This page provides an overview of PodPresets, which are objects for injecting certain information into pods at creation time. The information can include secrets, volumes, volume mounts, and environment variables.
A Pod Preset
is an API resource for injecting additional runtime requirements
into a Pod at creation time.
You use label selectors
to specify the Pods to which a given Pod Preset applies.
Using a Pod Preset allows pod template authors to not have to explicitly provide all information for every pod. This way, authors of pod templates consuming a specific service do not need to know all the details about that service.
For more information about the background, see the design proposal for PodPreset.
Kubernetes provides an admission controller (PodPreset
) which, when enabled,
applies Pod Presets to incoming pod creation requests.
When a pod creation request occurs, the system does the following:
PodPresets
available for use.PodPreset
matches the labels on the
pod being created.PodPreset
into the
Pod being created.PodPreset
.PodPreset
. The annotation is of the form
podpreset.admission.kubernetes.io/podpreset-<pod-preset name>: "<resource version>"
.Each Pod can be matched zero or more Pod Presets; and each PodPreset
can be
applied to zero or more pods. When a PodPreset
is applied to one or more
Pods, Kubernetes modifies the Pod Spec. For changes to Env
, EnvFrom
, and
VolumeMounts
, Kubernetes modifies the container spec for all containers in
the Pod; for changes to Volume
, Kubernetes modifies the Pod Spec.
Note: A Pod Preset is capable of modifying the spec.containers
field in a
Pod spec when appropriate. No resource definition from the Pod Preset will be
applied to the initContainers
field.
There may be instances where you wish for a Pod to not be altered by any Pod
Preset mutations. In these cases, you can add an annotation in the Pod Spec
of the form: podpreset.admission.kubernetes.io/exclude: "true"
.
In order to use Pod Presets in your cluster you must ensure the following:
settings.k8s.io/v1alpha1/podpreset
. For
example, this can be done by including settings.k8s.io/v1alpha1=true
in
the --runtime-config
option for the API server.PodPreset
. One way to doing this
is to include PodPreset
in the --admission-control
option value specified
for the API server.PodPreset
objects in the
namespace you will use.