Working with Pods
Pods are the smallest deployable units in Kubernetes. Let’s explore what they are and how to work with them.
What is a Pod?
A Pod represents a single instance of a running process in your cluster. Pods contain one or more containers that share:
- Network namespace (IP address and ports)
- Storage volumes
- Configuration
Pod Lifecycle
Pods go through several phases:
- Pending - Pod accepted but containers not yet created
- Running - At least one container is running
- Succeeded - All containers terminated successfully
- Failed - All containers terminated, at least one failed
- Unknown - Pod state cannot be determined
Creating Your First Pod
Create a simple Pod using kubectl:
kubectl run nginx --image=nginx:latestView the Pod:
kubectl get podskubectl get pods -o widePod YAML Definition
Here’s a complete Pod definition:
apiVersion: v1kind: Podmetadata: name: my-app labels: app: my-app environment: developmentspec: containers: - name: app-container image: nginx:1.21 ports: - containerPort: 80 resources: requests: memory: "64Mi" cpu: "250m" limits: memory: "128Mi" cpu: "500m" env: - name: ENVIRONMENT value: "development"Apply the Pod:
kubectl apply -f pod.yamlMulti-Container Pods
Pods can run multiple containers that work together:
apiVersion: v1kind: Podmetadata: name: multi-container-podspec: containers: - name: app image: myapp:1.0 ports: - containerPort: 8080 - name: sidecar image: logger:1.0 volumeMounts: - name: logs mountPath: /var/log volumes: - name: logs emptyDir: {}Common Sidecar Patterns
- Logging - Collect and ship logs
- Monitoring - Export metrics
- Proxy - Handle network traffic
- Adapter - Transform data format
Inspecting Pods
Get detailed information:
# Describe a Podkubectl describe pod my-app
# View logskubectl logs my-app
# View logs from specific containerkubectl logs my-app -c app-container
# Follow logskubectl logs -f my-app
# Execute commands in Podkubectl exec my-app -- ls /kubectl exec -it my-app -- /bin/bashPod Networking
Each Pod gets its own IP address:
# Get Pod IPkubectl get pod my-app -o jsonpath='{.status.podIP}'
# Test connectivitykubectl run test --image=busybox -it --rm -- wget -O- http://POD_IPResource Management
Set resource requests and limits:
- Requests - Guaranteed resources
- Limits - Maximum resources allowed
resources: requests: memory: "64Mi" cpu: "250m" limits: memory: "128Mi" cpu: "500m"Health Checks
Liveness Probe
Checks if container is alive:
livenessProbe: httpGet: path: /healthz port: 8080 initialDelaySeconds: 3 periodSeconds: 3Readiness Probe
Checks if container is ready to serve traffic:
readinessProbe: httpGet: path: /ready port: 8080 initialDelaySeconds: 5 periodSeconds: 5Startup Probe
For slow-starting containers:
startupProbe: httpGet: path: /startup port: 8080 failureThreshold: 30 periodSeconds: 10Pod Management
Common operations:
# Delete a Podkubectl delete pod my-app
# Delete all Pods with labelkubectl delete pods -l app=my-app
# Force deletekubectl delete pod my-app --grace-period=0 --force
# Port forward to Podkubectl port-forward my-app 8080:80Best Practices
- One process per container - Keep containers focused
- Use health checks - Enable automatic recovery
- Set resource limits - Prevent resource exhaustion
- Use labels - Organize and query Pods
- Avoid privileged containers - Minimize security risks
- Use specific image tags - Avoid
latestin production
Troubleshooting
Common issues and solutions:
# Pod stuck in Pendingkubectl describe pod my-app # Check events
# Pod keeps restartingkubectl logs my-app --previous # View previous logs
# CrashLoopBackOffkubectl describe pod my-app # Check restart count and reason
# ImagePullBackOffkubectl describe pod my-app # Check image name and pull secretsNext Steps
While Pods are fundamental, they’re rarely created directly in production. Next, we’ll explore Deployments - the recommended way to manage Pods.