Kubernetes (sometimes shortened to K8s with the 8 standing for the number of letters between the “K” and the “s”) is an open-source system to deploy, scale, and manage containerized applications anywhere. Kubernetes is a container-centric management software that allows the creation and deployment of containerized applications with ease. To read more about Kubernetes and deployment, you can refer to the Best Kubernetes Course Online. Originally created by Google Cloud in 2014, Kubernetes is now being offered by leading Cloud Providers like AWS and Azure. In this article, we are going to have a look into the working of Kubernetes and the creation of Pods for the deployment of applications.
Pods are the smallest execution unit in Kubernetes. As the official Documentation says “A Pod (as in a pod of whales or pea pod) is a group of one or more containers, with shared storage and network resources, and a specification for how to run the containers.”
For example, Let's assume that we have 5 containers ready for Kubernetes deployment. We can put all 5 containers in the same pod if all of them have to be run with the same configuration or we can divide the containers based on their purpose and load management.
Pods can also persist volumes just like docker, and they can be easily configured based on the requirement. Each Pod is tied to the Node where it is scheduled and remains there until termination (according to restart policy) or deletion. In case of a Node failure, identical Pods are scheduled on other available Nodes in the cluster.
There are two types of pods in Kubernetes namely single container pod and multi container pod.
As the name suggests, if there is only a single container running in the Kubernetes pod, then it is called a single container pod and it can easily be created with the help of a YAML file. Here is a sample YAML file used to create a pod with the postgres database.
apiVersion: v1 kind: Pod metadata: name: Postgres spec: containers: - name: Postgres image: Postgres: 3.1 ports: containerPort: 8000 imagePullPolicy: Always
In this type of pod, we can run multiple containers within a single pod. It can be created by specifying the containers in the same YAML file. Here is a sample YAML file used to create a multi container Pod with Tomcat and MongoDB images.
apiVersion: v1 kind: Pod metadata: name: Tomcat spec: containers: - name: Tomcat image: tomcat: 8.0 ports: containerPort: 7500 imagePullPolicy: Always -name: Database Image: mongoDB Ports: containerPort: 7501 imagePullPolicy: Always
Other than the number of containers running in the pod, there is no difference between a single-container pod and a multi-container pod.
In order to create a pod, we need to create a Kubernetes cluster in which we can have multiple pods based on the requirement. The clusters can also be scaled horizontally as well as vertically based on the workload. There is also an option of autoscaling based on the incoming load. Clusters are basically a set of nodes that run docker applications.
The application needs to dockerized with its own set of requirements and necessary services to keep it running. When compared to virtual machines, these are much more flexible and lightweight.
Clusters should at least have a master node, and they can have any number of worker nodes. The master node controls the entire cluster and monitors the activity, logs and metrics related to the cluster. To create a Kubernetes pod, we must create a Kubernetes cluster with the necessary configurations. A pod can be created on top of the Kubernetes cluster only. To create a pod, we must configure the yaml file according to the requirements. Here is a sample yaml file.
apiVersion: v1 kind: Pod metadata: name: nginx spec: containers: - name: nginx image: nginx:1.14.2 ports: - containerPort: 80
Command :
kubectl create -f manifests/rs-example.yaml
The main difference between create and apply commands in K8s is that create is used as a declarative state like defining the pod whereas create command in K8s is used to implement the state that has been declared.
Creates the pod with the above configurations mentioned in the YAML file.
To check if the Pod is running in the Kubernetes cluster:
Command:
kubectl get pods --watch --show-labels
Learn more about DevOps and writing pipelines with the Best DevOps Courses Online.
To view all the pods running in a Kubernetes cluster, we can use the following command
Command : kubectl get pods
This command will list all the pods running in a particular Kubernetes cluster.
To get the pod configuration we can use the following command
Command : kubectl describe pod <name of the pod>
This command will list the nginx configuration along with the pod configuration details.
It is also important to delete or kill the pods which are not used anymore in the Kubernetes cluster. The following command kills the pod present in the Kubernetes cluster.
Command: kubectl delete pod <pod-name>
After executing the above command, you will get pod <pod-name> deleted. This confirms that the pod has been successfully deleted in the Kubernetes cluster.
Labels
Labels are usually key value pairs that are attached in the yaml file to identify and indicate to the end user that this pod hosts certain kind of service. Its usually in the meta data section of the yaml file.
"metadata": { "labels": { "key1" : "value1", "key2" : "value2" } }
A Pod Security Policy defines a set of conditions a pod must run with in order to run on the cluster. These conditions span host-level access, to a range of UIDs a container can run as, and even what volumes a pod can use.
All the policies are configurable in the yaml file used to create a pod. The Yaml file can be used to implement various rules and policies over the Kubernetes pod.
Here is a sample yaml file which implements policies over the pod.
apiVersion: policy/v1beta1 kind: PodSecurityPolicy metadata: name: my-restricted-psp spec: privileged: false # Required to prevent escalations to root. allowPrivilegeEscalation: false # Allow core volume types. volumes: - 'configMap' - 'emptyDir' - 'projected' - 'secret' - 'downwardAPI' - 'nfs' - 'persistentVolumeClaim' - 'awsElasticBlockStore' hostNetwork: false hostIPC: false hostPID: false runAsUser: # Require the container to run without root privileges. rule: 'RunAsAny' seLinux: # This policy assumes the nodes are using AppArmor rather than SELinux. rule: 'RunAsAny' supplementalGroups: rule: 'MustRunAs' ranges: # Forbid adding the root group. - min: 1 max: 65535 fsGroup: rule: 'MustRunAs' ranges: # Forbid adding the root group. - min: 1 max: 65535 readOnlyRootFilesystem: false
To see what security policy your pod is using, you can type in the following command in the terminal.
kubectl describe <pod-name> -n <your-namespace>
You can refer to the following documentation for the types of policies that can be implemented over a Kubernetes pod.
It is important to know some of the best practices that engineers follow when it comes to Kubernetes.
It is also necessary to configure the pods according to the requirement to save costs if its running in a managed instance and to optimize computations.
In this blog, we have discussed the basics of Kubernetes, the steps to create a pod as well as to monitor pods in a Kubernetes cluster and some of the best practices of Kubernetes followed in the DevOps world. Enrolling to the Best Docker and Kubernetes Course at the right time can boost your DevOps career. You can also refer to the following resources to know more about K8s.
There are three ways you can create a pod (or resources) in a running k8s cluster.
We can also create resources from the Kubernetes Dashboard
A Pod is a group of one or more application containers (such as Docker or rkt) and includes shared storage (volumes), IP address and information about how to run them.
A Node is an execution unit that is necessary for a pod to run. Basically, a pod runs on 1 or more nodes based on the configuration of the cluster. The master node allocates the resources and schedules the pods across the nodes in the cluster.
Yes, if you need to run a single container in Kubernetes, then you need to create a Pod for that container. At the same time, a Pod can contain more than one container, usually because these containers are relatively tightly coupled. Running multiple containers in a single pod is called multi-container-pod.
Name | Date | Fee | Know more |
---|