Kubernetes hands on series: Pods
Pods are the smallest deployable units of computing that you can create and manage in Kubernetes.
A pod is a collection of containers and its storage inside a node of a Kubernetes cluster.
Single Container Pod
They can be simply created with the kubectl run command, where you have a defined image on the Docker registry which we will pull while creating a pod.
Method 1: Creating Pod from command line with kubectl -
# kubectl run <name of pod> --image=<name of the image from registry># kubectl run myapache --image httpd --port=80# kubectl get pods -wNAME READY STATUS RESTARTS AGEmyapache 0/1 ContainerCreating 0 2s
myapache 1/1 Running 0 13s# kubectl describe pods myapacheName: myapache
Namespace: default
Priority: 0
Node: kworker-rj2/172.42.42.202
Start Time: Fri, 07 Aug 2020 08:06:31 +0000
Labels: run=myapache
Annotations: cni.projectcalico.org/podIP: 172.16.213.204/32
cni.projectcalico.org/podIPs: 172.16.213.204/32
Status: Running
IP: 172.16.213.204
IPs:
IP: 172.16.213.204
Containers:
myapache:
Container ID: docker://f2d794c10236e2470612aa8530158ec8ad51d487bed90c415f7c94768d343f81
Image: httpd
Image ID: docker-pullable://httpd@sha256:3cbdff4bc16681541885ccf1524a532afa28d2a6578ab7c2d5154a7abc182379
Port: 80/TCP
Host Port: 0/TCP
State: Running
Started: Fri, 07 Aug 2020 08:06:43 +0000
Ready: True
Restart Count: 0
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from default-token-sdv2m (ro)Conditions:
Type Status
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
default-token-sdv2m:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-sdv2m
Optional: false
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s
node.kubernetes.io/unreachable:NoExecute for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 23s default-scheduler Successfully assigned
default/myapache to kworker-rj2
Normal Pulling 21s kubelet, kworker-rj2 Pulling image "httpd"
Normal Pulled 12s kubelet, kworker-rj2 Successfully pulled image "httpd"
Normal Created 11s kubelet, kworker-rj2 Created container myapache
Normal Started 10s kubelet, kworker-rj2 Started container myapache
This can also be done by creating the yaml file and then running the kubectl create command. But before lets understand what a Kubernetes resource yaml file means.
Method 2: Creating Pod from a yaml file
Understanding resource yaml file
In the .yaml
file for the Kubernetes object you want to create, you'll need to set values for the following fields:
apiVersion
- Which version of the Kubernetes API you're using to create this objectkind
- What kind of object you want to createmetadata
- Data that helps uniquely identify the object, including aname
string,UID
, and optionalnamespace and Labels
spec
- What state you desire for the object
apiVersion: v1
kind: Pod
metadata:
name: apache
spec:
containers:
- name: myapache
image: httpd
ports:
- containerPort: 80
imagePullPolicy: Always
Once the above yaml file is created, we will save the file with the name of apache.yml and run the create command to run the document.
# kubectl create –f apache.yml
It will create a pod with the name of apache. We can use the describe command along with kubectl to describe the pod as we have done that above.
How to go inside a container within a pod -
Here we will learn how can we go inside a running container of a Pod.
Here as we have deployed an apache container and its IP is 172.16.213.204.
Lets curl the container IP first and see the output.
# curl 172.16.213.204:80
<html><body><h1>It works!</h1></body></html>
Now go inside this container and change the index file content and exit from the container. And test again with curl.
# kubectl -it exec myapache -- bashroot@myapache:/usr/local/apache2# echo “Hello from myapache port” > htdocs/index.htmlroot@myapache:/usr/local/apache2# exit# curl 172.16.213.204:80
Hello from myapache port
Multi Container Pod
Multi container pods are created using yaml file with the definition of the containers.
apiVersion: v1
kind: Pod
metadata:
name: webserver
spec:
containers:
- name: apache
image: httpd
ports:
- containerPort: 80
imagePullPolicy: Always
- name: database
image: mysql
ports:
- containerPort: 3306
imagePullPolicy: Always
Pod Phases -
Here are the possible values for phase
:
Pending: The Pod has been accepted by the Kubernetes cluster, but one or more of the containers has not been set up and made ready to run. This includes time a Pod spends waiting to be scheduled as well as the time spent downloading container images over the network.
Running: The Pod has been bound to a node, and all of the containers have been created. At least one container is still running, or is in the process of starting or restarting.
Succeeded: All containers in the Pod have terminated in success, and will not be restarted.
Failed: All containers in the Pod have terminated, and at least one container has terminated in failure. That is, the container either exited with non-zero status or was terminated by the system.
Unknown: For some reason the state of the Pod could not be obtained. This phase typically occurs due to an error in communicating with the node where the Pod should be running.
If a node dies or is disconnected from the rest of the cluster, Kubernetes applies a policy for setting the phase
of all Pods on the lost node to Failed.
Container restart policy
The spec
of a Pod has a restartPolicy
field.
Possible values -> Always, OnFailure, and Never. The default value is Always.
The restartPolicy
applies to all containers in the Pod. restartPolicy
only refers to restarts of the containers by the kubelet on the same node. After containers in a Pod exit, the kubelet restarts them with an exponential back-off delay (10s, 20s, 40s, …), that is capped at five minutes. Once a container has executed with no problems for 10 minutes without any problems, the kubelet resets the restart backoff timer for that container.
Container imagePullPolicy
policy
imagePullPolicy: IfNotPresent
: the image is pulled only if it is not already present locally.imagePullPolicy: Always
: every time the kubelet launches a container, the kubelet queries the container image registry to resolve the name to an image digest. imagePullPolicy: Never
: the image is assumed to exist locally. No attempt is made to pull the image.
Forced Pod termination
You must specify an additional flag --force
along with --grace-period=0
in order to perform force deletions.
# kubectl delete pods myapache --force --grace-period=0warning: Immediate deletion does not wait for confirmation that the running resource has been terminated. The resource may continue to run on the cluster indefinitely.pod "myapache" force deleted
Hope you like the tutorial. Please let me know your feedback in the response section.
Happy Learning!