DevOps Classroomnotes 03/Jul/2022

Pod

  • Pod contains a container
    Preview
  • Pods can contain more than one container and the extra containers are referred as side-car containers
    Preview
  • Scaling the application in k8s is scaling pods not containers
    Preview
  • To create pods (anything) in k8s we have two approaches
    • imperative: we create objects using commandline
    • declarative: We create manifests i.e. yaml files where we express what we want
  • Imperative way of creating pods
kubectl run --help
kubectl run hello-pod --image jenkins/jenkins:lts-jdk11
kubectl delete pods hello-pod

Preview
* Creating a Pod Manifest.

---
apiVersion: v1
kind: Pod
metadata:
  name: hello-pod
spec:
  containers:
    - image: jenkins/jenkins:lts-jdk11
      name: jenkins
      ports:
        - containerPort: 8080
  • Now create using kubectl apply -f hello-pod.yaml & delete using kubectl delete -f hello-pod.yaml
  • Lets create a pod using manifest which runs nginx:1.23.0
  • To run this nginx in docker we use the command docker container run --name mynginx -P -d nginx:1.23.0
---
apiVersion: v1
kind: Pod
metadata:
  name: nginx-pod
spec:
  containers:
    - image: nginx:1.23.0
      name: my-nginx
      ports:
        - containerPort: 80
  • Refer Here for the pod manifests created in the class
  • To create, list the pods and view the pod details
    Preview
    Preview
  • In docker to execute the command in the container
    • execute command docker container exec mynginx pwd
    • get interactive session docker container exec -it mynginx /bin/bash
  • In k8s also we can do the above
    • execute command kubectl exec nginx-pod -- pwd
    • get interactive session kubectl exec -it nginx-pod -- /bin/bash
      Preview
  • delete the pod kubectl delete -f nginx-pod.yaml

Exercises (Waiting till 8:43 AM)

  • I want to create the alpine container in k8s the docker command which i would use is docker container run --name myalpine -d alpine:3 sleep 1d
  • Create a k8s manifest for pod
    Preview
---
apiVersion: v1
kind: Pod
metadata:
  name: alpine-pod
spec:
  containers:
    - name: myalpine
      image: alpine:3 
      command: 
        - sleep
        - 1d
  • I Want to create the mysql container in k8s the docker command i would use is docker container run -d -P -e MYSQL_ROOT_PASSWORD=rootroot --name mysqldb mysql:8
  • Pod manifest
---
apiVersion: v1
kind: Pod
metadata:
  name: mysql-pod
spec:
  containers:
    - name: mysqldb
      image: mysql:8
      ports:
        - containerPort: 3306
      env:
        - name: MYSQL_ROOT_PASSWORD
          value: rootroot
  • creation
    Preview
  • viewing env kubectl exec -it mysql-pod -- /bin/bash. Now execute set command
    Preview
  • Lets assume i run the docker container run --name hello-world hello-world
    Preview
  • Now lets create this container which gets stopped in k8s and see what happens
    Preview
  • K8s will restart container(s) in the Pod when the exit. CrashLoopBackOff is a status message that indicates one or more containers are failing and restarting repeatedly.
  • This behavior can be changed by setting default restartPolicy. The default restartPolicy Value is Always
    Preview

Pod Life Cycle

  • Docker container has the states
    • running
    • exited
    • paused
    • terminated
  • Pods are not self healing
  • Pod phase (phase in the PodStatus object) gives the summary of Where the pod is in life cycle
  • Pod Phases
Value Description
Pending Pod has been accepted by k8s cluster, but one or more container s has not been setup or ready to run
Running The pod has been bound to node and all contianers have been created
Succeded All containers in the Pod have terminated in success & will not be restarted
Failed All containers in the Pod have terminated & atleast one container terminated in failure & will not be restarted
  • Container States:
  • Waiting: If the container is not in running or terminated state it is Waiting.
  • Running
  • Terminated

Init Containers in Pod

  • containers in the Pod specification is all about your application pods and that are supposed to continuously running.
  • Init containers are exactly like regular containers expect:
    • Init containers always run to completion
    • Each init container must complete before the nextone starts
  • To add init containers we use initContainers in Pod Spec.
  • Consider the below example
---
apiVersion: v1
kind: Pod
metadata:
  name: init-containers
spec:
  containers:
    - name: jenkins
      image: jenkins/jenkins:latest
      ports:
        - containerPort: 8080
  initContainers:
    - name: init-api-service
      image: alpine:3
      command: ["sleep", "30s"]
    - name: init-db-service
      image: alpine:3
      command: ["sleep", "30s"]

Preview
* In the above spec we have waited for 30 seconds, ideally we would be initalizing the data or checking for the dependencies of the application running in pod and only when they are succesful we would start our application.
* describe command output

Name:         init-containers
Namespace:    default
Priority:     0
Node:         ip-172-31-0-229/172.31.0.229
Start Time:   Sun, 03 Jul 2022 04:17:30 +0000
Labels:       <none>
Annotations:  <none>
Status:       Running
IP:           172.17.0.2
IPs:
  IP:  172.17.0.2
Init Containers:
  init-api-service:
    Container ID:  docker://0d6453881626068410be1bb57ac52ddfafa741128448136b7ef7117b72bef12f
    Image:         alpine:3
    Image ID:      docker-pullable://alpine@sha256:686d8c9dfa6f3ccfc8230bc3178d23f84eeaf7e457f36f271ab1acc53015037c
    Port:          <none>
    Host Port:     <none>
    Command:
      sleep
      30s
    State:          Terminated
      Reason:       Completed
      Exit Code:    0
      Started:      Sun, 03 Jul 2022 04:17:31 +0000
      Finished:     Sun, 03 Jul 2022 04:18:01 +0000
    Ready:          True
    Restart Count:  0
    Environment:    <none>
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-4qdv5 (ro)
  init-db-service:
    Container ID:  docker://f7ea28a95253c665099bb6f17d83b34145c986c765a0be359d6de8b63a6d4822
    Image:         alpine:3
    Image ID:      docker-pullable://alpine@sha256:686d8c9dfa6f3ccfc8230bc3178d23f84eeaf7e457f36f271ab1acc53015037c
    Port:          <none>
    Host Port:     <none>
    Command:
      sleep
      30s
    State:          Terminated
      Reason:       Completed
      Exit Code:    0
      Started:      Sun, 03 Jul 2022 04:18:01 +0000
      Finished:     Sun, 03 Jul 2022 04:18:31 +0000
    Ready:          True
    Restart Count:  0
    Environment:    <none>
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-4qdv5 (ro)
Containers:
  jenkins:
    Container ID:   docker://ac891d3406d472ebcaaad177da51fcf7c76dce0f682304ffff386adf1b4f4dc3
    Image:          jenkins/jenkins:latest
    Image ID:       docker-pullable://jenkins/jenkins@sha256:ccaeaf2f40820e41f2647ac44e66b60ddb18d5a5d4be872e80b7fdaaa86bf28b
    Port:           8080/TCP
    Host Port:      0/TCP
    State:          Running
      Started:      Sun, 03 Jul 2022 04:18:51 +0000
    Ready:          True
    Restart Count:  0
    Environment:    <none>
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-4qdv5 (ro)
Conditions:
  Type              Status
  Initialized       True
  Ready             True
  ContainersReady   True
  PodScheduled      True
Volumes:
  kube-api-access-4qdv5:
    Type:                    Projected (a volume that contains injected data from multiple sources)
    TokenExpirationSeconds:  3607
    ConfigMapName:           kube-root-ca.crt
    ConfigMapOptional:       <nil>
    DownwardAPI:             true
QoS Class:                   BestEffort
Node-Selectors:              <none>
Tolerations:                 node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
                             node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
  Type    Reason     Age    From               Message
  ----    ------     ----   ----               -------
  Normal  Scheduled  4m24s  default-scheduler  Successfully assigned default/init-containers to ip-172-31-0-229
  Normal  Pulled     4m24s  kubelet            Container image "alpine:3" already present on machine
  Normal  Created    4m24s  kubelet            Created container init-api-service
  Normal  Started    4m23s  kubelet            Started container init-api-service
  Normal  Pulled     3m53s  kubelet            Container image "alpine:3" already present on machine
  Normal  Created    3m53s  kubelet            Created container init-db-service
  Normal  Started    3m53s  kubelet            Started container init-db-service
  Normal  Pulling    3m22s  kubelet            Pulling image "jenkins/jenkins:latest"
  Normal  Pulled     3m8s   kubelet            Successfully pulled image "jenkins/jenkins:latest" in 14.229098583s
  Normal  Created    3m3s   kubelet            Created container jenkins
  Normal  Started    3m3s   kubelet            Started container jenkins
  • Individual logs of the containers in the Pod can be accessed as shown below
    Preview

Resource Management

  • k8s allows users to specify two different resource metrics
    • requests: here we specify minimum amount of resources required to run the application
    • limits: here we specify the maximum amount of resources required to run the application.
  • requests (lower limit)
  • Refer Here for the official docs
  • specifying cpu Refer Here
  • requests (lower-limit) yaml
---
apiVersion: v1
kind: Pod
metadata:
  name: resource-requests
spec:
  containers:
    - image: jenkins/jenkins:lts-jdk11
      name: jenkins
      ports:
        - containerPort: 8080
          protocol: TCP
      resources:
        requests:
          cpu: "250m"
          memory: "256Mi"

Preview
* With limits

---
apiVersion: v1
kind: Pod
metadata:
  name: resource-requests
spec:
  containers:
    - image: jenkins/jenkins:lts-jdk11
      name: jenkins
      ports:
        - containerPort: 8080
          protocol: TCP
      resources:
        limits:
          cpu: "1000m"
          memory: "1000Mi"

  • with limits and requests
---
apiVersion: v1
kind: Pod
metadata:
  name: resource-requests
spec:
  containers:
    - image: jenkins/jenkins:lts-jdk11
      name: jenkins
      ports:
        - containerPort: 8080
          protocol: TCP
      resources:
        requests:
          cpu: "250m"
          memory: "256Mi"
        limits:
          cpu: "1000m"
          memory: "1000Mi"

  • Refer Here for all the pod specs written in the class

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

About continuous learner

devops & cloud enthusiastic learner