Friday, September 2, 2022

Understanding the Kubernetes Pods

Kubernetes pod 

The Kubernetes pod is going to represent a running process on the Kubernetes cluster.

It encapsulates an application container, storage resources, a unique network IP Address. Inside a pod, we can have one or more containers. The containers in a Pod are automatically co-located and co-scheduled on the same physical or virtual machine in the Kubernetes cluster.

A Multi container pod is going to be very tightly coupled inside. The containers share access to their memory space. They can be connected to each other using localhost. That is if a web application running on a container can be accessed in a busybox container running in the same pod. Containers in the pod can share storage(volumes) disk space as well.

What is a Pod in Kubernetes?

A pod is an atomic unit of scheduling in the Kubernetes ecosystem. Pods are ephemeral they live in a short time span.

Virtualization, Containerization, Pod



On the master node, the different Controllers are running for monitoring and self-healing of the pods. Containers in different pods have distinct IP addresses. And if the pod regenerated every time new IP address will be assigned to the Pod.


What does a pod do?

K8s Pods represent the processes running on a cluster. By limiting pods to a single process, Kubernetes can report on the health of each process running in the cluster. 
Pods have:
  • a unique IP address (which allows them to communicate with each other)
  • persistent storage volumes (as required)
  • configuration information that determines how a container should run.

Although most pods contain a single container, many will have a few containers that work closely together to execute the desired function

What are the benefits of a Pod?

=>When pods contain multiple containers, communications, and data sharing between them is simplified. Since all containers in a pod share the same network namespace, they can locate each other and communicate via localhost. Pods can communicate with each other by using another pods IP address or by referencing a resource that resides in another pod.


Pods can include containers that run when the pod is started, say to perform initiation required before the application containers run. Additionally, pods simplify scalability, enabling replica pods to be created and shut down automatically based on changes in demand

How does a pod work?

=>Pods are created by workload resources called controllers, which manage the rollout, replication, and health of pods in the cluster. For example, if a node in the cluster fails, a controller detects that the pods on that node are unresponsive and creates replacement pod(s) on other nodes.


The three most common types of controllers are:

  • Jobs for batch-type jobs that are ephemeral, and will run a task to completion
  • Deployments for applications that are stateless and persistent, such as web servers (HTTP servers)
  • StatefulSets for applications that are both stateful and persistent such as databases

If a pod has multiple containers, they are all scheduled together on the same server in the cluster, whether VM or physical server. All containers in the pod share their resources and dependencies and can coordinate their execution and termination. For example, pods can contain ‘init’ containers that run before the application containers run, setting up the environment for the applications that follow.


Pods are almost always created by controllers which then can automatically manage the pod lifecycle, including replacing failed pods, replicating pods when necessary, and evicting the pod from cluster nodes when they are complete or no longer needed.


Controllers use information in a pod template to create the pods, and controllers ensure that running pods match the deployment defined in the pod template, for example by creating replicas to match the number defined in the deployment.

How do pods communicate with each other?

=>When a pod is created it is assigned its own unique IP address. If there are multiple containers within the pod, they can communicate with each other simply by using localhost. Communications outside of the pod is achieved by exposing a port. Communications between pods in a cluster takes advantage of the fact that Kubernetes assigns a cluster-private IP address to every pid in a cluster, eliminating the need to either explicitly create links between pods or to map container ports to host ports. In this way, every pod in a cluster can ‘see’ each other without the need for NAT

6)what are the basic kubectl commands used for pods?
1) get
2) create pods
3) delete pods
4) get pods

What are Pod lifecycle states?

The pod life cycle states will be represented with the docker action as shown:

Kubernetes vs Docker
Kubernetes Pod Life Cycle


=>pending
=>running
=>succeeded
=>failed
=>unknown

downloading=>     blocked=>          pending=>      starting=>         ready=>       failed
   (docker image) (docker create)    (created)     (docker start)    (container up)    (exited)
--------------------------------------------------------------------------------------------------------------------



Kubernetes multi-container pods

=>Sidecar containers "help" the main container (may be web application or database). 
For example, log or data change watchers, monitoring adapters, and so on. 
A log watcher, for example, can be built once by a different team and reused across different applications. 

Another example of a sidecar container is a file or data loader that generates data for the main container.

Multi-container Pod



We can define a fresh pod-config in a YAML file sample file is given below:
#File: nginx-pod.yaml
apiVersion: v1
kind: pod
metadata:
  name: nginx-pod
  labels:
    app: nginx
    tier: dev
spec:
  container:
  -name: nginx-container
   image: nginx

Pod Create & Display commands 

1) To create a new pod we can use the kubectl create and then pass the pod definition YAML file. 
kubectl create -f nginx-pod.yaml 
  pod/nginx-pod created
  
Other options to Create a new pod with the nginx image using deployment or using run sub-command:
  kubectl create deployment mynginx -- image=nginx
  kubectl run nginx --image=nginx
  

2) How to check how many pods exists on the system?
To know how many pods running in the current default namespace. To check pod is RUNNING or failed  we can use the kubectl with  get sub-command on Kubernetes cluster running system to get pods status
kubectl get pods

* The READY column in the output indicates Running containers in Pod/Total containers in Pod. 3) To check IP address of the pod we can use the -o wide option
kubectl get pod -o wide 

4) To get the Pod definition in JSON or  YAML file we have to mention the output format as shown:
kubectl get pod nginx-pod -o yaml 

5) Display all details and events of a pod
kubectl describe pod nignx-pod 

6) Validating the pod network by pinging the container IP from the Kubernetes master node
ping 10.240.1.26 

7) To enter into the Pod/container we need to use exec sub-command like in docker we do. We can use sh or bash as per the image used for creation of container, following is the command to getting a shell to a RUNNING container
kubectl exec -it nginx-pod -- /bin/sh

8) To delete the pod use the delete sub-command
kubectl delete pod nginx-pod

9) We can use the get sub-command for many resources together only thing here we need to use comma to separate them. See the following command list one or more resources
kubectl get pods,deploy

10) Display detailed state of one single pod
kubectl describe pods [pod-name] 
11) To delete pod and services which have the label provided
kubectl delete pods,service -l name=[label-name]

When you delete the pod - wait till that termination completes. 12) To delete all pod resources from the default namespace
kubectl delete pods --all

13) Execute a command against a container in a pod.
kubectl exec [pod-name] date

14) If there are multiple container is running inside a Pod, we need to communicate or connect with single container the command is note (this command execute in master node)
kubectl exec [pod-name] -c [container-name] date 

15) The exec command with -i indicates interactive and -t indicates terminal for the container inside the container
kubectl1 exec -ti [pod-name] /bin/bash 

How to Look into the Pod logs

Kubernetes maintains a logger in the ecosystem. To accessing the Kubernetes pod logs  there are two log levels are available:

  • Node-level
  • Cluster-level



print the logs for a container in a pod
 
kubectl logs [pod-name] 
for example: using nginx pod logs.

No comments:

Categories

Kubernetes (24) Docker (20) git (13) Jenkins (12) AWS (7) Jenkins CI (5) Vagrant (5) K8s (4) VirtualBox (4) CentOS7 (3) docker registry (3) docker-ee (3) ucp (3) Jenkins Automation (2) Jenkins Master Slave (2) Jenkins Project (2) containers (2) create deployment (2) docker EE (2) docker private registry (2) dockers (2) dtr (2) kubeadm (2) kubectl (2) kubelet (2) openssl (2) Alert Manager CLI (1) AlertManager (1) Apache Maven (1) Best DevOps interview questions (1) CentOS (1) Container as a Service (1) DevOps Interview Questions (1) Docker 19 CE on Ubuntu 19.04 (1) Docker Tutorial (1) Docker UCP (1) Docker installation on Ubunutu (1) Docker interview questions (1) Docker on PowerShell (1) Docker on Windows (1) Docker version (1) Docker-ee installation on CentOS (1) DockerHub (1) Features of DTR (1) Fedora (1) Freestyle Project (1) Git Install on CentOS (1) Git Install on Oracle Linux (1) Git Install on RHEL (1) Git Source based installation (1) Git line ending setup (1) Git migration (1) Grafana on Windows (1) Install DTR (1) Install Docker on Windows Server (1) Install Maven on CentOS (1) Issues (1) Jenkins CI server on AWS instance (1) Jenkins First Job (1) Jenkins Installation on CentOS7 (1) Jenkins Master (1) Jenkins automatic build (1) Jenkins installation on Ubuntu 18.04 (1) Jenkins integration with GitHub server (1) Jenkins on AWS Ubuntu (1) Kubernetes Cluster provisioning (1) Kubernetes interview questions (1) Kuberntes Installation (1) Maven (1) Maven installation on Unix (1) Operations interview Questions (1) Oracle Linux (1) Personal access tokens on GitHub (1) Problem in Docker (1) Prometheus (1) Prometheus CLI (1) RHEL (1) SCM (1) SCM Poll (1) SRE interview questions (1) Troubleshooting (1) Uninstall Git (1) Uninstall Git on CentOS7 (1) Universal Control Plane (1) Vagrantfile (1) amtool (1) aws IAM Role (1) aws policy (1) caas (1) chef installation (1) create organization on UCP (1) create team on UCP (1) docker CE (1) docker UCP console (1) docker command line (1) docker commands (1) docker community edition (1) docker container (1) docker editions (1) docker enterprise edition (1) docker enterprise edition deep dive (1) docker for windows (1) docker hub (1) docker installation (1) docker node (1) docker releases (1) docker secure registry (1) docker service (1) docker swarm init (1) docker swarm join (1) docker trusted registry (1) elasticBeanStalk (1) global configurations (1) helm installation issue (1) mvn (1) namespaces (1) promtool (1) service creation (1) slack (1)