DocsTelepresenceVolume mounts
Volume mounts
Telepresence supports locally mounting of volumes that are mounted to your Pods. You can specify a command to run when starting the intercept, this could be a subshell or local server such as Python or Node.
In this case, Telepresence creates the intercept, mounts the Pod's volumes to locally to /tmp
, and starts a Bash
subshell.
Telepresence can set a random mount point for you by using --mount=true
instead, you can then find the mount point in
the output of telepresence list
or using the $TELEPRESENCE_ROOT
variable.
With either method, the code you run locally either from the subshell or from the intercept command will need to be
prepended with the $TELEPRESENCE_ROOT
environment variable to utilize the mounted volumes.
For example, Kubernetes mounts secrets to /var/run/secrets/kubernetes.io
(even if no mountPoint
for it exists in the
Pod spec). Once mounted, to access these you would need to change your code to use
$TELEPRESENCE_ROOT/var/run/secrets/kubernetes.io
.
Docker volumes
When connecting to a cluster using telepresence connect --docker
and then intercepting using --docker-run
, or when
using docker
intercept handlers in an Intercept Specification, telepresence will mount volumes
using the Telemount Docker volume plugin. The mounts will use the
same paths as the intercepted container.
Telepresence will install the volume-plugin on demand from docker.io/datawire/telemount
.
Hide Certain Volumes
Telepresence's default behavior is to make all volumes that an intercepted pod mounts available locally. This behavior
can be overridden by adding the annotation telepresence.getambassador.io/inject-ignore-volume-mounts
to the workload
that describes the intercepted pod. The annotation will make the injector ignore certain volume mounts. The annotation
value is a comma-separated list, where each item is the name
of a volume mount that should be ignored. The matching
mounts will never be exposed to intercepting clients.
ON THIS PAGE