Pod
- Pod contains a container
- Pods can contain more than one container and the extra containers are referred as side-car containers
- Scaling the application in k8s is scaling pods not containers
- To create pods (anything) in k8s we have two approaches
- imperative: we create objects using commandline
- declarative: We create manifests i.e. yaml files where we express what we want
- Imperative way of creating pods
kubectl run --help
kubectl run hello-pod --image jenkins/jenkins:lts-jdk11
kubectl delete pods hello-pod
* Creating a Pod Manifest.
---
apiVersion: v1
kind: Pod
metadata:
name: hello-pod
spec:
containers:
- image: jenkins/jenkins:lts-jdk11
name: jenkins
ports:
- containerPort: 8080
- Now create using
kubectl apply -f hello-pod.yaml
& delete usingkubectl delete -f hello-pod.yaml
- Lets create a pod using manifest which runs nginx:1.23.0
- To run this nginx in docker we use the command
docker container run --name mynginx -P -d nginx:1.23.0
---
apiVersion: v1
kind: Pod
metadata:
name: nginx-pod
spec:
containers:
- image: nginx:1.23.0
name: my-nginx
ports:
- containerPort: 80
- Refer Here for the pod manifests created in the class
- To create, list the pods and view the pod details
- In docker to execute the command in the container
- execute command
docker container exec mynginx pwd
- get interactive session
docker container exec -it mynginx /bin/bash
- execute command
- In k8s also we can do the above
- execute command
kubectl exec nginx-pod -- pwd
- get interactive session
kubectl exec -it nginx-pod -- /bin/bash
- execute command
- delete the pod
kubectl delete -f nginx-pod.yaml
Exercises (Waiting till 8:43 AM)
- I want to create the alpine container in k8s the docker command which i would use is
docker container run --name myalpine -d alpine:3 sleep 1d
- Create a k8s manifest for pod
---
apiVersion: v1
kind: Pod
metadata:
name: alpine-pod
spec:
containers:
- name: myalpine
image: alpine:3
command:
- sleep
- 1d
- I Want to create the mysql container in k8s the docker command i would use is
docker container run -d -P -e MYSQL_ROOT_PASSWORD=rootroot --name mysqldb mysql:8
- Pod manifest
---
apiVersion: v1
kind: Pod
metadata:
name: mysql-pod
spec:
containers:
- name: mysqldb
image: mysql:8
ports:
- containerPort: 3306
env:
- name: MYSQL_ROOT_PASSWORD
value: rootroot
- creation
- viewing env
kubectl exec -it mysql-pod -- /bin/bash
. Now executeset
command
- Lets assume i run the
docker container run --name hello-world hello-world
- Now lets create this container which gets stopped in k8s and see what happens
- K8s will restart container(s) in the Pod when the exit. CrashLoopBackOff is a status message that indicates one or more containers are failing and restarting repeatedly.
- This behavior can be changed by setting default restartPolicy. The default restartPolicy Value is Always
Pod Life Cycle
- Docker container has the states
- running
- exited
- paused
- terminated
- Pods are not self healing
- Pod phase (phase in the PodStatus object) gives the summary of Where the pod is in life cycle
- Pod Phases
Value | Description |
---|---|
Pending | Pod has been accepted by k8s cluster, but one or more container s has not been setup or ready to run |
Running | The pod has been bound to node and all contianers have been created |
Succeded | All containers in the Pod have terminated in success & will not be restarted |
Failed | All containers in the Pod have terminated & atleast one container terminated in failure & will not be restarted |
- Container States:
- Waiting: If the container is not in running or terminated state it is Waiting.
- Running
- Terminated
Init Containers in Pod
- containers in the Pod specification is all about your application pods and that are supposed to continuously running.
- Init containers are exactly like regular containers expect:
- Init containers always run to completion
- Each init container must complete before the nextone starts
- To add init containers we use
initContainers
in Pod Spec. - Consider the below example
---
apiVersion: v1
kind: Pod
metadata:
name: init-containers
spec:
containers:
- name: jenkins
image: jenkins/jenkins:latest
ports:
- containerPort: 8080
initContainers:
- name: init-api-service
image: alpine:3
command: ["sleep", "30s"]
- name: init-db-service
image: alpine:3
command: ["sleep", "30s"]
* In the above spec we have waited for 30 seconds, ideally we would be initalizing the data or checking for the dependencies of the application running in pod and only when they are succesful we would start our application.
* describe command output
Name: init-containers
Namespace: default
Priority: 0
Node: ip-172-31-0-229/172.31.0.229
Start Time: Sun, 03 Jul 2022 04:17:30 +0000
Labels: <none>
Annotations: <none>
Status: Running
IP: 172.17.0.2
IPs:
IP: 172.17.0.2
Init Containers:
init-api-service:
Container ID: docker://0d6453881626068410be1bb57ac52ddfafa741128448136b7ef7117b72bef12f
Image: alpine:3
Image ID: docker-pullable://alpine@sha256:686d8c9dfa6f3ccfc8230bc3178d23f84eeaf7e457f36f271ab1acc53015037c
Port: <none>
Host Port: <none>
Command:
sleep
30s
State: Terminated
Reason: Completed
Exit Code: 0
Started: Sun, 03 Jul 2022 04:17:31 +0000
Finished: Sun, 03 Jul 2022 04:18:01 +0000
Ready: True
Restart Count: 0
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-4qdv5 (ro)
init-db-service:
Container ID: docker://f7ea28a95253c665099bb6f17d83b34145c986c765a0be359d6de8b63a6d4822
Image: alpine:3
Image ID: docker-pullable://alpine@sha256:686d8c9dfa6f3ccfc8230bc3178d23f84eeaf7e457f36f271ab1acc53015037c
Port: <none>
Host Port: <none>
Command:
sleep
30s
State: Terminated
Reason: Completed
Exit Code: 0
Started: Sun, 03 Jul 2022 04:18:01 +0000
Finished: Sun, 03 Jul 2022 04:18:31 +0000
Ready: True
Restart Count: 0
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-4qdv5 (ro)
Containers:
jenkins:
Container ID: docker://ac891d3406d472ebcaaad177da51fcf7c76dce0f682304ffff386adf1b4f4dc3
Image: jenkins/jenkins:latest
Image ID: docker-pullable://jenkins/jenkins@sha256:ccaeaf2f40820e41f2647ac44e66b60ddb18d5a5d4be872e80b7fdaaa86bf28b
Port: 8080/TCP
Host Port: 0/TCP
State: Running
Started: Sun, 03 Jul 2022 04:18:51 +0000
Ready: True
Restart Count: 0
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-4qdv5 (ro)
Conditions:
Type Status
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
kube-api-access-4qdv5:
Type: Projected (a volume that contains injected data from multiple sources)
TokenExpirationSeconds: 3607
ConfigMapName: kube-root-ca.crt
ConfigMapOptional: <nil>
DownwardAPI: true
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 4m24s default-scheduler Successfully assigned default/init-containers to ip-172-31-0-229
Normal Pulled 4m24s kubelet Container image "alpine:3" already present on machine
Normal Created 4m24s kubelet Created container init-api-service
Normal Started 4m23s kubelet Started container init-api-service
Normal Pulled 3m53s kubelet Container image "alpine:3" already present on machine
Normal Created 3m53s kubelet Created container init-db-service
Normal Started 3m53s kubelet Started container init-db-service
Normal Pulling 3m22s kubelet Pulling image "jenkins/jenkins:latest"
Normal Pulled 3m8s kubelet Successfully pulled image "jenkins/jenkins:latest" in 14.229098583s
Normal Created 3m3s kubelet Created container jenkins
Normal Started 3m3s kubelet Started container jenkins
- Individual logs of the containers in the Pod can be accessed as shown below
Resource Management
- k8s allows users to specify two different resource metrics
- requests: here we specify minimum amount of resources required to run the application
- limits: here we specify the maximum amount of resources required to run the application.
- requests (lower limit)
- Refer Here for the official docs
- specifying cpu Refer Here
- requests (lower-limit) yaml
---
apiVersion: v1
kind: Pod
metadata:
name: resource-requests
spec:
containers:
- image: jenkins/jenkins:lts-jdk11
name: jenkins
ports:
- containerPort: 8080
protocol: TCP
resources:
requests:
cpu: "250m"
memory: "256Mi"
* With limits
---
apiVersion: v1
kind: Pod
metadata:
name: resource-requests
spec:
containers:
- image: jenkins/jenkins:lts-jdk11
name: jenkins
ports:
- containerPort: 8080
protocol: TCP
resources:
limits:
cpu: "1000m"
memory: "1000Mi"
- with limits and requests
---
apiVersion: v1
kind: Pod
metadata:
name: resource-requests
spec:
containers:
- image: jenkins/jenkins:lts-jdk11
name: jenkins
ports:
- containerPort: 8080
protocol: TCP
resources:
requests:
cpu: "250m"
memory: "256Mi"
limits:
cpu: "1000m"
memory: "1000Mi"
- Refer Here for all the pod specs written in the class