kubernetes: ConfigMap volume: do not mount empty dir when subPath is not found
What happened:
When a ConfigMap volume is marked as optional and the corresponding volumeMount references a specific key with subPath, kubelet mounts an empty directory whenever that key is missing.
This would be fine without the presence of the subPath, however the user expects a file and not a directory in the scenario described. I noticed the behaviour after seeing an app crash due to the presence of a directory where it expected either a file or nothing.
What you expected to happen:
kubelet figures out the key referenced by subPath does not exist and skips the volume when it creates the container.
How to reproduce it (as minimally and precisely as possible):
Create the following Pod:
apiVersion: v1
kind: Pod
metadata:
name: empty-configmap-vol
spec:
containers:
- name: foo
image: nginx:alpine
volumeMounts:
- mountPath: /conf/local.properties
name: props
subPath: my.file.content
volumes:
- name: props
configMap:
name: missing-configmap
optional: true
An empty directory was mounted although the ConfigMap missing-configmap does not exist:
❯ kubectl exec empty-configmap-vol -- df -h
/dev/sda1 29.0G 4.8G 24.2G 17% /conf/local.properties
❯ kubectl exec empty-configmap-vol -- ls -l /conf
drwxrwxrwx 0 root root 0 Oct 24 19:34 local.properties
Environment:
- Kubernetes version: 1.9.2
- Container runtime: Docker
/kind feature /sig node
About this issue
- Original URL
- State: closed
- Created 7 years ago
- Comments: 25 (14 by maintainers)
/reopen /remove-lifecycle rotten
Any reason why this issue was closed? This “bug” is still present and cause unexpected behavior. In my opinion a ConfigMap volume marked as Optional should not mount an empty directory if the key does not exist.
Should secrets have the same behavior?