Kubernetes hands on series: Pods

Rakesh Jain
5 min readAug 7, 2020

--

Pods are the smallest deployable units of computing that you can create and manage in Kubernetes.

A pod is a collection of containers and its storage inside a node of a Kubernetes cluster.

Single Container Pod

They can be simply created with the kubectl run command, where you have a defined image on the Docker registry which we will pull while creating a pod.

Method 1: Creating Pod from command line with kubectl -

# kubectl run <name of pod> --image=<name of the image from registry># kubectl run myapache --image httpd --port=80# kubectl get pods -wNAME             READY   STATUS              RESTARTS   AGEmyapache         0/1     ContainerCreating   0          2s
myapache 1/1 Running 0 13s
# kubectl describe pods myapacheName: myapache
Namespace: default

Priority: 0
Node: kworker-rj2/172.42.42.202
Start Time: Fri, 07 Aug 2020 08:06:31 +0000
Labels: run=myapache
Annotations: cni.projectcalico.org/podIP: 172.16.213.204/32
cni.projectcalico.org/podIPs: 172.16.213.204/32
Status: Running
IP: 172.16.213.204
IPs:
IP: 172.16.213.204
Containers:
myapache:
Container ID: docker://f2d794c10236e2470612aa8530158ec8ad51d487bed90c415f7c94768d343f81
Image: httpd
Image ID: docker-pullable://httpd@sha256:3cbdff4bc16681541885ccf1524a532afa28d2a6578ab7c2d5154a7abc182379
Port: 80/TCP
Host Port: 0/TCP
State: Running
Started: Fri, 07 Aug 2020 08:06:43 +0000
Ready: True
Restart Count: 0
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from default-token-sdv2m (ro)
Conditions:
Type Status
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
default-token-sdv2m:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-sdv2m
Optional: false
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s
node.kubernetes.io/unreachable:NoExecute for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 23s default-scheduler Successfully assigned
default/myapache to kworker-rj2
Normal Pulling 21s kubelet, kworker-rj2 Pulling image "httpd"
Normal Pulled 12s kubelet, kworker-rj2 Successfully pulled image "httpd"
Normal Created 11s kubelet, kworker-rj2 Created container myapache
Normal Started 10s kubelet, kworker-rj2 Started container myapache

This can also be done by creating the yaml file and then running the kubectl create command. But before lets understand what a Kubernetes resource yaml file means.

Method 2: Creating Pod from a yaml file

Understanding resource yaml file

In the .yaml file for the Kubernetes object you want to create, you'll need to set values for the following fields:

  • apiVersion - Which version of the Kubernetes API you're using to create this object
  • kind - What kind of object you want to create
  • metadata - Data that helps uniquely identify the object, including a name string, UID, and optional namespace and Labels
  • spec - What state you desire for the object
apiVersion: v1
kind: Pod
metadata:
name: apache
spec:
containers:
- name: myapache
image: httpd
ports:
- containerPort: 80
imagePullPolicy: Always

Once the above yaml file is created, we will save the file with the name of apache.yml and run the create command to run the document.

# kubectl create –f apache.yml

It will create a pod with the name of apache. We can use the describe command along with kubectl to describe the pod as we have done that above.

How to go inside a container within a pod -

Here we will learn how can we go inside a running container of a Pod.
Here as we have deployed an apache container and its IP is 172.16.213.204.

Lets curl the container IP first and see the output.

# curl 172.16.213.204:80
<html><body><h1>It works!</h1></body></html>

Now go inside this container and change the index file content and exit from the container. And test again with curl.

# kubectl -it exec myapache -- bashroot@myapache:/usr/local/apache2# echo “Hello from myapache port” > htdocs/index.htmlroot@myapache:/usr/local/apache2# exit# curl 172.16.213.204:80
Hello from myapache port

Multi Container Pod

Multi container pods are created using yaml file with the definition of the containers.

apiVersion: v1
kind: Pod
metadata:
name: webserver
spec:
containers:
- name: apache
image: httpd
ports:
- containerPort: 80
imagePullPolicy: Always
- name: database
image: mysql
ports:
- containerPort: 3306
imagePullPolicy: Always

Pod Phases -

Here are the possible values for phase:

Pending: The Pod has been accepted by the Kubernetes cluster, but one or more of the containers has not been set up and made ready to run. This includes time a Pod spends waiting to be scheduled as well as the time spent downloading container images over the network.

Running: The Pod has been bound to a node, and all of the containers have been created. At least one container is still running, or is in the process of starting or restarting.

Succeeded: All containers in the Pod have terminated in success, and will not be restarted.

Failed: All containers in the Pod have terminated, and at least one container has terminated in failure. That is, the container either exited with non-zero status or was terminated by the system.

Unknown: For some reason the state of the Pod could not be obtained. This phase typically occurs due to an error in communicating with the node where the Pod should be running.

If a node dies or is disconnected from the rest of the cluster, Kubernetes applies a policy for setting the phase of all Pods on the lost node to Failed.

Container restart policy

The spec of a Pod has a restartPolicy field.
Possible values -> Always, OnFailure, and Never. The default value is Always.

The restartPolicy applies to all containers in the Pod. restartPolicy only refers to restarts of the containers by the kubelet on the same node. After containers in a Pod exit, the kubelet restarts them with an exponential back-off delay (10s, 20s, 40s, …), that is capped at five minutes. Once a container has executed with no problems for 10 minutes without any problems, the kubelet resets the restart backoff timer for that container.

Container imagePullPolicy policy

imagePullPolicy: IfNotPresent: the image is pulled only if it is not already present locally.
imagePullPolicy: Always: every time the kubelet launches a container, the kubelet queries the container image registry to resolve the name to an image digest.
imagePullPolicy: Never: the image is assumed to exist locally. No attempt is made to pull the image.

Forced Pod termination

You must specify an additional flag --force along with --grace-period=0 in order to perform force deletions.

# kubectl delete pods myapache --force --grace-period=0warning: Immediate deletion does not wait for confirmation that the running resource has been terminated. The resource may continue to run on the cluster indefinitely.pod "myapache" force deleted

Hope you like the tutorial. Please let me know your feedback in the response section.

Happy Learning!

--

--