Kubernetes hands on series: What happens when you create a Pod in Kubernetes?
As you know Pods are the smallest deployable units of computing that you can create and manage in Kubernetes.
No matter if you create a pod manually or, preferably through a supervisor such as a deployment, a daemon set or a stateful set, the pod can be in one of the following phases:
- Pending: The API Server has created a pod resource and stored it in etcd, but the pod has not been scheduled yet, nor have container images been pulled from the registry.
- Running: The pod has been scheduled to a node and all containers have been created by the kubelet.
- Succeeded: All containers in the pod have terminated successfully and will not be restarted.
- Failed: All containers in the pod have terminated. At least one container has terminated in failure.
- Unknown: The API Server was unable to query the state of the pod, typically due to an error in communicating with the kubelet.
Lets understand it in more detail -
You are probably familiar with the first 4 steps:
- kubectl sends the YAML to the API
- The Pod is stored in etcd
- The scheduler assigns a Node At this point the Pod is in etcd, but not in the node.
- The kubelet starts creating the Pod.
- The kubelet delegates creating the container to the CRI
- The kubelet delegates attaching the container to the network to the CNI
- The CNI assigns an IP address to the pod
- Probes are checked
- The kubelet reports the IP address to the control plane
The Pod was created!
Kubernetes stops here unless that Pod is part of a Service.
If the Pod belongs to a Service, Kubernetes creates an endpoint- it concatenates the IP address and Port (targetPort) of the Pod. The endpoint is added to the Endpoint (object).
Wait… endpoint what?
- endpoint is a 188.8.131.52:3000 (IP:port) pair
- Endpoint is a collection of endpoints (a list of IP:port pairs)
For every Service in the cluster, Kubernetes creates an Endpoint object with endpoints. Confusing, isn’t it?
The endpoints (IP:port) are used by:
- kube-proxy to set iptables rules
- CoreDNS to update the DNS entries
- Ingress controllers to set up downstreams
- Service meshes
- More operators
As soon as an endpoint is added, the components are notified.
When the endpoint (IP:port) is propagated, you can finally start using the Pod!
Can you guess what happens when you delete a Pod?
The same process but in reverse.
Hope you like the tutorial. Please let me know your feedback in the response section.
Thanks. Happy learning!