Windows Storage

Windows has a layered filesystem driver to mount container layers and create a copy filesystem based on NTFS. All file paths in the container are resolved only within the context of that container.

• With Docker, volume mounts can only target a directory in the container, and not an individual file. This limitation does not apply to containerd.
• Volume mounts cannot project files or directories back to the host filesystem.
• Read-only filesystems are not supported because write access is always required for the Windows registry and SAM database. However, read-only volumes are supported.
• Volume user-masks and permissions are not available. Because the SAM is not shared between the host & container, there’s no mapping between them. All permissions are resolved within the context of the container.

• Volume subpath mounts: only the entire volume can be mounted in a Windows container
• Host mount projection
• Read-only root filesystem (mapped volumes still support )
• Block device mapping
• Memory as the storage medium (for example, set to )
• File system features like uid/gid; per-user Linux filesystem permissions
• Setting (due to UID/GID dependency)
• NFS based storage/volume support

Kubernetes volumes enable complex applications, with data persistence and Pod volume sharing requirements, to be deployed on Kubernetes. Management of persistent volumes associated with a specific storage back-end or protocol includes actions such as provisioning/de-provisioning/resizing of volumes, attaching/detaching a volume to/from a Kubernetes node and mounting/dismounting a volume to/from individual containers in a pod that needs to persist data.

• • Please note that FlexVolumes have been deprecated as of 1.23
• CSI Plugins

In-tree volume plugins

The following in-tree plugins support persistent storage on Windows nodes:

• awsElasticBlockStore
• azureFile