Use hostPath volumes - Container Service for Kubernetes - Alibaba Cloud Documentation Center

Background information

For more information about the solution provided by Container Service for Kubernetes (ACK) to mount hostPath volumes, see HostPath.

Volume mount modes

hostPath volumes can be mounted in the following modes:


Volume mount mode	Description
DirectoryOrCreate	In this mode, if no content is found in the specified path, an empty directory is created on demand. The permission on the created directory is set to 0755. The directory has the same group and ownership with kubelet.
Directory	Therefore, a directory must exist in the specified path.
FileOrCreate	In this mode, if no content is found in the specified path, an empty file is created. The permission of the created file is set to 0644. The file has the same group and ownership with kubelet.
File	In this mode, a file must exist in the specified path.

Examples

Use the following template to directly mount a hostPath volume to a pod:

apiVersion: v1
kind: Pod
metadata:
  name: test
spec:
  containers:
  - image: nginx:1.7.9
    name: test
    volumeMounts:
    - mountPath: /test
      name: test-volume
  volumes:
  - name: test-volume
    hostPath:
      path: /data
      type: DirectoryOrCreate

You can also provision a hostPath volume as a persistent volume (PV). Then, you can create a persistent volume claim (PVC) to mount the PV to pods.

apiVersion: v1
kind: PersistentVolume
metadata:
  name: task-pv-volume
  labels:
    type: local
spec:
  capacity:
    storage: 10Gi
  accessModes:
    - ReadWriteOnce
  hostPath:
    path: "/data"
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: hostpath
spec:
  accessModes:
  - ReadWriteOnce
  resources:
    requests:
      storage: 10Gi

Mount hostPath volumes to running pods.
In Kubernetes, after a pod starts to run, you cannot change the PVs that are mounted to the pod. If you need to dynamically mount external volumes to the running pod, perform the following steps:
Note
- This method uses the mount propagation feature provided by Linux. You must specify the mountPropagation field as Bidirectional when you mount a hostPath volume to the pod. This propagates a directory on the host node to containers in the pod.
- The pod must be running in privileged mode. This is required if you set mountPropagation to Bidirectional.
- The pod must be mounted with a directory from the file system of the host node. This way, running containers in the pod can receive all subsequent mounts to this directory.
Use the following template to create an NGINX application that has a hostPath volume mounted:
```
apiVersion: apps/v1
kind: Deployment
metadata:
  name: deployment-nas
  labels:
    app: nginx
spec:
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:1.7.9
        command: ["sh", "-c"]
        args: ["sleep 10000"]
        securityContext:
          privileged: true
          capabilities:
            add: ["SYS_ADMIN"]
          allowPrivilegeEscalation: true
        volumeMounts:
          - name: dynamic-volume
            mountPropagation: "Bidirectional"
            mountPath: "/dynamic-volume"
      volumes:
        - name: dynamic-volume
          hostPath:
            path: /mnt/dynamic-volume
            type: DirectoryOrCreate
```
Note
- Directory on the host node: /mnt/dynamic-volume.
- Mount path in the pod: /dynamic-volume.
The preceding configuration propagates external mounts targeting the /mnt/dynamic-volume/**** directory on the host node to the pod that is mounted with a hostPath volume of the /mnt/dynamic-volume directory. This allows you to dynamically mount external volumes to running pods.