Description:
What is a pod?
- Kubernetes Object
- Smallest unit in Kubernetes that you can create or deploy.
- a set of containers with shared namespaces and shared filesystem volumes
- share network namespace, IP, network ports
- containers in a pod are in same namespace, communicated with eachother over
localhost
- so different container cant have same port
- Pod can be used:
- for single container: common use case
- for mutiple containers that work together
- tightly couples and need to share resources
Using pods
Working with pods:
Static Pod:
- Managed by kubelet daemon on a specific node, without the kube-apiserver observing them → not managed by control plane
- bound to one kubelet in 1 node
- main use: components in Kubernetes Control Plane are static pods, they must be created before actual scheduling takes place
- defined in
/etc/kubernetes/manifests/
- the 4 components of control plane can be found here in control plane node
- each pod has yaml as same as API
- name format:
<static-pod-name>-<node-hostname>
- static pods are visible on kube-apiserver because kubelet creates a mirror pod on kube-apiserver for each static pod
- but can be deleted but kubelet will recreate immediately
Pod lifecycle:
pod lifetime
pod phrases
- depicts the state of the WORST container
| State | Des |
|---|
| Pending | being scheduled or images being pulled from registry |
| Running: | after successfull attached to a node |
| Failed | a container terminated with failture and wont be restarting |
| Succeeded | all containers finished running successfully and they wont be restarting |
| Unknown | state cant be retrieved |
| CrashLoopBackOff | one of the containers in the pod exited unexpectedly even after it was restarted |
Container states:
- waiting
- running
- terminated
How pods handle problems with containers
Transclude of Kubernetes-Pod#^32aa8f
- Following sequence:
- Initital crash: kubernetes attempts an immediate restart based on Pod’s restartPolicy
- repeated crashes: applies an exponential backoff delay for subsequent restarts, described in restartPolicy
- CrashLoopBackOff state: backoff delay mechanism is in effect
- Backoff reset: if a container runs successfully for a certain duration
container restarts
container restarts and resilience
Pod-level container restart policy
- if exit code is 0: only restart for restartPolicy=Always
- if exit code is 1: restart for restartPolicy=Always and OnFailure
API
- apiVersion: v1
- kind: Pod
- metadata
- spec: PodSpec
- status
PodSpec
- --- containers ---
- containers: []Container
- initContainers: []Container ^92329b
- …
- --- volumes ---
- volumes:
- --- scheduling ---
- nodeSelector: map[string]string
- nodeName
- affinity
- tolerations: [] Toleration
- key
- operator
- value
- effect
- tolerationSecond
- schedulerName
- --- lifecycle ---
- …
- restartPolicy: ^32aa8f
- ”Always” | “Never” | “OnFailure”
- terminationGracePeriodSeconds
- …
- --- hostname and name resolution ---
- --- hosts namespaces ---
- --- service account ---
- --- security context ---
- --- alpha level ---
- hostUsers
- resources: ResourceRequiremets
- .
- limits: map[string]Quantity
- requests: map[string]Quantity
- name:
- --- image ---
- image:
- imagePullPolicy: string
- --- entrypoint ---
- --- port ---
- --- env var ---
- --- volumes ---
- --- resources ---
- resources:
EphemeralContainer
LifecycleHandler
NodeAffinity
- preferredDuringSchedulingIgnoredDuringExecution ^9449a7
- preference
- matchExpressions
- matchFields
- weight
- requiredDuringSchedulingIgnoredDuringExecution ^f1dd99
- nodeSelectorTerms:
- matchExpressions
- matchFields
PodAffinity
- preferredDuringSchedulingIgnoredDuringExecution
- podAffinityTerm
- topologyKey
- labelSelector
- matchLabelKeys
- …
- weight
- requiredDuringSchedulingIgnoredDuringExecution
- topologyKey
- labelSelector
- …
PodAntiAffinity