Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

What is Pod in kubernetes

2025-04-05 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Internet Technology >

Share

Shulou(Shulou.com)06/01 Report--

This article mainly introduces what Pod is in kubernetes. It is very detailed and has certain reference value. Friends who are interested must finish reading it.

One: what is Pod?

Pod is the most important and basic concept of Kubernetes. It is the smallest deployment unit that can be created, scheduled, and managed. A Pod represents a running process in the cluster.

Second: the composition of Pod

A Pod consists of a special root container Pause container and several closely related user business containers.

The Pause container is the root container of Pod, and its state represents the state of the entire container group.

Multiple containers in Pod share the IP of the Pause container and the Volume mounted by the Pause container.

Kubernetes assigns a unique IP address to each Pod, called Pod IP, and multiple containers in a Pod share Pod IP addresses. Kubernetes requires the underlying network to support direct TCP/IP communication between any two Pod in the cluster, which is usually realized by virtual layer 2 network technology. A container in one Pod can communicate directly with a Pod container on another host.

Containers in Pod share not only network and storage, but also:

PID namespace: a container in a Pod can see the process of the other container.

IPC namespace: a container within a Pod can communicate using POSIX message queuing

UTS namespace: a container shared hostname within a Pod.

Once the Pod is created, it is stored in the etcd, and then dispatched by Master to a specific Node for binding, and then the Pod is instantiated and started by a set of related Docker containers by the kubelet process on the corresponding Node. By default, when a container in Pod stops, Kubernetes will restart the entire Pod;. If the Node where the Pod is located is down, all Pod on that Node will be rescheduled to other nodes.

Event is a record of an event, recording many information such as the earliest occurrence time, the last recurrence time, the number of repeats, the initiator, the type, and the cause of the event. Pod also has Event records, which can be used to locate the problem and find the cause.

Third: the life cycle of Pod

Pod's restart policy (RestartPolicy) applies to all containers in the Pod, and the kubelet determines and restarts only on the Node where the Pod is located.

The restart policy of Pod includes Always, OnFailure and Nerver. The default value is Always.

Four: the health check of Pod

Two types of probes can be used to check the health of Pod: LivenessProbe and ReadinessProbe:

LivenessProbe probe: used to determine whether the container is alive (running status). If the LivenessProbe probe detects that the container is unhealthy, kubelet kills the container and responds according to the container's restart strategy.

ReadinessProbe probe: used to determine whether the container has been started (ready status) and can accept requests. If the ReadinessProbe probe probe fails, the state of the Pod is modified. Endpoint Controller removes the Endpoint that contains the Pod where the container is located from the Endpoint of the service.

Kubelet customizes the execution of LivenessProbe probes to diagnose the health status of containers. There are three ways:

1.ExecAction: execute a command inside the container. If the return value of the command is 0, the container is healthy.

2.TCPSocketAction: perform a TCP check with the container ip address and port number. If a tcp connection can be established, the container is healthy.

3.HTTPGetAction: the http get method is called through the container Ip address, port number and path. If the response status is greater than 200and less than 400, the container is considered healthy.

Fifth: scheduling of Pod

In Kubernetes system, Pod is only the carrier of container in most scenes, and usually needs to complete the scheduling and automatic control function of Pod through objects such as RC, Deployment, DaemonSet, Job and so on.

Fully automatic scheduling:

NodeSelector: directed scheduling

The scheduler service (kube-Scheduler process) on Kubernetes Master is responsible for the scheduling of Pod. Through a series of complex algorithms, the whole process finally calculates an optimal target node for each Pod. Usually, we can not know which node Pod will be scheduled to. In practice, we need to schedule the Pod to our specified node, which can be achieved by matching the tag of the Node with the nodeSelector attribute of the pod.

NodeAffinity: affinity scheduling

This scheduling strategy is a new generation scheduling strategy to replace NodeSelector in the future. Because NodeSelector matches precisely through Node's Label, all NodeAffinity add operators such as In, NotIn, Exists, DoesNotexist, Gt, Lt, and so on, to select Node. Dispatching side exposure is more flexible.

DaemonSet specific scenario scheduling:

Such as

Run a log collector, such as fluentd or logstach, on each Node.

Batch scheduling:

VI: file configuration of Pod

All resource objects in Kubernetes are defined or described in yaml or JSON format. The following is the template of Pod resource definition file:

# complete content of pod definition file in yaml format:

ApiVersion: v1 # required, version number, such as v1

Kind: Pod # required, Pod

Metadata: # required, metadata

Name: string # required, Pod name

Namespace: required for string #, namespace to which Pod belongs

Labels: # Custom tag

-name: string # Custom tag name

Annotations: # Custom comment list

-name: string

Spec: # required, detailed definition of container in Pod

Containers: # required, container list in Pod

-name: string # required, container name

Image: string # is required, and the image name of the container

ImagePullPolicy: [Always | Never | IfNotPresent] # Policy for obtaining images Alawys means downloading images IfnotPresent means to use local images first, otherwise downloading images, Nerver means only local images are used

Command: [string] # list of startup commands for the container, if not specified, use the startup commands used when packaging

Args: [string] # list of startup command parameters for the container

WorkingDir: working directory of the string # container

VolumeMounts: # configuration of storage volumes mounted inside the container

-name: string # refers to the name of the shared storage volume defined by pod, using the volume name defined in the volumes [] section

MountPath: the absolute path of mount for string # storage volumes in the container, which should be less than 512 characters

ReadOnly: whether boolean # is in read-only mode

Ports: # list of port library numbers to be exposed

-name: string # port number name

ContainerPort: the port number that the int # container needs to listen to

HostPort: the port number to be listened to by the host where the int # container resides, which is the same as Container by default

Protocol: string # port protocol, supports TCP and UDP, default TCP

Env: # list of environment variables to be set before the container runs

-name: string # environment variable name

Value: the value of the string # environment variable

Resources: # Resource limits and request settings

Limits: # Settings of resource limits

Cpu: the limit of string # Cpu (in core), which will be used for the parameter docker run-- cpu-shares

Memory: string # memory limit, which can be in Mib/Gib and will be used for the docker run-- memory parameter

Requests: # Settings for resource requests

Cpu: string # Cpu request, the initial available quantity initiated by the container

Memory: string # has clear memory and the initial available quantity of container startup

LivenessProbe: # set the health check of a container in Pod. If the probe fails to respond several times, the container will be automatically restarted. The check methods include exec, httpGet and tcpSocket. You only need to set one of these methods for a container.

Exec: # set the check mode in Pod container to exec mode

Command: [string] # commands or scripts that need to be developed in exec mode

HttpGet: # set the health check method of a container in Pod to HttpGet, and you need to set Path and port

Path: string

Port: number

Host: string

Scheme: string

HttpHeaders:

-name: string

Value: string

TcpSocket: # set the health check mode of a container in Pod to tcpSocket mode

Port: number

InitialDelaySeconds: the time of the first probe after the 0 # container is started (in seconds)

TimeoutSeconds: 0 # timeout for container health check probe waiting for response (in seconds). Default is 1 second.

PeriodSeconds: 0 # regular detection time setting for container monitoring check (in seconds). Default is 10 seconds.

SuccessThreshold: 0

FailureThreshold: 0

SecurityContext:

Privileged: false

RestartPolicy: [Always | Never | OnFailure] # Pod restart policy. Always indicates that once the operation is terminated, kubelet will restart. OnFailure indicates that only Pod will restart if it exits with a non-0 exit code. Nerver indicates that the Pod will not be restarted.

NodeSelector: obeject # setting NodeSelector means dispatching the Pod to the node containing this label and specifying it in key:value format

ImagePullSecrets: # secret name used for Pull mirroring, specified in key:secretkey format

-name: string

HostNetwork: whether false # uses host network mode. Default is false. If set to true, host network is used.

Volumes: # define a list of shared storage volumes on this pod

-name: string # shared storage volume name (there are many volumes types)

EmptyDir: a storage volume of type emtyDir, a temporary directory with the same life cycle as Pod. Null value

HostPath: string # storage volume of type hostPath, indicating the directory of the host where the Pod is mounted

Path: the directory of the host where string # Pod resides, which will be used for the directory of mount in the same period

Secret: # Storage volume of type secret, which mounts the cluster and defined secre objects into the container

Scretname: string

Items:

-key: string

Path: string

ConfigMap: # Storage volume of type configMap, which mounts predefined configMap objects into the container

Name: string

Items:

-key: string

Path: string

The above is all the content of this article "what is Pod in kubernetes?" Thank you for reading! Hope to share the content to help you, more related knowledge, welcome to follow the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Share To

Internet Technology

Wechat

© 2024 shulou.com SLNews company. All rights reserved.

12
Report