3 min read

Accessing Kubernetes Volumes When Using Telepresence

Telepresence does a great job when it comes to local development environments for remote Kubernetes clusters.
When you launch it for the first time, it’s pretty apparent that it exposes the environment variables that are available to the original pod.
But what about volumes, or secrets and config maps that the deployment mounts as files?
You want to be able to access the persistent storage that your pods have.

Telepresence has a solution, which requires a little digging around, but trust me, it will only take a few minutes.

To demonstrate, I’ll show you how to access the volumes from the command line, and then how to do so from your applications.

Where are my volumes?

My deployment has a volume claim, mounted to the /data folder:

        volumeMounts:
          - mountPath: "/data"
            name: demowebapp
      volumes:
        - name: demowebapp
          persistentVolumeClaim:
            claimName: demowebapp-pvc       

Once your execute the Telepresence command and get a shell, you will be able to see a new environment variable that points to the Pod filesystem:

@arn:aws:eks:us-east-1:803461046752:cluster/demoApp|bash-3.2$ echo $TELEPRESENCE_ROOT
/tmp/tel-g1me6qt0/fs
@arn:aws:eks:us-east-2:803461046752:cluster/demoApp|bash-3.2$ ls -l $TELEPRESENCE_ROOT/
total 128
drwxr-xr-x  1 yuval  staff  4096 Mar  6  2019 bin
drwxr-xr-x  1 yuval  staff  4096 Apr 25 11:56 data
drwxr-xr-x  1 yuval  staff   360 Apr 25 13:55 dev
drwxr-xr-x  1 yuval  staff    66 Apr 25 13:55 etc
drwxr-xr-x  1 yuval  staff     6 Mar  6  2019 home
drwxr-xr-x  1 yuval  staff    17 Jan 23 23:12 lib
drwxr-xr-x  1 yuval  staff    44 Mar  6  2019 media
drwxr-xr-x  1 yuval  staff     6 Mar  6  2019 mnt
dr-xr-xr-x  1 yuval  staff     0 Apr 25 13:55 proc
drwx------  1 yuval  staff     6 Mar  6  2019 root
drwxr-xr-x  1 yuval  staff    22 Apr 25 13:55 run
drwxr-xr-x  1 yuval  staff  4096 Mar  6  2019 sbin
drwxr-xr-x  1 yuval  staff     6 Mar  6  2019 srv
drwxrwxrwt  1 yuval  staff   100 Apr 25 13:55 ssl
dr-xr-xr-x  1 yuval  staff     0 Apr 25 13:55 sys
drwxrwxrwt  1 yuval  staff     6 Jan 23 23:12 tmp
drwxr-xr-x  1 yuval  staff    17 Jan 23 23:12 usr
drwxr-xr-x  1 yuval  staff    17 Jan 23 23:12 var

You can see that the /data folder is right there accessible on my local environment.

Secrets work the same way, and as you can see, we have an /ssl folder mounted, which contains our secret key.

Ok, so we have the command line covered, let’s see how we can use this in our application.

How to use the volumes in our locally run application

Because I am running a Java Spring Boot application, which has an “application.properties” file that includes my application’s settings. 
In my simple example, I keep two versions of this file: One for production and one for development, which is selected when passing the correct active profile.

Most frameworks have the concept of external env files, that can override/set the application’s settings, so this probably applies to your use case as well.

My application-development.properties file:

app:
  datasource:
    jdbc-url: jdbc:postgresql://postgres:5432/demodb
    username: postgres
    password: password
    pool-size: 30
server.ssl.key-store: ${TELEPRESENCE_ROOT}/ssl.jks

The server.ssl.key-store is set to ${TELEPRESENCE_ROOT}/ssl.jks
In the original application.properties file, the path points to the secret mount.

Want to learn more about how Telepresence can help you? A little while ago, I ran a webinar that showcased how to use it: