Basic concepts of Pod
Pod is the smallest unit created and managed by Kubernetes. A pod consists of one container or multiple containers, which share storage and network.
Pod features
- A Pod can be understood as an application instance that provides services
- The container in the Pod is always deployed on one Node
- The containers in the Pod share network and storage resources
- Kubernetes manages pods directly, not containers
Pod meaning
Main usage of Pod:
- Running a single container: the most common usage. In this case, Pod can be regarded as an abstract encapsulation of a single container
- Run multiple containers: encapsulate multiple tightly coupled applications that need to share resources
If you have these requirements, you can run multiple containers:
- File interaction between two applications
- Two applications need to pass 127.0 0.1 or socket communication
- Two applications need frequent calls
Implementation mechanism of Pod resource sharing
Restart strategy
- Always: always restart the container after the container terminates and exits. The default policy is always restart
- OnFailure: restart the container only when the container exits abnormally (the exit status code is not 0) (abnormal exit, such as stop and kill)
- Never: never restart the container when the container terminates and exits (never restart)
[root@master manifest]# cat test.yml
apiVersion: v1
kind: Pod
metadata:
name: web
spec:
containers: //One pod multiple containers
- name: nginx
image: nginx
imagePullPolicy: IfNotPresent
- name: test
image: busybox
imagePullPolicy: IfNotPresent
command: ["bin/sh","-c","sleep 450"]
restartPolicy: Never #By default, it does not need to be modified. If it is changed to never, the container will not restart
[root@master manifest]# kubectl apply -f test.yml // Create pod
pod/web created
[root@master manifest]# kubectl get pod
NAME READY STATUS RESTARTS AGE
web 2/2 Running 0 92s
[root@master manifest]# kubectl get pod -o wide -w // Stop one of them on node2 and find that it will not restart
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
web 1/2 NotReady 0 4m51s 10.244.2.10 node2.example.com <none> <none>
health examination
- Livenessprobe (survival check): if the check fails, the container will be killed. Operate according to the - restartPolicy of Pod
- Readiness probe: if the check fails, Kubernetes will remove the Pod from the service endpoints
Supported inspection methods:
- httpGet: send an HTTP request and return the status code in the range of 200-400 as success
- exec: executing the s hell command returns a status code of 0, indicating success
- tcpSocket: TCP Socket initiated successfully
Combined with restart strategy
Restart policy + health check
//Port detection
[root@master ~]# cat test.yml
---
apiVersion: v1
kind: Pod
metadata:
name: web
spec:
containers:
- name: nginx
image: nginx
imagePullPolicy: IfNotPresent
ports:
- containerPort: 80
hostPort: 80
livenessProbe:
tcpSocket:
port: 80
initialDelaySeconds: 20 #How many seconds after starting the container health check
periodSeconds: 10 #How many seconds will it be checked in the future
readinessProbe:
httpGet:
port: 80
initialDelaySeconds: 20
periodSeconds: 10
[root@master ~]# kubectl apply -f test.yml
pod/web created
//Check the pod and find that initialization is in progress
[root@master ~]# kubectl get pod
NAME READY(Ready status) STATUS(Survival status) RESTARTS AGE
web 0/1 Running 0 18s
//It will enter operation after waiting for a certain time
[root@master ~]# kubectl get pod
NAME READY STATUS RESTARTS AGE
web 1/1 Running 0 34s
environment variable
Variable values can be defined in several ways:
- Custom variable value
- The variable value is obtained from the Pod property
- Variable values from Secrt, ConfigMap
Custom variable value
---
apiVersion: v1
kind: Pod
metadata:
name: test
spec:
containers:
- name: test
image: busybox
imagePullPolicy: IfNotPresent
command: ["bin/sh","-c","sleep 45"]
env:
- name: HN
value: tom
[root@master ~]# kubectl apply -f test.yml
pod/test created
[root@master ~]# kubectl get pod
NAME READY STATUS RESTARTS AGE
test 1/1 Running 0 21s
[root@master ~]# kubectl exec -it test -- /bin/sh
/ # echo $HN
tom
The variable value is obtained from the Pod property
[root@master ~]# cat test.yml
---
apiVersion: v1
kind: Pod
metadata:
name: test
spec:
containers:
- name: test
image: busybox
imagePullPolicy: IfNotPresent
command: ["bin/sh","-c","sleep 45"]
env:
- name: HN
valueFrom:
fieldRef:
fieldPath: metadata.name
[root@master ~]# kubectl delete -f test.yml
pod "test" deleted
[root@master ~]# kubectl apply -f test.yml
pod/test created
[root@master ~]# kubectl get pod
NAME READY STATUS RESTARTS AGE
test 1/1 Running 0 21s
[root@master ~]# kubectl exec -it test -- /bin/sh
/ # echo $HN
test
Variable value from Secrt
[root@master ~]# cat test.yml
---
apiVersion: v1
kind: Pod
metadata:
name: test
spec:
containers:
- name: test
image: busybox
imagePullPolicy: IfNotPresent
command: ["bin/sh","-c","sleep 45"]
env:
- name: HN
valueFrom:
fieldRef:
fieldPath: spec.nodeName
[root@master ~]# kubectl apply -f test.yml
pod/test created
[root@master ~]# kubectl get pod
NAME READY STATUS RESTARTS AGE
test 1/1 Running 0 17s
[root@master ~]# kubectl exec -it test -- /bin/sh
/ # echo $HN
node1
Init container
Initialize container
- Init Container: used to initialize work and end after execution (one-time task)
- Most application container configurations are supported, but health checks are not supported
- Priority application container execution
Application scenario:
- Environment check: for example, ensure that the service that the application container depends on is started before starting the application container
- Initialize configuration: for example, prepare a configuration file for the application container
[root@master manifest]# cat test.yml
---
apiVersion: v1
kind: Pod
metadata:
name: web
namespace: default
spec:
initContainers:
- name: download
image: busybox
imagePullPolicy: IfNotPresent
volumeMounts:
- name: data
mountPath: /tmp
containers:
- name: nginx
image: nginx
imagePullPolicy: IfNotPresent
ports:
- containerPort: 80
hostPort: 80
volumeMounts:
- name: data
mountPath: /usr/share/nginx/html
volumes:
- name: data
hostPath:
path: /var/www/html
//Create storage volume mapping directory
[root@node1 ~]# mkdir /var/www/html/ -p
[root@node1 ~]# cd /var/www/html/
[root@node1 html]# echo "hello world" > index.html
[root@node2 ~]# mkdir /var/www/html/ -p
[root@node2 ~]# cd /var/www/html/
[root@node2 html]# echo "123" > index.html
[root@master manifest]# kubectl apply -f test.yml
pod/web created
[root@master manifest]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
web 1/1 Running 0 21s 10.244.2.11 node2.example.com <none> <none>
[root@master manifest]# curl 10.244.2.11
123
//pod details
[root@master manifest]# kubectl describe pod web
Name: web
Namespace: default
Priority: 0
Node: node2.example.com/192.168.237.141
Start Time: Thu, 23 Dec 2021 11:15:45 +0800
Labels: <none>
Annotations: <none>
Status: Running
IP: 10.244.2.11
IPs:
IP: 10.244.2.11
Init Containers:
download:
Container ID: docker://ee2cad1f98d7cc104a0a9e8463d5dc3d4790693de38df6c5b0454bb08d76338a
Image: busybox
Image ID: docker-pullable://busybox@sha256:b5cfd4befc119a590ca1a81d6bb0fa1fb19f1fbebd0397f25fae164abe1e8a6a
Port: <none>
Host Port: <none>
State: Terminated
Reason: Completed
Exit Code: 0
Started: Thu, 23 Dec 2021 11:15:46 +0800
Finished: Thu, 23 Dec 2021 11:15:46 +0800
Ready: True
Restart Count: 0
Environment: <none>
Mounts:
/tmp from data (rw)
/var/run/secrets/kubernetes.io/serviceaccount from default-token-r4pr2 (ro)
Containers:
nginx:
Container ID: docker://3ccb5aaf458a5b7e6afe4c60a24ea8314690261e342525d0be6f92341723df90
Image: nginx
Image ID: docker-pullable://nginx@sha256:1f105601bfded0fa298d8c5efd5569f4ed3bf53dc7f4c41c691c29999550f6a3
Port: 80/TCP
Host Port: 80/TCP
State: Running
Started: Thu, 23 Dec 2021 11:15:47 +0800
Ready: True
Restart Count: 0
Environment: <none>
Mounts:
/usr/share/nginx/html from data (rw)
/var/run/secrets/kubernetes.io/serviceaccount from default-token-r4pr2 (ro)
Conditions:
Type Status
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
data:
Type: HostPath (bare host directory volume)
Path: /var/www/html
HostPathType:
default-token-r4pr2:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-r4pr2
Optional: false
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 74s default-scheduler Successfully assigned default/web to node2.example.com
Normal Pulled 73s kubelet Container image "busybox" already present on machine
Normal Created 73s kubelet Created container download
Normal Started 73s kubelet Started container download
Normal Pulled 73s kubelet Container image "nginx" already present on machine
Normal Created 72s kubelet Created container nginx
Normal Started 72s kubelet Started container nginx
These types of containers are available in the Pod
- Infrastructure Container: base container
Maintain the entire Pod cyberspace - lnitContainers: initialize the container
Execute before business container - Containers: Business Container
Parallel start