Use hostPath volumes - User Guide for Kubernetes Clusters| Alibaba Cloud Documentation Center

Background information

For more information about the solution provided by Alibaba Cloud Container Service for Kubernetes (ACK) to mount hostPath volumes, see hostPath.

Volume mount modes

hostPath volumes can be mounted in the following modes:


Mount mode	Description
DirectoryOrCreate	In this mode, if no content is found in the specified path, an empty directory is created. The permission on the created directory is set to 0755. The directory has the same group and ownership with kubelet.
Directory	In this mode, a directory must exist in the specified path.
FileOrCreate	In this mode, if no content is found in the specified path, an empty file is created. The permission on the created file is set to 0644. The file has the same group and ownership with kubelet.
File	In this mode, a file must exist in the specified path.

Example

Use the following template to directly mount a hostPath volume to a pod:

apiVersion: v1
kind: Pod
metadata:
  name: test
spec:
  containers:
  - image: nginx:1.7.9
    name: test
    volumeMounts:
    - mountPath: /test
      name: test-volume
  volumes:
  - name: test-volume
    hostPath:
      path: /data
      type: DirectoryOrCreate

You can also provision a hostPath volume as a persistent volume (PV) and create a persistent volume claim (PVC) that can be used to mount the PV to pods.

apiVersion: v1
kind: PersistentVolume
metadata:
  name: task-pv-volume
  labels:
    type: local
spec:
  capacity:
    storage: 10Gi
  accessModes:
    - ReadWriteOnce
  hostPath:
    path: "/data"
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: hostpath
spec:
  accessModes:
  - ReadWriteOnce
  resources:
    requests:
      storage: 10Gi

Mount hostPath volumes to running pods
In Kubernetes, after a pod starts to run, you cannot change the PVs that are mounted to the pod. If you need to dynamically mount external volumes to the running pod, perform the following steps:
Note
- This method uses the mount propagation feature provided by Linux. You must specify the mountPropagation field as Bidirectional when you mount a hostPath volume to the target pod. This propagates a directory on the host node to containers in the pod.
- The target pod must be running in privilege mode. This is required if you specify mountPropagation as Bidirectional.
- The target pod must be mounted with a directory from the file system of the host node. This way, running containers in the pod can receive all subsequent mounts to this directory.
Use the following template to create an NGINX application that uses a hostPath volume:
```
apiVersion: apps/v1
kind: Deployment
metadata:
  name: deployment-nas
  labels:
    app: nginx
spec:
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:1.7.9
        command: ["sh", "-c"]
        args: ["sleep 10000"]
        securityContext:
          privileged: true
          capabilities:
            add: ["SYS_ADMIN"]
          allowPrivilegeEscalation: true
        volumeMounts:
          - name: dynamic-volume
            mountPropagation: "Bidirectional"
            mountPath: "/dynamic-volume"
      volumes:
        - name: dynamic-volume
          hostPath:
            path: /mnt/dynamic-volume
            type: DirectoryOrCreate
```
Note
- Directory on the host node: /mnt/dynamic-volume.
- Mount path in the pod: /dynamic-volume.
The preceding configuration propagates external mounts targeting the /mnt/dynamic-volume/**** directory on the host node to the pod that is mounted with a hostPath volume of the /mnt/dynamic-volume directory. This allows you to dynamically mount external volumes to running pods.