Mount OCI Image as Volume in Kubernetes Pods

Author

Bibin Wilson
August 26, 2025

👋 Hi! I’m Bibin Wilson. In each edition, I share practical tips, guides, and the latest trends in DevOps and MLOps to make your day-to-day DevOps tasks more efficient. If someone forwarded this email to you, you can subscribe here to never miss out!

In my Kubernetes ML features newsletter, I wrote about the native ML capabilities offered by Kubernetes. One of the features I mentioned was OCI image volumes.

In this guide, we will take a closer look at this feature with a hands-on project.

ImageVolume Feature (Beta Feature)

Kubernetes version 1.31 has introduced a new alpha feature that allows you to use OCI image volumes directly within Kubernetes pods. In Kubernetes version 1.33, it has been changed to a beta feature.

So what are OCI images?

OCI images are images that follow Open Container Initiative specifications.

You can use the ImageVolume feature to store binary artifacts in images and mount them to pods.

Use Case

This is particularly useful for ML projects dealing with LLMs.

Large Language Model deployment often involves pulling models from various sources like cloud object storage or other URIs.

OCI images containing model data make it much easier to manage and switch between different models.

Note: This feature is not limited to LLMs. You can use it for any workload that benefits from shipping data inside an image (datasets, configs, static assets, or even tools)

Hands-on: Enable ImageVolume Feature gate

Lets do a hands-on on Image Volume to understand how it works.

To mount OCI image in a pods volume, first you need to enable the feature gate ImageVolume.

Note: If you are using CRI-O, the version should be v1.31 or higher. If you are using containerd, the version should be v2.1.0 or higher.

To enable this feature gate, you have to modify the API server manifest and kubelet config file as given below.

sudo vi /etc/kubernetes/manifests/kube-apiserver.yaml

Then add the following line.

- --feature-gates=ImageVolume=true

Once you save the file, the API server will restart automatically.

Now, modify the kubelet config file.

sudo vi /var/lib/kubelet/config.yaml

Now add the following block inside the config file.

featureGates:
  ImageVolume: true

Then restart the kubelet.

sudo systemctl daemon-reload

sudo systemctl restart kubelet

Build a OCI image

The next step is to build an OCI image.

For this example, I am using a prediction model that I have locally. You can replace the model file with any file for testing.

Here is the Dockerfile.

FROM scratch
COPY model.pkl /models/model.pkl

I have uploaded this image to Docker Hub as devopscube/oci-image:1.0.
You can use it directly for testing.

Predictor Application

To validate the image volume, I will use a Python predictor application that loads the model.pkl file mounted through the image volume.

I have already built the app and published it as devopscube/predictor:1.0, which you can use for testing.

Here is the code python code that is part of the predictor image.

Test the ImageVolume

Now lets deploy the predictor image and the OCI volume image to test the image volume.

Here are the Deployment and Service manifests.

Deploy the above manifest and once the pod is running without issues, check if the model.pkl file is inside the volume.

$ kubectl exec -it predictor-7f7ff66689-gwg5w -- ls /volume/models

model.pkl

Now run the following command to port-forward the predictor service so that we can test the prediction endpoint.

kubectl port-forward svc/predictor-svc 8080:80

Now, use the following curl command from your workstation to send a prediction request to the predictor application. This will validate whether the application is able to access the model.pkl file from the ImageVolume.

curl -X POST \
  -H "Content-Type: application/json" \
  -d '{
        "instances": [
          "sparrow",
          "elephant",
          "rose"     
        ]
      }' \
  "http://127.0.0.1:8080/v1/models/model:predict"

You will get the following output.

This is the expected output, 0 means animal, 1 means bird, and 2 means plant.

Thats a wrap!

Try this feature and let me know how it goes!

2 Ways I can Help You

  1. Kubernetes & CKA Course: Master Kubernetes and Achieve CKA Certification with my Comprehensive Course. 300+ students already enrolled.

  2. CKA Exam Practice Questions & Explanations: 80+ practical, exam-style scenarios designed to help you pass the CKA exam with confidence.

Reply

or to participate.