Containers are ephemeral by design, but applications often need files, shared scratch space, configuration mounts, or durable data. Volumes are how Kubernetes turns container-local runtime into something more practical.

Why volumes matter

  • containers restart, but data may need to survive
  • multiple containers in one Pod may need the same files
  • config and secrets are usually safer as mounted files
  • storage choices directly affect performance and recovery

The common volume types worth understanding first

  • emptyDir: temporary storage for the Pod lifetime
  • configMap / secret: mounted configuration and credentials
  • persistentVolumeClaim: durable storage requested from the cluster
  • hostPath: direct host mount, useful in narrow cases but easy to misuse

emptyDir: temporary but very useful

emptyDir is ideal for:

  • scratch data
  • caches
  • sidecar file exchange
  • temporary build or transformation output
volumes:
  - name: cache
    emptyDir: {}
volumeMounts:
  - name: cache
    mountPath: /cache

It disappears with the Pod, which is either exactly what you want or exactly what you should avoid.

Config and Secret mounts

Volumes are also how many workloads receive configuration safely:

volumes:
  - name: app-config
    configMap:
      name: app-config
  - name: app-secret
    secret:
      secretName: app-secret
volumeMounts:
  - name: app-config
    mountPath: /etc/app/config
    readOnly: true
  - name: app-secret
    mountPath: /etc/app/secret
    readOnly: true

This fits naturally with kubernetes-quickstart-configmap-secret.md, which goes deeper into config and secret lifecycle.

PVC-backed storage

When data must survive Pod replacement, you usually move into PVC-backed volumes:

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: data-pvc
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 5Gi

Then mount it in the Pod:

volumes:
  - name: data
    persistentVolumeClaim:
      claimName: data-pvc
volumeMounts:
  - name: data
    mountPath: /var/lib/app

This is where kubernetes-quickstart-pv-pvc.md and kubernetes-quickstart-storageclass.md take over in more depth.

Temporary vs persistent: the first decision to make

Ask this before choosing a volume type:

  • if the Pod disappears, is the data allowed to disappear too?

If yes, emptyDir may be enough.

If no, start thinking about PVCs, StorageClasses, reclaim policy, backup, and restore.

That one decision removes a lot of confusion.

Shared data inside one Pod

If multiple containers in one Pod need the same files, mount the same volume into both:

apiVersion: v1
kind: Pod
metadata:
  name: producer-consumer
spec:
  volumes:
    - name: shared
      emptyDir: {}
  containers:
    - name: producer
      image: busybox
      command: ["sh", "-c", "while true; do date >> /data/out.txt; sleep 5; done"]
      volumeMounts:
        - name: shared
          mountPath: /data
    - name: consumer
      image: busybox
      command: ["sh", "-c", "tail -f /data/out.txt"]
      volumeMounts:
        - name: shared
          mountPath: /data

This pattern is common in sidecar-based processing, log handling, and content generation flows.

hostPath: useful but dangerous

hostPath mounts files directly from the node into the Pod.

Use it very carefully. It reduces portability and can create serious security and operational coupling to individual nodes.

If you do not control the node lifecycle tightly, hostPath is usually not the first answer you want.

Volumes and stateful workloads

Stateful systems almost always need more than just a volume. They usually also need:

  • stable identity
  • stable DNS
  • predictable rollout order

That is why volume topics naturally connect to:

  • kubernetes-quickstart-pv-pvc.md
  • kubernetes-quickstart-storageclass.md
  • kubernetes-quickstart-statefulset.md

Common failure modes

Pod is Pending

Often PVC binding or storage class issues.

Volume mount errors

Now you may be in CSI, node permission, or backend attach territory.

Data is gone after restart

Often because temporary storage was used where persistence was actually required.

Permission denied

Usually filesystem ownership, security context, or mount path mismatch.

Practical debugging commands

kubectl describe pod <pod-name>
kubectl describe pvc <pvc-name>
kubectl get pv

For deeper persistent storage issues, CSI controller logs often reveal more than the Pod event stream alone.

FAQ

Q: When should I choose emptyDir instead of PVC? A: Choose emptyDir when the data is temporary and losing it with the Pod is acceptable.

Q: Are volumes the same thing as backups? A: No. Volumes provide persistence or sharing. Backup and restore still need their own workflow.

Q: When is hostPath a bad idea? A: In most portable or multi-tenant scenarios. It tightly couples the workload to a specific node and can expose host-level risk.

Next reading

  • Continue with kubernetes-quickstart-pv-pvc.md for durable storage contracts.
  • Read kubernetes-quickstart-storageclass.md for dynamic provisioning policy.
  • For stateful workloads, continue with kubernetes-quickstart-statefulset.md.

Wrap-up

Most volume decisions are simpler than they first appear. Start by deciding whether the data is temporary or persistent. Then let that answer guide the rest of the design.

References