Configuring additional volumes and volume mounts

Additional volumes and volume mounts enable a way to attach extra files to all pods handled by Strimzi. With the help of these you can attach Secrets, ConfigMaps, empty directories, or PersistentVolumeClaims the pods as volumes. Once attached, pods are able to read and use the data available in the volumes.

You can use additional volumes and volume mounts when components or processes running in pods require access to additional data. For example, many Kafka Connect connectors access external systems like databases. Access to these systems might require credentials or TLS certificates for access. Using additional volumes and volume mounts, you can store TLS certificates in a Secret and mount that Secret to the Kafka Connect pods. This makes the certificates available to connectors. Once mounted, data from additional volumes can be referenced in resources using configuration providers.

Supported components

The following table collects the components that support additional volumes and volume mounts as well as their corresponding resources.

Table 1. Supported components for additional volumes and volume mounts
Component Resource
Cruise Control Kafka
Kafka Kafka and KafkaNodePool
Kafka Connect Kafka
KafkaExporter Kafka

Entity Operator

  • Topic Operator

  • User Operator

Kafka
ZooKeeper Kafka

Supported volume types

The following volume types are supported.

  • Secret
  • ConfigMap
  • EmptyDir
  • PersistentVolumeClaim

For Secrets or ConfigMaps, the contents of the resource's data field will be presented in a volume as files using the keys in the data field as the file names.

The empty directory represents an empty (ephemeral) directory for a pod.

For PersistentVolumeClaims (PVC), you reference the name of an existing PVC when defining the additional volume. The PVC must be created by you. When the PVC is referenced, it finds the bound PersistentVolume and mounts the volume for the pod.

Adding additional volumes and volume mounts

You mount additional volumes and volume mounts using pod and container template properties in the spec of a supported resource.

The following examples add a Secret, ConfigMap, an empty directory, as well as a PersistentVolumeClaim to a Kafka and KafkaNodePool resource. Additional volumes are defined the same way in other supported components and resources.
#...
kind: Kafka
spec:
  kafka:
    template:
      pod:
        volumes:
          - name: example-secret
            secret:
              secretName: secret-name
          - name: example-configmap
            configMap:
              name: config-map-name
          - name: temp
            emptyDir: {}
          - name: example-pvc-volume
            persistentVolumeClaim:
              claimName: myclaim
      kafkaContainer:
        volumeMounts:
          - name: example-secret
            mountPath: /mnt/secret-volume
          - name: example-configmap
            mountPath: /mnt/cm-volume
          - name: temp
            mountPath: /mnt/temp
          - name: example-pvc-volume
            mountPath: /mnt/data
#...
kind: KafkaNodePool
spec:
  template:
    pod:
      volumes:
        - name: example-secret
          secret:
            secretName: secret-name
        - name: example-configmap
          configMap:
            name: config-map-name
        - name: temp
          emptyDir: {}
        - name: example-pvc-volume
          persistentVolumeClaim:
            claimName: myclaim
    kafkaContainer:
      volumeMounts:
        - name: example-secret
          mountPath: /mnt/secret-volume
        - name: example-configmap
          mountPath: /mnt/cm-volume
        - name: temp
          mountPath: /mnt/temp
        - name: example-pvc-volume
          mountPath: /mnt/data