Copy file inside Kubernetes pod from another container

Question

I need to copy a file inside my pod during the time of creation. I don't want to use ConfigMap and Secrets. I am trying to create a volumeMounts and copy the source file using the kubectl cp command—my manifest looks like this.

apiVersion: v1
kind: Pod
metadata:
    name: copy
    labels:
      app: hello
spec:
  containers:
  - name: init-myservice
    image: bitnami/kubectl
    command: ['kubectl','cp','./test.json','init-myservice:./data']
    volumeMounts:
    - name: my-storage
      mountPath: data
  - name: init-myservices
    image: nginx
    volumeMounts:
    - name: my-storage
      mountPath: data
  volumes:
  - name: my-storage
    emptyDir: {}

But I am getting a CrashLoopBackOff error. Any help or suggestion is highly appreciated.

Answer 1

I do agree with an answer provided by H.R. Emon, it explains why you can't just run kubectl cp inside of the container. I do also think there are some resources that could be added to show you how you can tackle this particular setup.

For this particular use case it is recommended to use an initContainer.

initContainers - specialized containers that run before app containers in a Pod. Init containers can contain utilities or setup scripts not present in an app image.

Kubernetes.io: Docs: Concepts: Workloads: Pods: Init-containers

You could use the example from the official Kubernetes documentation (assuming that downloading your test.json is feasible):

apiVersion: v1
kind: Pod
metadata:
  name: init-demo
spec:
 containers:
 - name: nginx
   image: nginx
   ports:
   - containerPort: 80
   volumeMounts:
   - name: workdir
     mountPath: /usr/share/nginx/html
 # These containers are run during pod initialization
 initContainers:
 - name: install
   image: busybox
   command:
   - wget
   - "-O"
   - "/work-dir/index.html"
   - http://info.cern.ch
   volumeMounts:
   - name: workdir
     mountPath: "/work-dir"
 dnsPolicy: Default
 volumes:
 - name: workdir
   emptyDir: {}

-- Kubernetes.io: Docs: Tasks: Configure Pod Initalization: Create a pod that has an initContainer

You can also modify above example to your specific needs.

---

Also, referring to your particular example, there are some things that you will need to be aware of:

• To use kubectl inside of a Pod you will need to have required permissions to access the Kubernetes API. You can do it by using serviceAccount with some permissions. More can be found in this links:
  • Kubernetes.io: Docs: Reference: Access authn authz: Authentication: Service account tokens
  • Kubernetes.io: Docs: Reference: Access authn authz: RBAC
• Your bitnami/kubectl container will run into CrashLoopBackOff errors because of the fact that you're passing a single command that will run to completion. After that Pod would report status Completed and it would be restarted due to this fact resulting in before mentioned CrashLoopBackOff. To avoid that you would need to use initContainer.
• You can read more about what is happening in your setup by following this answer (connected with previous point):
  • Stackoverflow.com: Questions: What happens one of the container process crashes in multiple container POD?

---

Additional resources:

• Kubernetes.io: Pod lifecycle

A side note!

I also do consider including the reason why Secrets and ConfigMaps cannot be used to be important in this particular setup.