[Kubernetes] Pods

Pods are the smallest deployable units of computing that you can create and manage in Kubernetes.

Pods | Kubernetes

  • A Pod consists of one or more containers and resources shared by those containers.

Multi-Container Pods

  • Sidecar
    • One container serves REST API endpoints.
  • Adapter
    • Normalize the interface among different applications
  • Ambassador
    • Provide the access to different environment such as Dev and Production

Creating a Pod

(Example) A simple pod running an nginx container

  • Create a YAML file
apiVersion: v1
kind: Pod
metadata:
  name: my-nginx
  namespace: pod-test
  labels:
    app: nginx
    rel: stable
spec:
  containers:
  - name: my-nginx
    image: nginx
    ports:
    - containerPort: 80
  • Create/Apply a Pod using the yaml definition
kubectl create -f <yaml-file> --save-config

# Create (if not exist) + Update
kubectl apply -f <yaml-file>

Checking Pods

# Get a list of pods in the default namespace
kubectl get pods 
# Get a list of pods in all namespaces
kubectl get pods --all-namespaces 
kubectl get pods -A

# Get a list of pods in the specified namespace
kubectl get pods -n <ns-name>
# Get a list of system pods running in the cluster
kubectl get pods -n kube-system 

# Get the IP addresses of pods
kubectl get pods -o wide 

kubectl describe pod <pod-name>
kubectl describe pod <pod-name> --namespace <ns-name>

Running a Pod

kubectl run --image=nginx

Exposing a Pod port

# external port:internal port
kubectl port-forward 8080:80 

Running a command in a Pod

kubectl exec -- <command>

kubectl exec myPod -- date
kubectl exec myPod -- curl 10.222.1.2

Testing a Service/Pod with curl

You can quickly test if a service and a pod are working:

kubectl exec <pod-name> --curl s http://<pod-ip>

# example
kubectl exec nginx -- curl s http://10.224.1.2

# shell into a pod
kubectl exec <pod-name> -it sh
> curl -s http://<pod-ip>

Editing a POD

You can only specifications of an existing POD:

  • spec.containers[*].image
  • spec.initContainers[*].image
  • spec.activeDeadlineSeconds
  • spec.tolerations

For example, you cannot edit the environment variables, service accounts, resource limits of a running pod. If you want to edit these, you need to extract the definition file, delete the existing one, edit the yaml file, and create a new one.

<Option 1> kubectl edit

kubectl edit pod <pod-name>

This will open the pod specification in an editor (vi editor). Then edit the required properties. When you try to save it, you cannot do it because you are attempting to edit a field on the pod that is not editable.

A copy of the file is saved in a temporary location as shown above. Then delete the existing pod and create a new one with the definition file:

kubectl delete pod <pod-name>

kubectl create -f /tmp/<file-name>.yaml

<Option 2> kubectl get

kubectl get pod <pod-name> -o yaml > new-pod.yaml

Then make the changes to the exported file using an editor (vi editor), delete the existing pod, and create a new pod.

kubectl delete pod <pod-name>

kubectl create -f <file-name>.yaml

Pod Lifecycle and Probes

Pod Phases

  • Pending
    • When a pod is first created, it is in a Pending state.
    • The pod has been accepted by the cluster, but one or more of the containers has not been set up and made ready to run.
    • If a pod is stuck in a pending state, run the kubectl describe pod command, and it will tell you exactly why.
  • Running
    • The pod is bound to a node.
    • Once all the containers in a pod start, it goes into a running state.
  • Succeeded
    • All containers in the pod have terminated successfully.
  • Failed
    • At least one container has terminated in failure.
  • Unknown
    • The state of the pod cannot be obtained.

Container States

  • Waiting
    • The container is still running the startup operations
  • Running
    • The container is executing without issues.
  • Terminated
    • The execution has been completed or failed.

Pod Conditions

  • PodScheduled
    • When a pod is scheduled on a Node, the PodScheduled condition is set to true.
  • ContainersReady
    • When all the containers in the pod are ready, the ContainersReady condition is set to true and finally the pod itself is considered to be Ready.
  • Initialized
    • All init containers have started successfully.
  • Ready
    • The Ready condition indicates that the applications inside the pod are running and are ready to accept user traffic.

Readiness/Liveness Probes

You can specify the mechanism to check whether a pod is ready (when starting) and healthy (periodically). Probes determine the status of containers.

  • Readiness Probe: determines if a pod can start to receive requests
  • Liveness Probe: determines if a pod is healthy and running as expected

Probe Actions

  • HTTP Test
  • TCP Test
  • Execute Command

Probe Result

  • Success
  • Failure
  • Unknown
spec:
  containers: 
  - name: my-web
    readinessProbe:  
      httpGet:
        path: /api/ready
        port: 8001
    livenessProbe:  
      httpGet:
        path: /index.html
        port: 8001
      initialDelaySeconds: 15  # wait 15 seconds
      timeoutSeconds: 2  # timeout after 2 seconds 
      periodSeconds: 10  # check every 10 seconds 
      failureThreshold: 3  # allow 3 failures

spec:
  containers:  
  - name: my-app
    readinessProbe:    # or livenessProbe:
      tcpSocket:
        port: 3001

spec:
  containers: 
  - name: my-web
    readinessProbe:    # or livenessProbe:
      exec:
        command: 
          - cat
          - /api/ready     

Leave a Comment

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s