Volumes, PVCs, and StorageClasses

Storage in Kubernetes splits into three objects and a driver.

• PersistentVolume (PV): the actual disk. Cluster-scoped resource representing a piece of storage.
• PersistentVolumeClaim (PVC): a Pod's request for storage. Namespaced.
• StorageClass (SC): a recipe for dynamically creating PVs when a PVC asks.
• CSI driver: the plugin that actually talks to the storage backend (AWS EBS, EFS, GCP PD).

The flow

You write a PVC. The StorageClass referenced in the PVC tells the CSI driver to provision a new EBS volume. CSI creates it, creates a PV pointing at it, binds the PVC to the PV. The kubelet attaches the volume to the node and mounts it into the Pod.

Access modes

• ReadWriteOnce (RWO): one node at a time. Default for block storage (EBS).
• ReadOnlyMany (ROX): many nodes, read-only.
• ReadWriteMany (RWX): many nodes, read-write. EFS, FSx, NFS.
• ReadWriteOncePod (RWOP): one Pod at a time, even on the same node. Newer, useful for databases.

Reclaim policy

• Delete: when the PVC is deleted, the underlying disk is deleted. Default for dynamic provisioning. Dangerous for prod databases.
• Retain: PV stays, disk stays. You manually clean up. Safe for stateful workloads.

StorageClass examples on EKS

apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata: { name: gp3 }
provisioner: ebs.csi.aws.com
parameters:
  type: gp3
  iops: "3000"
  throughput: "125"
volumeBindingMode: WaitForFirstConsumer
reclaimPolicy: Retain

WaitForFirstConsumer is critical. Without it the PV gets created in a zone before the Pod is scheduled, and you can end up with a PV in us-east-1a but a Pod scheduled to us-east-1b that cannot attach it.

The interview answer

PVC is the request, PV is the actual disk, StorageClass tells the CSI driver how to make new ones. RWO for block (EBS), RWX for shared (EFS). Always use Retain reclaim policy for stateful production data, always use WaitForFirstConsumer for zone-scoped storage.