Kubernetes Ephemeral Storage Limit and Container Logs
Master System Design with Codemia
Enhance your system design skills with over 120 practice problems, detailed solutions, and hands-on exercises.
Introduction
In Kubernetes, container logs usually count against local ephemeral storage. That surprises many teams because logs feel separate from writable data, but from the kubelet's point of view they are part of the same local disk budget that also covers writable layers and non-memory emptyDir volumes.
What Ephemeral Storage Includes
Kubernetes tracks local ephemeral storage usage for things such as:
- writable container layers
- node-level container logs
- '
emptyDirvolumes backed by disk'
This storage is local to the node. It is not durable like a persistent volume, and it can be exhausted by noisy applications, large temporary files, or log growth.
That is why ephemeral storage limits are operationally important even for workloads that do not explicitly write many application files.
Requests and Limits
You can set ephemeral-storage requests and limits just like CPU and memory:
The request helps scheduling. The limit defines how much local ephemeral storage the container is allowed to use before the kubelet may evict the Pod.
Where Logs Fit In
A common misconception is that container logs are outside the ephemeral-storage model. They are not. Kubernetes documentation explicitly treats node-level container logs as part of local ephemeral storage accounting.
That means a chatty application can hit its storage budget even if its only growing output is logs.
So when a Pod is evicted for ephemeral storage pressure, the root cause may be:
- temporary files
- '
emptyDirgrowth' - writable layer growth
- log volume
You need to inspect all of them.
Pod-Level and Container-Level Effects
Kubernetes can evict a Pod when local ephemeral storage use exceeds configured limits. The kubelet considers both:
- per-container storage use
- Pod-level combined storage use, including shared
emptyDirvolumes
This is why one noisy sidecar or log-heavy container can affect the whole Pod.
emptyDir Is Related but Separate From Logs
Disk-backed emptyDir usage also counts toward local ephemeral storage. You can limit an emptyDir volume itself:
That helps constrain one temporary storage path, but it does not replace the container ephemeral-storage resource limit. Both controls may be useful in the same Pod.
Log Rotation Still Matters
Ephemeral storage limits do not replace log management. If logs are stored locally on the node before collection, you still need sane rotation and aggregation practices. Otherwise, the application can burn through ephemeral storage and get evicted even though the underlying issue was only uncontrolled local logging.
Operationally, a good pattern is:
- limit local log growth
- ship logs to a central system
- set realistic ephemeral-storage requests and limits
- monitor node disk pressure
Scheduling and Quotas
Ephemeral-storage requests influence scheduling. If a Pod requests more local storage than a node can provide, it should not be scheduled there.
Namespace resource quotas can also involve ephemeral-storage, but quota enforcement depends on users setting the resource requests and limits in the Pod spec. If workloads omit those fields, the quota may not protect you the way you expect.
Common Pitfalls
The biggest mistake is assuming container logs are "free" and unrelated to ephemeral storage limits. They are part of the same local-disk pressure story.
Another issue is setting memory and CPU limits carefully while ignoring storage completely. That leaves room for eviction by logs or temp data. Developers also sometimes rely on log collectors alone and forget that logs still exist locally on the node before or while they are shipped elsewhere.
Summary
- Kubernetes local ephemeral storage includes writable layers, disk-backed
emptyDir, and container logs. - '
ephemeral-storagerequests help scheduling and limits help control local disk consumption.' - Log growth can be the reason a Pod hits its ephemeral-storage limit.
- '
emptyDir.sizeLimitis useful but does not replace container storage limits.' - Good log rotation and centralized collection are still necessary even when limits are configured.
