You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: modules/nodes-pods-image-volume-about.adoc
+13-2Lines changed: 13 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -6,7 +6,12 @@
6
6
[id="nodes-pods-image-volume-about_{context}"]
7
7
= Understanding image volumes
8
8
9
+
// Hiding artifacts in 4.20; artifacts to go TP in 4.21
10
+
////
9
11
You can you use an _image volume_ to mount an Open Container Initiative (OCI)-compliant container image or artifact directly into a pod, making the files within the image accessible to the containers without the need to include them in the base image. This means you can host the data in an OCI-compliant registry.
12
+
////
13
+
14
+
You can use an _image volume_ to mount an Open Container Initiative (OCI)-compliant container image directly into a pod, making the files within the image accessible to the containers without the need to include them in the base image. This means you can host the data in an OCI-compliant registry.
10
15
11
16
By using an image volume in a pod, you can take advantage of the OCI image and distribution specification standards to accomplish several tasks including the following use cases:
12
17
@@ -15,8 +20,14 @@ By using an image volume in a pod, you can take advantage of the OCI image and d
15
20
16
21
* In an artificial intelligence environment, you can use image volumes to mount large language model weights or machine learning model weights in a pod alongside a model-server. You can efficiently serve model weights this way without including them in the model-server container image. Therefore, you can separate the model specifications and content from the executables that process them.
17
22
18
-
* You can package and distribute binary artifacts and mount them directly into your pods, allowing you to streamline your CI/CD pipeline. This allows you to maintain a small set of base images by attaching the CI/CD artifacts to the image volumes instead.
19
-
20
23
* You can use a public image for a malware scanner and mount it in a volume of private malware signatures, so that you can load those signatures without incorporating the image into a base image, which might not be allowed by the copyright on the public image.
21
24
25
+
////
26
+
* You can package and distribute binary artifacts and mount them directly into your pods, allowing you to streamline your CI/CD pipeline. This allows you to maintain a small set of base images by attaching the CI/CD artifacts to the image volumes instead.
27
+
////
28
+
29
+
////
22
30
To mount an image volume, include a path to the image or artifact in your pod spec with an optional pull policy as described in _Adding an image volume to a pod_.
31
+
////
32
+
33
+
To mount an image volume, include a path to the image in your pod spec with an optional pull policy as described in _Adding an image volume to a pod_.
Copy file name to clipboardExpand all lines: modules/nodes-pods-image-volume-adding.adoc
+50-13Lines changed: 50 additions & 13 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -6,7 +6,12 @@
6
6
[id="nodes-pods-image-volume-adding_{context}"]
7
7
= Adding an image volume to a pod
8
8
9
+
//Hiding artifacts in 4.20; artifacts to go TP in 4.21
10
+
////
9
11
To mount an Open Container Initiative (OCI)-compliant container image or artifact, use the `volume` parameter to include a path to the image or artifact in your pod spec with an optional pull policy. You can create the pod directly or use a controlling object, such as a deployment or replica set.
12
+
////
13
+
14
+
To mount an Open Container Initiative (OCI)-compliant container image, use the `volume` parameter to include a path to the image in your pod spec with an optional pull policy. You can create the pod directly or use a controlling object, such as a deployment or replica set.
10
15
11
16
.Procedure
12
17
@@ -29,18 +34,15 @@ spec:
29
34
volumes:
30
35
- name: volume
31
36
image: <1>
32
-
reference: quay.io/crio/artifact:v2 <2>
37
+
reference: quay.io/crio/image:v2 <2>
33
38
pullPolicy: Always <3>
34
39
----
35
-
<1> Specifies an OCI container image or artifact that is available on the host machine.
36
-
<2> Specifies the path to the image or artifact.
40
+
<1> Specifies an OCI container image that is available on the host machine.
41
+
<2> Specifies the path to the image.
37
42
<3> Specifies a pull policy, one of the following options:
38
-
+
39
-
--
40
43
* If `Always`, the kubelet always attempts to pull the image. If the pull fails, the kubelet sets the pod to `Failed`.
41
-
* If `Never`, the kubelet never pulls the image and only uses a local image or artifact. The pod becomes `Failed` if any layers of the image are not present locally, or if the manifest for that image is not already cached.
42
-
* If `IfNotPresent` the kubelet pulls the image if it not present. The pod becomes `Failed` if the image is not present and the pull fails. This is the default.
43
-
--
44
+
* If `Never`, the kubelet never pulls the image and only uses a local image. The pod becomes `Failed` if any layers of the image are not present locally, or if the manifest for that image is not already cached.
45
+
* If `IfNotPresent` the kubelet pulls the image if it is not present. The pod becomes `Failed` if the image is not present and the pull fails. This is the default.
44
46
// Pull policy details from upstream: https://kubernetes.io/docs/concepts/storage/volumes/#image
45
47
46
48
. Create the pod by running the following command:
@@ -50,6 +52,41 @@ spec:
50
52
$ oc create -f <file_name>.yaml
51
53
----
52
54
55
+
////
56
+
. Create a YAML file similar to the following.
57
+
+
58
+
[source,yaml]
59
+
----
60
+
apiVersion: v1
61
+
kind: Pod
62
+
metadata:
63
+
name: image-volume
64
+
spec:
65
+
containers:
66
+
- name: shell
67
+
command: ["sleep", "infinity"]
68
+
image: debian
69
+
volumeMounts:
70
+
- name: volume
71
+
mountPath: /volume
72
+
volumes:
73
+
- name: volume
74
+
image: <1>
75
+
reference: quay.io/crio/image:v2 <2>
76
+
pullPolicy: Always <3>
77
+
----
78
+
<1> Specifies an OCI container image or artifact that is available on the host machine.
79
+
<2> Specifies the path to the image or artifact.
80
+
<3> Specifies a pull policy, one of the following options:
81
+
--
82
+
+
83
+
* If `Always`, the kubelet always attempts to pull the image. If the pull fails, the kubelet sets the pod to `Failed`.
84
+
* If `Never`, the kubelet never pulls the image and only uses a local image or artifact. The pod becomes `Failed` if any layers of the image are not present locally, or if the manifest for that image is not already cached.
85
+
* If `IfNotPresent` the kubelet pulls the image if it is not present. The pod becomes `Failed` if the image is not present and the pull fails. This is the default.
86
+
--
87
+
// Pull policy details from upstream: https://kubernetes.io/docs/concepts/storage/volumes/#image
88
+
////
89
+
53
90
.Verification
54
91
55
92
* Examine the pod to view detailed information about the image pull and mount by using a command similar to the following:
@@ -67,17 +104,17 @@ Namespace: default
67
104
# ...
68
105
Volumes:
69
106
volume: <1>
70
-
Type: Image (a container image or OCI artifact)
71
-
Reference: quay.io/crio/artifact:v2
107
+
Type: Image
108
+
Reference: quay.io/crio/image:v2
72
109
PullPolicy: IfNotPresent
73
110
# ...
74
111
Events:
75
112
Type Reason Age From Message
76
113
---- ------ ---- ---- -------
77
114
# ...
78
-
Normal Pulling 46s kubelet Pulling image "quay.io/crio/artifact:v2"
79
-
Normal Pulled 44s kubelet Successfully pulled image "quay.io/crio/artifact:v2" in 2.261s (2.261s including waiting). Image size: 6707 bytes. <2>
115
+
Normal Pulling 46s kubelet Pulling image "quay.io/crio/image:v2"
116
+
Normal Pulled 44s kubelet Successfully pulled image "quay.io/crio/image:v2" in 2.261s (2.261s including waiting). Image size: 6707 bytes. <2>
80
117
# ...
81
118
----
82
-
<1> Indicates that the image volume was mounted to the pod.
119
+
<1> Indicates that the image was mounted to the pod.
83
120
<2> Indicates that the image was successfully pulled.
// Hiding artifacts in 4.20; artifacts to go TP in 4.21
10
+
////
10
11
You can mount an Open Container Initiative (OCI)-compliant container image or artifact directly into a pod, making the files within the image accessible to the containers without the need to include them in the base image, which allows you to host the data in OCI-compliant registries.
12
+
////
13
+
14
+
You can mount an Open Container Initiative (OCI)-compliant container image directly into a pod, making the files within the image accessible to the containers without the need to include them in the base image, which allows you to host the data in OCI-compliant registries.
11
15
12
16
// The following include statements pull in the module files that comprise
13
17
// the assembly. Include any combination of concept, procedure, or reference
0 commit comments