Pods are the smallest deployable units of computing that you can create and manage in Kubernetes.
- A Pod consists of one or more containers and resources shared by those containers.
- One container serves REST API endpoints.
- Normalize the interface among different applications
- Provide the access to different environment such as Dev and Production
Creating a Pod
(Example) A simple pod running an nginx container
- Create a YAML file
apiVersion: v1 kind: Pod metadata: name: my-nginx namespace: pod-test labels: app: nginx rel: stable spec: containers: - name: my-nginx image: nginx ports: - containerPort: 80
- Create/Apply a Pod using the yaml definition
kubectl create -f <yaml-file> --save-config # Create (if not exist) + Update kubectl apply -f <yaml-file>
# Get a list of pods in the default namespace kubectl get pods # Get a list of pods in all namespaces kubectl get pods --all-namespaces kubectl get pods -A # Get a list of pods in the specified namespace kubectl get pods -n <ns-name> # Get a list of system pods running in the cluster kubectl get pods -n kube-system # Get the IP addresses of pods kubectl get pods -o wide kubectl describe pod <pod-name> kubectl describe pod <pod-name> --namespace <ns-name>
Running a Pod
kubectl run --image=nginx
Exposing a Pod port
# external port:internal port kubectl port-forward 8080:80
Running a command in a Pod
kubectl exec -- <command> kubectl exec myPod -- date kubectl exec myPod -- curl 10.222.1.2
Testing a Service/Pod with curl
You can quickly test if a service and a pod are working:
kubectl exec <pod-name> --curl s http://<pod-ip> # example kubectl exec nginx -- curl s http://10.224.1.2 # shell into a pod kubectl exec <pod-name> -it sh > curl -s http://<pod-ip>
Editing a POD
You can only specifications of an existing POD:
For example, you cannot edit the environment variables, service accounts, resource limits of a running pod. If you want to edit these, you need to extract the definition file, delete the existing one, edit the yaml file, and create a new one.
<Option 1> kubectl edit
kubectl edit pod <pod-name>
This will open the pod specification in an editor (vi editor). Then edit the required properties. When you try to save it, you cannot do it because you are attempting to edit a field on the pod that is not editable.
A copy of the file is saved in a temporary location as shown above. Then delete the existing pod and create a new one with the definition file:
kubectl delete pod <pod-name> kubectl create -f /tmp/<file-name>.yaml
<Option 2> kubectl get
kubectl get pod <pod-name> -o yaml > new-pod.yaml
Then make the changes to the exported file using an editor (vi editor), delete the existing pod, and create a new pod.
kubectl delete pod <pod-name> kubectl create -f <file-name>.yaml
Pod Lifecycle and Probes
- When a pod is first created, it is in a Pending state.
- The pod has been accepted by the cluster, but one or more of the containers has not been set up and made ready to run.
- If a pod is stuck in a pending state, run the kubectl describe pod command, and it will tell you exactly why.
- The pod is bound to a node.
- Once all the containers in a pod start, it goes into a running state.
- All containers in the pod have terminated successfully.
- At least one container has terminated in failure.
- The state of the pod cannot be obtained.
- The container is still running the startup operations
- The container is executing without issues.
- The execution has been completed or failed.
- When a pod is scheduled on a Node, the PodScheduled condition is set to true.
- When all the containers in the pod are ready, the ContainersReady condition is set to true and finally the pod itself is considered to be Ready.
- All init containers have started successfully.
- The Ready condition indicates that the applications inside the pod are running and are ready to accept user traffic.
You can specify the mechanism to check whether a pod is ready (when starting) and healthy (periodically). Probes determine the status of containers.
- Readiness Probe: determines if a pod can start to receive requests
- Liveness Probe: determines if a pod is healthy and running as expected
- HTTP Test
- TCP Test
- Execute Command
spec: containers: - name: my-web readinessProbe: httpGet: path: /api/ready port: 8001 livenessProbe: httpGet: path: /index.html port: 8001 initialDelaySeconds: 15 # wait 15 seconds timeoutSeconds: 2 # timeout after 2 seconds periodSeconds: 10 # check every 10 seconds failureThreshold: 3 # allow 3 failures
spec: containers: - name: my-app readinessProbe: # or livenessProbe: tcpSocket: port: 3001
spec: containers: - name: my-web readinessProbe: # or livenessProbe: exec: command: - cat - /api/ready