GO BACK TO BLOG'S MAIN PAGE

What are Kubernetes Pods and How Do They Work?

Posted on

Article illustration

Kubernetes objects serve as the essential building blocks that define the current state of the Kubernetes cluster. Pods serve as the fundamental components and the foundation of the Kubernetes architecture.

This article thoroughly introduces Kubernetes pods, perfect for those new to the topic. Having a solid understanding of pods will enable you to comprehend the inner workings of this container orchestration platform.

Kubernetes Pods: What are they?

A pod is the smallest unit of execution in Kubernetes. It contains one or more applications and is inherently ephemeral. If a pod or the node it runs on experiences a failure, Kubernetes can automatically generate a new replica of the pod to ensure uninterrupted operations. Pods consist of one or more containers, such as Docker containers.

Pods also offer environmental dependencies, such as persistent storage volumes (permanent and accessible storage for all pods in the cluster) and configuration data required to run the container(s) within the pod.

Pods in a Kubernetes cluster serve two primary purposes:

Containers executed within individual pods. In the world of Kubernetes, the “one-container-per-Pod” model reigns supreme. In this scenario, a Pod acts as a protective layer around a solitary container. Instead of directly handling the containers, Kubernetes takes charge of managing the Pods.

Pods that can efficiently run multiple containers that are required to collaborate seamlessly. A Pod is capable of encapsulating an application that consists of multiple containers that are closely connected and require resource sharing. These containers are grouped together to create a unified whole.

Combining multiple co-located and co-managed containers in a single Pod is a more complex scenario. This pattern is best suited for situations where your containers have a strong dependency on each other.

Understanding the Differences: Kubernetes Pods, Containers, Nodes, and Clusters

Pods act as a crucial link between application containers and other important elements in the Kubernetes hierarchy. Let’s explore how pods stack up against other essential elements of the Kubernetes orchestration platform.

Pods versus Containers. A container includes all the essential libraries, dependencies, and resources required for an application to operate autonomously. However, a pod generates a wrapper with dependencies that enable Kubernetes to effectively handle application containers.

Pods versus Nodes. In Kubernetes, a node refers to the bare metal or virtual machines responsible for hosting pods. A single node can handle multiple container pods simultaneously. Although every pod requires a node to operate, not all nodes serve as hosts for pods. The master node oversees the control plane responsible for managing pod scheduling, while the worker nodes host the pods.

Pods versus Cluster. A Kubernetes cluster consists of a collection of nodes, including a master node (high-availability clusters may have multiple masters) and a maximum of 5000 worker nodes. Clusters allow for pod scheduling on different nodes with varying configurations and operating systems.

What is the function of a Pod?

Pods are a fundamental concept in cluster computing, representing the running processes. With the ability to focus on individual processes, Kubernetes provides detailed insights into the status of each process within the cluster. Pods possess:

  • Each device has its own unique IP address, enabling seamless communication between them.
  • Storage volumes will be provided as needed.
  • Configuration information that specifies the desired behaviour of a container.

While it is common for pods to consist of a single container, some pods may have multiple containers that collaborate to perform a specific task.

Advantages of Employing Kubernetes Pods

The pod design is a key factor in the widespread adoption of Kubernetes as a container orchestrator. Through the utilisation of pods, Kubernetes has the ability to enhance container performance, restrict resource usage, and guarantee uninterrupted deployment.

Let’s explore some of the key advantages of Kubernetes pods:

Understanding the concept of container abstraction. Given the nature of a pod as an abstraction layer for the containers it hosts, Kubernetes has the ability to handle these containers as a cohesive unit within the cluster, streamlining the management of containers.

Sharing resources. Every container within a pod operates within the same network namespace. This feature allows for seamless communication through localhost, greatly streamlining networking processes. In addition to sharing a network, pod containers have the capability to share storage volumes, which is extremely beneficial for efficiently managing stateful applications.

Load balancing is an important aspect of managing network traffic. Pods have the ability to replicate throughout the cluster, while a load-balancing service can evenly distribute traffic among these replicas. Load balancing in Kubernetes provides a convenient method for exposing an application to external network traffic.

Scalability is a crucial aspect to consider. Kubernetes has the capability to dynamically adjust the number of pod replicas based on specific factors. With this feature, you have the ability to adjust the system’s capacity to meet the demands of your workload.

Monitoring your health. The system performs routine checks on the pod’s health and initiates restarts as needed. In addition, Kubernetes automatically reschedules pods that experience crashes or become unhealthy. Ensuring the application’s uptime relies heavily on automatic health monitoring.

Using Pods in Work

Creating individual Pods directly in Kubernetes, including singleton Pods, is not a common practice. Pods are intentionally created to be short-lived and easily replaceable. When a Pod is created (either by you or by a controller), it is automatically scheduled to run on a Node within your cluster. The Pod stays on the node until it completes its execution, gets deleted, is evicted due to resource constraints, or if the node experiences a failure.

Just a quick note: Restarting a container in a Pod is different from restarting the entire Pod itself. A Pod is not a process, but rather an environment designed for executing container(s). A Pod remains in existence until it is explicitly removed.

When naming a Pod, it’s important to use a valid DNS subdomain value. However, this can sometimes lead to unexpected outcomes for the Pod hostname. It is advisable to adhere to the stricter rules for a DNS label in order to ensure optimal compatibility.

How do pods communicate with one another?

Each pod is allocated a distinct IP address upon creation. If there are multiple containers within the pod, they can easily communicate with each other by using localhost. Communication outside of the pod is established by exposing a port. Communications between pods in a cluster leverage the cluster-private IP addresses assigned by Kubernetes. This eliminates the need for manual creation of links between pods or mapping container ports to host ports. With this approach, all pods within a cluster have the ability to communicate with each other directly, eliminating the need for NAT.

Life cycle

The lifespan of a pod is determined by its role within the cluster and the Kubernetes object responsible for its creation.

Kubernetes objects like jobs and cronjobs generate pods that are terminated once their assigned task is finished, such as generating reports or performing backups. However, objects such as deployments, replica sets, daemon sets, and stateful sets create pods that continue running until the user manually stops them.

The pod phase refers to the state of a pod at any given stage in its lifecycle. There are five potential pod phases:

Pending: When a pod is in the pending status, it indicates that Kubernetes has accepted it and the containers within it are currently being prepared for execution.

Running: The running status indicates that Kubernetes has successfully completed the container setup and assigned the pod to a node. In order for the status to be displayed, there needs to be at least one container that is starting, restarting, or running.

Succeeded – When a pod finishes a task (such as performing a job-related operation), it ends with the status of successful. It appears that the system has ceased functioning and is unable to be restarted.

Failed – The failed status indicates that one or more containers in the pod have terminated with a non-zero status, indicating an error.

Unknown – The status of the pod is typically labelled as “unknown” when there is an issue with the connection to the node where the pod is currently operating.

In addition to the phases, pods also have conditions. There are several condition types to consider: PodScheduled, Ready, Initialised, and Unschedulable. There are three potential statuses for each type: true, false, or unknown.

Logs

Kubernetes gathers logs from the containers operating inside a pod. Every container runtime has its own method for managing and redirecting log output. However, when it comes to integrating with Kubernetes, the CRI logging format is used as a standard.

Users have the ability to set up Kubernetes to automatically handle container log rotation and directory management. You can retrieve the logs by utilising a specialised Kubernetes API feature, which can be accessed through the kubectl logs command.

Controllers

Controllers are essential components in Kubernetes that handle the creation, monitoring, and management of pods. I can assist with tasks such as restarting and terminating pods, as well as creating new pod replicas, among other things.

The Controller Manager daemon is responsible for the management of controllers. It employs control loops to continuously monitor the state of the cluster and communicates with the API server to implement any required modifications.

Here is a list of the six most important Kubernetes controllers:

ReplicaSet is responsible for creating a group of pods that can handle the same workload.

Deployment. Creates a pre-configured ReplicaSet and offers additional options for updating and rolling back configurations.

DaemonSet. Determines which nodes are responsible for executing a pod.

StatefulSet. Manages stateful applications and creates persistent storage and pods with names that remain consistent even after restarts.

Job. Develops pods that efficiently terminate upon completion of their assigned tasks.

CronJob. A CronJob is useful for scheduling Jobs.

Templates

Kubernetes controllers have specifications known as pod templates in their YAML configurations. Templates specify the containers and volumes that a pod should execute. Controllers utilise templates whenever they require the creation of new pods.

Users can easily update the pod configuration by modifying the parameters in the PodTemplate field of a controller.

Networking

Every pod within a Kubernetes cluster is assigned a distinct cluster IP address. The containers in that pod all have the same address, as well as the network namespace and ports. This configuration allows them to communicate using localhost.

When a container from one pod needs to communicate with a container from another pod in the cluster, it is essential to utilise IP networking. Pods have a virtual ethernet connection that links to the virtual ethernet device on the node, establishing a tunnel within the node for the pod network.

Storage

The data within a pod is stored in volumes, which are storage directories that can be accessed by all the containers within the pod. There are two primary categories of storage volumes:

Persistent volumes remain intact even in the event of pod failures. The lifecycle of the volumes is handled by the PersistentVolume subsystem, and it operates separately from the lifecycle of the associated pods.

Ephemeral volumes – Volumes that are ephemeral are destroyed when the pod utilising them is terminated.

The user provides the volumes that the pod should use in a separate YAML file.

Exploring the world of Kubernetes Pods

Users interact with pods using kubectl, a powerful tool that allows them to control Kubernetes clusters by forwarding HTTP requests to the API.

Here are some of the most common pod management operations.

Pod OS

Users have the ability to specify the operating system for a pod to run on. At present, only Linux and Windows are the operating systems that are supported.

Make sure to indicate the operating system (Linux or Windows) for your pods by filling in the .spec.os.name field of the YAML declaration. Kubernetes only deploys pods on nodes that meet the required Pod OS criteria.

Directly Create Pods

Although creating pods directly from the command line can be useful for testing purposes, it is generally not advised.

To create a pod manually, you can consider using the kubectl run command:

kubectl run [pod-name] --image=[container-image] --restart=Never

The option “–restart=Never” stops the pod from constantly attempting to restart, thus avoiding a crash loop. Below is an example of a Nginx pod that has been created using kubectl run.

Using kubectl run to create a Nginx pod.

Deploying pods

It is advisable to create pods using workload resources such as deployments and replica sets. As an illustration, the YAML file provided below generates a Nginx deployment consisting of five pod replicas. Every pod contains a solitary container that is running the most up-to-date nginx image.

apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx
spec:
  selector:
    matchLabels:
      app: nginx
  replicas: 5
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:latest
        ports:
        - containerPort: 80

To generate pods from the YAML file, use the kubectl create command:

kubectl create -f [yaml-file]

Replace or update the pods

Certain pod specifications, like metadata and names, cannot be changed once Kubernetes has created a pod. To implement modifications, it is necessary to adjust the pod template and generate new pods with the desired attributes.

Pods Listing

To view the available pods, use the command provided:

kubectl get pod

The output displays a comprehensive list of pods in the current namespace, providing details such as their status, age, and additional information.

Restarting pods

Restarting a pod in Kubernetes using kubectl is not straightforward. Nevertheless, there are three alternative solutions at your disposal:

Rolling restart – The rolling restart is the most efficient method. Kubernetes executes a sequential shutdown and restart process for every container within a deployment.

Changing an environment variable – Modifying an environment variable triggers the restart and synchronisation of pods to ensure they reflect the updated changes.

Scaling – Adjusting the replicas to zero, and then returning them to the desired number.

Remove Pods

Kubernetes automatically removes pods once they finish their lifecycle. Every pod that is deleted is given a 30-second window to gracefully terminate.

Another way to delete a pod is by using the command line. You can do this by passing the YAML file that contains the pod specifications to the kubectl delete command:

kubectl delete -f [yaml-file]

This command bypasses the grace period for pod termination and promptly removes the pod from the cluster.

Examine the Pod Logs

With the kubectl logs command, you can easily view the logs of a particular pod.

kubectl logs [pod-name]

Allocate Pods to Nodes

Kubernetes intelligently assigns nodes to host pods by analysing the specifications provided when creating the workload resource. Nevertheless, users have the ability to impact the selection of a node in two different ways:

  • By utilising the nodeSelector field in the YAML file, you gain the ability to choose particular nodes.
  • By utilising a DaemonSet resource, you can effectively address scheduling limitations and guarantee the deployment of a specific application on every node within the cluster.

Monitoring pods

Collecting data from individual pods is valuable for gaining a comprehensive understanding of the cluster’s overall health. The critical pod data to monitor are:

  • The number of pod instances. This parameter is crucial for maintaining optimal system uptime.
  • Comparing the actual number of pod instances to the expected number of pod instances. Assists in developing strategies for reallocating resources.
  • Ensuring the healthy status of pod deployments. Identifies and troubleshoots misconfigurations and issues related to the distribution of pods to nodes.

In summary

This article offers a thorough introduction to Kubernetes pods, catering to those who are new to this widely-used orchestration platform. By the end of the article, you will have a clear understanding of pods – their functionality, operation, and management.

Kubernetes pods are a crucial concept to understand in the world of container orchestration. They serve as the smallest and most fundamental units of execution in a Kubernetes cluster, containing one or more containers and offering environmental dependencies such as persistent storage volumes and configuration data. Pods act as a link between application containers and other important elements in the Kubernetes hierarchy, and offer advantages such as resource sharing, load balancing, scalability, and health monitoring. By understanding the role and functionality of pods, you can effectively manage and optimize your Kubernetes cluster. Whether you are new to Kubernetes or looking to deepen your understanding, a solid grasp of pods is essential.

HAVE A QUESTION OR WANT TO GET A CUSTOM SOLUTION?

CONTACT SALES

FAQs

A Kubernetes pod is the smallest and most fundamental unit of execution in a Kubernetes cluster. It contains one or more containers and offers environmental dependencies such as persistent storage volumes and configuration data.

A container includes all the essential libraries, dependencies, and resources required for an application to operate autonomously. However, a pod generates a wrapper with dependencies that enable Kubernetes to effectively handle application containers.

Pods serve two primary purposes in a Kubernetes cluster: executing containers within individual pods and efficiently running multiple containers that are required to collaborate seamlessly.

Each pod is allocated a distinct IP address upon creation. If there are multiple containers within the pod, they can easily communicate with each other by using localhost. Communication outside of the pod is established by exposing a port. Communications between pods in a cluster leverage the cluster-private IP addresses assigned by Kubernetes.

Kubernetes controllers are responsible for the creation, monitoring, and management of pods. The Controller Manager daemon employs control loops to continuously monitor the state of the cluster and communicates with the API server to implement any required modifications.

The pod design is a key factor in the widespread adoption of Kubernetes as a container orchestrator. Through the utilization of pods, Kubernetes has the ability to enhance container performance, restrict resource usage, and guarantee uninterrupted deployment.

Users interact with pods using kubectl, a powerful tool that allows them to control Kubernetes clusters by forwarding HTTP requests to the API. Common pod management operations include creating, updating, and deleting pods, as well as viewing pod logs and allocating pods to nodes.

The lifespan of a pod is determined by its role within the cluster and the Kubernetes object responsible for its creation. Kubernetes objects like jobs and cronjobs generate pods that are terminated once their assigned task is finished, while objects such as deployments, replica sets, daemon sets, and stateful sets create pods that continue running until the user manually stops them.

Author photo

Stas Sereda

Sereda Stas has an impressive mixture of technical education and practical work experience. In brief, Stas is responsible for the following ensuring robust and trustworthy IT infrastructure security; proactive and persistent network and infrastructure monitoring; preventing any possible security breach; other security-related tasks and issues. His unique set of skills demonstrates an ability to operate at the edge of development, administration, and security simultaneously.

What else to read on the topic