Kubernetes Storage & Configuration

Managing data and configuration is a critical part of running applications in Kubernetes. Since containers are temporary by nature, real-world applications require persistent storage and flexible configuration management to work reliably.

? In simple words: Kubernetes provides built-in solutions to store data safely and manage application settings efficiently.

Why Storage & Configuration Matter

In Kubernetes, pods can be created, restarted, or deleted at any time. Without proper storage and configuration management, this can lead to serious issues.

Common challenges without proper setup:

Data loss when pods are deleted or restarted
Application failures due to missing or incorrect configuration
Difficulty managing different environments (development, testing, production)

Kubernetes Storage Concepts

Volumes

A Volume in Kubernetes is used to store data inside a pod. It allows containers to persist and share data during the pod’s lifecycle.

Unlike containers:

Data inside a container is temporary and lost if the container restarts
Data inside a volume persists as long as the pod exists
Volumes can be shared between multiple containers in the same pod

Example

apiVersion: v1
kind: Pod
metadata:
  name: volume-pod
spec:
  containers:
  - name: app
    image: nginx
    volumeMounts:
    - mountPath: /data
      name: my-volume
  volumes:
  - name: my-volume
    emptyDir: {}

What This Configuration Does

Creates a pod named volume-pod
Attaches a volume named my-volume
Mounts it inside the container at /data
Uses emptyDir, which provides temporary storage

? Any data written to /data will remain available while the pod is running, but it will be deleted when the pod is removed.

Persistent Volumes (PV)

A Persistent Volume (PV) is a storage resource in a Kubernetes cluster that provides long-term storage independent of pods.

Unlike normal pod storage, a PV exists at the cluster level, not inside a pod. This means data stored in a PV will not be deleted even if pods are removed or restarted.

Key Features of PV

Exists independently of pods
Provides persistent (long-term) storage
Managed at the cluster level
Can be reused by multiple pods (based on access rules)
Helps prevent data loss in production systems

? In simple words: PV is a permanent storage space inside Kubernetes that keeps your data safe.

Example of Persistent Volume (PV)

apiVersion: v1
kind: PersistentVolume
metadata:
  name: my-pv
spec:
  capacity:
    storage: 5Gi
  accessModes:
    - ReadWriteOnce
  persistentVolumeReclaimPolicy: Retain
  hostPath:
    path: /mnt/data

Persistent Volume Claims (PVC)

A Persistent Volume Claim (PVC) is a request made by a pod for storage in a Kubernetes cluster.

It acts like a storage request ticket that asks Kubernetes to provide a suitable Persistent Volume (PV). Once matched, the PV is attached to the pod so it can store data safely.

Key Features of PVC

Requests storage from available Persistent Volumes (PV)
Automatically binds to a suitable PV
Connects pods to persistent storage
Simplifies storage management for applications
Helps in data persistence across pod restarts

? In simple words: PVC is how a pod asks Kubernetes for storage.

Example (PVC)

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: my-pvc
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 1Gi

Kubernetes Configuration Management

Kubernetes provides powerful tools to manage application configuration separately from application code. This makes applications more flexible, scalable, and easier to maintain.

ConfigMap

A ConfigMap is used to store non-sensitive configuration data such as environment variables and application settings.

It helps you change configuration without modifying your application code.

Common Use Cases of ConfigMap

Environment variables (dev, test, production)
Application configuration settings
Feature flags
Log levels and runtime settings

Example

apiVersion: v1
kind: ConfigMap
metadata:
  name: app-config
data:
  APP_MODE: production
  LOG_LEVEL: debug

Using ConfigMap Inside a Pod

You can inject ConfigMap values into a pod as environment variables.

env:
- name: APP_MODE
  valueFrom:
    configMapKeyRef:
      name: app-config
      key: APP_MODE

Secrets

Secrets in Kubernetes are used to store sensitive data securely such as passwords, API keys, tokens, and other confidential information.

Unlike ConfigMaps, Secrets are designed to handle critical data that should not be exposed in plain text.

Common Use Cases of Secrets

Database passwords
API keys
Authentication tokens
TLS certificates
Third-party service credentials

Example

apiVersion: v1
kind: Secret
metadata:
  name: app-secret
type: Opaque
data:
  DB_PASSWORD: cGFzc3dvcmQ=

Difference: ConfigMap vs Secret

Feature	ConfigMap	Secret
Data Type	Non-sensitive data	Sensitive data
Purpose	Store application configuration	Store confidential information
Storage Format	Plain text (readable format)	Base64 encoded format
Security Level	Low security	Higher security (but still needs extra protection)
Common Use Case	App settings, environment variables	Passwords, API keys, tokens
Visibility	Easily readable inside cluster	Hidden but can be decoded

Real-World Example

In a production Kubernetes system:

ConfigMap → stores app settings (mode, logs, environment variables)
Secret → stores sensitive data like database credentials and API keys
PVC (Persistent Volume Claim) → stores user uploads, files, and database data

This ensures:

Secure application (sensitive data protected using Secrets)
Flexible configuration (easy updates using ConfigMap)
Reliable storage (data persists using PVC even if pods restart)

Best Practices

Use PVC for all persistent data
Use ConfigMap for environment configuration
Use Secrets for sensitive information only
Never hardcode credentials in code
Avoid storing important data inside containers
Separate configuration from application logic

Conclusion

Kubernetes Storage & Configuration provides a complete solution for managing both data persistence and application settings in a scalable way.

Volumes handle temporary storage
Persistent Volumes ensure long-term storage
ConfigMaps manage application configuration
Secrets protect sensitive data

Together, they make Kubernetes applications secure, scalable, and production-ready