Sunday, May 23, 2021

Kubernetes Pods

Introduction 
------------ 
 

* group of 1 or more containers 

* pod names are also DNS names within kubernetes clusters 

  format of pod name: <replica-set name>-<hash> 

 

Sample Manifests 

---------------- 

 

Basic 

 

Specifying node selection 

apiVersion: v1 

kind: Pod 

metadata: 

  name: cuda-test 

spec: 

  containers: 

    - name: cuda-test 

      image: "k8s.gcr.io/cuda-vector-add:v0.1" 

      resources: 

        limits: 

          nvidia.com/gpu: 1 

  nodeSelector: 

    accelerator: nvidia-tesla-p100 

 

Tutorials 

--------- 

 

Listing pod names 

kubectl get pods --selector=job-name=pi --output=jsonpath='{.items[*].metadata.name}' 

Basic Pod 

apiVersion: v1 

kind: Pod 

metadata: 

  name: myapp-pod 

  labels: 

  app: myapp 

spec: 

  containers: 

  - name: myapp-container 

    image: busybox 

    command: ['sh', '-c', 'echo Hello Kubernetes! && sleep 3600'] 

 

Using local host path as volume mounts 

 

apiVersion: v1 

kind: Pod 

metadata: 

  name: ftp 

spec: 

  containers: 

  - name: logstash 

    image: myfiles:v1 

    ports: 

    - containerPort: 21 

      name: ftp 

    volumeMounts: 

    - name: ftp 

      mountPath: /var/ftp/pub 

  volumes: 

  - name: ftp 

    hostPath: 

      path: /home/john/local/ftp_files 

Defining environment 

variable for a container 

apiVersion: v1 

kind: Pod 

metadata: 

  name: envar-demo 

  labels: 

  purpose: demonstrate-envars 

spec: 

  containers: 

  - name: envar-demo-container 

    image: gcr.io/google-samples/node-hello:1.0 

    env: 

    - name: DEMO_GREETING 

      value: "Hello from the environment" 

    - name: DEMO_FAREWELL 

      value: "Such a sweet sorrow" 

Using initcontainer 

apiVersion: v1 

kind: Pod 

metadata: 

  name: myapp-pod 

  labels: 

  app: myapp 

spec: 

  containers: 

  - name: myapp-container 

    image: busybox 

    command: ['sh', '-c', 'echo The app is running! && sleep 3600'] 

  initContainers: 

  - name: init-myservice 

    image: busybox 

    command: ['sh', '-c', 'until nslookup myservice; do echo waiting for myservice; sleep 2; done;'] 

  - name: init-mydb 

    image: busybox 

    command: ['sh', '-c', 'until nslookup mydb; do echo waiting for mydb; sleep 2; done;'] 

Using emtyDir as volume 

apiVersion: v1 

kind: Pod 

metadata: 

  name: test-pd 

spec: 

  containers: 

  - image: k8s.gcr.io/test-webserver 

    name: test-container 

    volumeMounts: 

    - mountPath: /cache 

      name: cache-volume 

  volumes: 

  - name: cache-volume 

    emptyDir: {} 

Exposing UDP port 

[...] 

spec: 

  containers: 

  - name: logstash 

    image: myfiles:v1 

    ports: 

    - containerPort: 514 

      protocol: UDP 

      name: syslog 

[...] 

Running container 

as different user 

apiVersion: v1 

kind: Pod 

metadata: 

  name: security-context-demo 

spec: 

  securityContext: 

  runAsUser: 1000 

  fsGroup: 2000 

  volumes: 

  - name: sec-ctx-vol 

      emptyDir: {} 

  containers: 

  - name: sec-ctx-demo 

    image: gcr.io/google-samples/node-hello:1.0 

[...] 

Adding arguments 

      - name: logstash 

        image: docker.elastic.co/logstash/logstash-oss:6.2.3 

        args: 

        - "--pipeline.batch.size=500" 

Executing commands on pod startup and shutdown 

apiVersion: v1 

kind: Pod 

metadata: 

  name: lifecycle-demo 

spec: 

  containers: 

  - name: lifecycle-demo-container 

    image: nginx 

    lifecycle: 

      postStart: # --> no guarantee that this will be executed before container's entrypoint 

        exec: 

          command: ["/bin/sh", "-c", "echo Hello from the postStart handler > /usr/share/message"] 

      preStop: 

        exec: 

          command: ["/usr/sbin/nginx","-s","quit"] 

Adding resource requests/limit 

         

[...] 

        volumeMounts: 

        - name: mariadbdata 

          mountPath: /var/lib/mysql 

        ports: 

          - containerPort: 3306 

            name: mariadb 

        resources: 

          requests: 

            cpu: 1 

            memory: 2Gi 

          limits: 

            cpu: 2 

            memory: 4Gi 

      volumes: 

[...] 

 

https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/#resource-requests-and-limits-of-pod-and-container 

Adding hostAliases on pods 

apiVersion: v1 

kind: Pod 

metadata: 

  name: hostaliases-pod 

spec: 

  restartPolicy: Never 

  hostAliases: 

  - ip: "127.0.0.1" 

    hostnames: 

    - "foo.local" 

    - "bar.local" 

  - ip: "10.1.2.3" 

    hostnames: 

    - "foo.remote" 

    - "bar.remote" 

  containers: 

  - name: cat-hosts 

    image: busybox 

    command: 

    - cat 

    args: 

    - "/etc/hosts" 

Adding command and arguments 

apiVersion: v1 

kind: Pod 

metadata: 

  name: command-demo 

  labels: 

    purpose: demonstrate-command 

spec: 

  containers: 

  - name: command-demo-container 

    image: debian 

    command: ["printenv"] 

    args: ["HOSTNAME", "KUBERNETES_PORT"] 

  restartPolicy: OnFailure 

Get only pod names 

kubectl get pods --template '{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}' 
kubectl get po -o name 

Delete all pods in a namespace 

kubectl -n namespace_name delete po `kubectl get pods -o go-template --template '{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}'` 

Running as specific user 

spec: 
  securityContext: 
    runAsUser: 1000 
  containers: 
  [...] 

-
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)