🔥 Volume Types Summary
Type    Persistent    Multi-node    Use Case
emptyDir    ❌    ❌    temp
hostPath    ❌    ❌    node access
PV/PVC    ✅    depends    DB
NFS    ✅    ✅    shared
StorageClass    ✅    depends    auto
ConfigMap    ❌    ❌    config
Secret    ❌    ❌    sensitive data
persistentVolumeClaimPolicy
persitentVolumeReclaimPolicy
persistentVolumeReclaimPolicy
=============================
persistenVolumeReclaimPolicy
persistantVolumeReclaimPolicy
pv 
apiVersion: v1
kind: PersistentVolume
metadata:
  name: nfs-pv-secure
spec:
  capacity:
    storage: 5Gi

  accessModes:
    - ReadWriteMany   # NFS supports multiple pods

  persistentVolumeReclaimPolicy: Retain

  mountOptions:
    - sec=sys         # default auth (explicit)
    - nfsvers=4.1     # stable version
    - hard            # safe retry behavior

  nfs:
    server: 192.168.1.10     # 👈 your NFS server IP
    path: /data/nfsshared/03042026
    readOnly: false
    
Common Units You Should Know
Unit    Meaning
Ki    Kilobyte
Mi    Megabyte
Gi    Gigabyte
Ti    Terabyte
-------------------------------------------------------------------------
| Mode                | Meaning                 |
| ------------------- | ----------------------- |
| ReadWriteOnce (RWO) | One node only           |
| ReadOnlyMany (ROX)  | Many pods read only     |
| ReadWriteMany (RWX) | Many pods read/write  |
==================================================================================
persistentVolumeReclaimPolicy: Retain

| Policy               | Behavior        |
| -------------------- | --------------- |
| Retain               | Keep data       |
| Delete               | Delete storage  |
| Recycle (deprecated) | Clean and reuse |
==============================================================================================

PVC

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: pvc-combined
spec:
  volumeName: nfs-pv-1          # 👈 exact PV

  accessModes:
    - ReadWriteMany

  storageClassName: ""          # 👈 ignore any StorageClass

  resources:
    requests:
      storage: 1Gi

  selector:
    matchLabels:
      app: app1                 # 👈 must match PV label
      

apiVersion: v1
kind: PersistentVolume
metadata:
  name: pvc4
  labels:
    type: pvc4

spec:
  volumeName: pv4
  accessModes:
    - ReadWriteMany
  storageClassName: ""
  resources:
    requests:
      storage: 1Gi
  selector:
    matchLabels:
      type: pv4

=========================================================================================================
POD with Volumes

apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: null
  labels:
    run: sample4
  name: sample4-vol-pod
spec:
  containers:
  - image: nginx:1.25
    name: sample4-vol-pod
    ports:
     - containerPort: 80
    command: ["/bin/sh","-c"]
    args: ["while true; do echo \"this is test $(date)\" > /data/file.txt; sleep 1; done;"]
    env:
      - name: TZ
        value: IST-5:30
    envFrom:
      - configMapRef:
          name: configmap4
      - secretRef:
          name: secret4

    volumeMounts:
      - name: sample4-vol-pod-pvc
        mountPath: /app
      - name: sample4-vol-pod-emptydir
        mountPath: /emptydir
      - name: sample4-vol-pod-hostonly
        mountPath: /hostpath
      - name: configmap4-vol
        mountPath: /etc/config
      - name: secret5-vol
        mountPath: /etc/secret5

  volumes:
  - name: sample4-vol-pod-pvc
    persistentVolumeClaim:
      claimName: pvc4
  - name: sample4-vol-pod-emptydir
    emptyDir: {}
  - name: sample4-vol-pod-hostonly
    hostPath:
      path: /data/k8/hostpath-vol-smaple4
      type: DirectoryOrCreate
  - name: configmap4-vol
    configMap:
      name: configmap4
  - name: secret5-vol
    secret:
      secretName: secret5
======================================================================
apiVersion: v1
kind: PersistentVolume
metadata:
  name: pv4
  labels:
    type: pv4
spec:
  capacity:
    storage: 1Gi
  accessModes:
    - ReadWriteMany
  persistentVolumeReclaimPolicy: Retain
  mountOptions:
    - sec=sys
    - nfsvers=4.1
    - hard

  nfs:
    server: 192.168.241.140
    path: /data/nfsshared/date-04march
    readOnly: false
====================================================================================

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: pvc4
  labels:
    type: pvc4

spec:
  volumeName: pv4
  accessModes:
    - ReadWriteMany
  storageClassName: ""
  resources:
    requests:
      storage: 1Gi
  selector:
    matchLabels:
      type: pv4
========================================================================================

apiVersion: v1
kind: ConfigMap
metadata:
  name: configmap4
  labels:
    type: configmap4
data:
  APP_COLOR: blue
  APP_MODE: dev
=======================================================================================

apiVersion: v1
kind: Secret
metadata:
  name: secret5
  labels:
    type: secret5
data:
  USERNAME: YWRtaW4K
  PASSWORD: YWRtaW4K

=========================================
kubectl create secret generic my-secret \
  --from-literal=key=value
  
| Type            | Purpose            |
| --------------- | ------------------ |
| generic         | Any key-value      |
| tls             | HTTPS certs        |
| docker-registry | Private image pull |
| basic-auth      | username/password  |
| ssh-auth        | SSH keys           |
=======================================================================

kubectl create configmap my-config-dir \
  --from-file=/path/to/config-dir/
  
  
kubectl create configmap my-config \
  --from-literal=APP_COLOR=blue \
  --from-literal=APP_MODE=dev
  
  ===============================
  
  openssl genrsa -out abhilash-ca.key 3072