Kubernetes Storage & Configuration

Managing data and configuration is a critical part of running applications in Kubernetes. Since containers are temporary by nature, real-world applications require persistent storage and flexible configuration management to work reliably.

👉 In simple words: Kubernetes provides built-in solutions to store data safely and manage application settings efficiently.

Why Storage & Configuration Matter

In Kubernetes, pods can be created, restarted, or deleted at any time. Without proper storage and configuration management, this can lead to serious issues.

Common challenges without proper setup:

• Data loss when pods are deleted or restarted
• Application failures due to missing or incorrect configuration
• Difficulty managing different environments (development, testing, production)

Kubernetes Storage Concepts

Volumes

A Volume in Kubernetes is used to store data inside a pod. It allows containers to persist and share data during the pod’s lifecycle.

Unlike containers:

• Data inside a container is temporary and lost if the container restarts
• Data inside a volume persists as long as the pod exists
• Volumes can be shared between multiple containers in the same pod

Example

apiVersion: v1
kind: Pod
metadata:
  name: volume-pod
spec:
  containers:
  - name: app
    image: nginx
    volumeMounts:
    - mountPath: /data
      name: my-volume
  volumes:
  - name: my-volume
    emptyDir: {}

What This Configuration Does

• Creates a pod named volume-pod
• Attaches a volume named my-volume
• Mounts it inside the container at /data
• Uses emptyDir, which provides temporary storage

👉 Any data written to /data will remain available while the pod is running, but it will be deleted when the pod is removed.

Persistent Volumes (PV)

A Persistent Volume (PV) is a storage resource in a Kubernetes cluster that provides long-term storage independent of pods.

Unlike normal pod storage, a PV exists at the cluster level, not inside a pod. This means data stored in a PV will not be deleted even if pods are removed or restarted.

Key Features of PV

• Exists independently of pods
• Provides persistent (long-term) storage
• Managed at the cluster level
• Can be reused by multiple pods (based on access rules)
• Helps prevent data loss in production systems

👉 In simple words: PV is a permanent storage space inside Kubernetes that keeps your data safe.

Example of Persistent Volume (PV)

apiVersion: v1
kind: PersistentVolume
metadata:
  name: my-pv
spec:
  capacity:
    storage: 5Gi
  accessModes:
    - ReadWriteOnce
  persistentVolumeReclaimPolicy: Retain
  hostPath:
    path: /mnt/data

Persistent Volume Claims (PVC)

A Persistent Volume Claim (PVC) is a request made by a pod for storage in a Kubernetes cluster.

It acts like a storage request ticket that asks Kubernetes to provide a suitable Persistent Volume (PV). Once matched, the PV is attached to the pod so it can store data safely.

Key Features of PVC

• Requests storage from available Persistent Volumes (PV)
• Automatically binds to a suitable PV
• Connects pods to persistent storage
• Simplifies storage management for applications
• Helps in data persistence across pod restarts

👉 In simple words: PVC is how a pod asks Kubernetes for storage.

Example (PVC)

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: my-pvc
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 1Gi

Kubernetes Configuration Management

Kubernetes provides powerful tools to manage application configuration separately from application code. This makes applications more flexible, scalable, and easier to maintain.

ConfigMap

A ConfigMap is used to store non-sensitive configuration data such as environment variables and application settings.

It helps you change configuration without modifying your application code.

Common Use Cases of ConfigMap

• Environment variables (dev, test, production)
• Application configuration settings
• Feature flags
• Log levels and runtime settings

Example

apiVersion: v1
kind: ConfigMap
metadata:
  name: app-config
data:
  APP_MODE: production
  LOG_LEVEL: debug

Using ConfigMap Inside a Pod

You can inject ConfigMap values into a pod as environment variables.

env:
- name: APP_MODE
  valueFrom:
    configMapKeyRef:
      name: app-config
      key: APP_MODE

Secrets

Secrets in Kubernetes are used to store sensitive data securely such as passwords, API keys, tokens, and other confidential information.

Unlike ConfigMaps, Secrets are designed to handle critical data that should not be exposed in plain text.

Common Use Cases of Secrets

• Database passwords
• API keys
• Authentication tokens
• TLS certificates
• Third-party service credentials

Example

apiVersion: v1
kind: Secret
metadata:
  name: app-secret
type: Opaque
data:
  DB_PASSWORD: cGFzc3dvcmQ=

Difference: ConfigMap vs Secret

Real-World Example

In a production Kubernetes system:

• ConfigMap → stores app settings (mode, logs, environment variables)
• Secret → stores sensitive data like database credentials and API keys
• PVC (Persistent Volume Claim) → stores user uploads, files, and database data

This ensures:

• Secure application (sensitive data protected using Secrets)
• Flexible configuration (easy updates using ConfigMap)
• Reliable storage (data persists using PVC even if pods restart)

Best Practices

• Use PVC for all persistent data
• Use ConfigMap for environment configuration
• Use Secrets for sensitive information only
• Never hardcode credentials in code
• Avoid storing important data inside containers
• Separate configuration from application logic

Conclusion

Kubernetes Storage & Configuration provides a complete solution for managing both data persistence and application settings in a scalable way.

• Volumes handle temporary storage
• Persistent Volumes ensure long-term storage
• ConfigMaps manage application configuration
• Secrets protect sensitive data

Together, they make Kubernetes applications secure, scalable, and production-ready