists on the Windows container as well.
I would like to use the same storage account and file share on Azure in order not to increase costs.
But how I can achieve that both Linux and Windows containers are mounted into volumes but also in the same time to differentiate which log is from which container???
Also additional question since I didn't yet do the windows mounting: is the mountPath: "C:\\arena" correct way of defining this? Because in some examples on web some plugins are mentioned for windows etc.
Thanks
First, the mount format for windows is right. So you don't need to worry about it. Second, to differentiate the log folder which is for Linux container and which is for windows container from the same file share, you can mount the subfolders of the file share.
File Share:
aksshare
│── linux
│── windows
screenshot:
Then the mount the file share like this:
.....
volumeMounts:
- name: azure
mountPath: /mnt/azure
volumes:
- name: azure
azureFile:
shareName: aksshare/linux
secretName: azure-secret
This way will mount the two subfolders of the file share to the different containers and won't affect each other.
We have a spring MVC application deployed using tomcat image in AKS.
How to get values from Secrets mounted as volumes?
Most of the examples points to spring boot only
I am mounting values from secret store
kind: Pod
apiVersion: v1
metadata:
name: nginx
namespace: default
labels:
aadpodidbinding: pod-mi
spec:
containers:
- name: nginx
image: nginx
volumeMounts:
- name: foo
mountPath: "/mnt/secrets"
readOnly: true
volumes:
- name: foo
csi:
driver: secrets-store.csi.k8s.io
readOnly: true
volumeAttributes:
secretProviderClass: spc.
can see the secrets get mounted correctly:
kubectl -n default exec -it nginx -- bash
root#nginx:/# ls /mnt/secrets
service-one-secret
service-two-secret
Cat service-one-secret doesn't return anything
Can any one suggest a way to read its values from spring mvc application?
When you mount the secret as a volume to the container, then it would show the data of the secret in that path. For example, you create a secret with the command:
kubectl create secret generic basic-secret \
--from-literal=username="jsmith" \
--from-literal=password="mysupersecurepassword"
Then you mount the secret as a volume:
...
spec:
volumes:
- name: vol-secret
secret:
secretName: my-secret
containers:
...
volumeMounts:
- name: vol-secret
mountPath: /etc/app/secrets
Then you can see the files named username and password in the path /etc/app/secrets, and the value looks like this:
/ # ls /etc/app/secrets
password user
/ # cat /etc/app/secrets/password
mysupersecurepassword
/ # cat /etc/app/secrets/username
jsmith
I wanted mapped two file from container to Azure file:
/Logs/abc.xml ( abc.xml need to mount also logs have multiple files and folder that do need to mount ).
/temp/folder/file.txt (file.txt need to mount its also have multiple file and folder )
Need to mount both of them to same file share.
I tried To use sub path but its creating the folder in the azure file but do not have file. I'm also getting error in kubernetes deployment.
error:- known: Are you trying to mount a directory onto a file (or
vice-versa)? Check if the specified host path exists and is the
expected type Back-off restarting failed container
volumeMounts:
- name: serverxml
mountPath: /test/Server.xml
subPath: Server.xml
volumes:
- name: serverxml
azureFile:
secretName: azure-fileshare-secret
shareName: customer1-uat-config
readOnly: false
where azure-fileshare-secret is having secretkey of storage.
Expected results: customer1-uat-config/test/server.log
and customer1-uat-config/folder/file.txt
For your issue, you should know one point that you cannot mount the files to the Azure file share. Files cannot mount to the storage. But you can mount the folders to folders of Azure file share. You can use one file share with multiple folders in it, and then mount the folders in your container to the folders in that file share.
The setting in the yaml file like this:
volumeMounts:
- name: test
mountPath: /test
- name: folder
mountPath: /folder
volumes:
- name: test
azureFile:
secretName: azurefile-secret
shareName: aksshare/test
readOnly: false
- name: folder
azureFile:
secretName: azurefile-secret
shareName: aksshare/folder
And the screenshots of the result here:
I have been trying to mount a file share on Kubernetes pod hosted on AKS in Azure. So far, I have tried to:
1. Successfully created a secret by base64 encoding the name and the key
2. Create a yaml by specifying the correct configurations
3. Once I apply it using kubectl apply -f azure-file-pod.yaml, it gives me the following error:
Output: mount error: could not resolve address for
demo.file.core.windows.net: Unknown error
I have an Azure File Share by the name of demo.
Here is my yaml file:
apiVersion: v1
kind: Pod
metadata:
name: azure-files-pod
spec:
containers:
- image: microsoft/sample-aks-helloworld
name: azure
volumeMounts:
- name: azure
mountPath: /mnt/azure
volumes:
- name: azure
azureFile:
secretName: azure-secret
shareName: demo
readOnly: false
How can this possibly be resolved?
Github Issue
I'm using Azure ACS with Kubernetes orchestrator with Windows agents.
But I keep running into an issue when I try to use azureFile volume, it never seems to find my share.
The volume remains unknown, and when trying to browse to the website it gives access denied:
But this is probably because the folder is empty.
I'll show you my .yaml file and storagestructure, i'm pretty sure my secret is correct, doublechecked it.
pod.yaml
apiVersion: v1
kind: Pod
metadata:
name: azurepod
labels:
Volumes: ok
spec:
containers:
- image: XXXX
name: aspvolumes
volumeMounts:
- mountPath: C:\site
name: asp-website-volume
imagePullSecrets:
- name: crcatregistry
nodeSelector:
OS: windows
volumes:
- name: asp-website-volume
azureFile:
secretName: azure-secret
shareName: asptestsite
readOnly: false
k8s azure file mount on windows node is not ready yet, the code has been merged into v1.9, see https://github.com/Azure/kubernetes/pull/11, and this feature relies on a new Windows version which is not published yet.