Probe into Kubernetes Pod
abcdocker DevOps perspective
Pod introduction
Each Pod has a special Pause container called the root container. The image corresponding to the Pause container is part of the Kubernetes platform. In addition to the Pause container, each Pod also contains one or more closely related user business containers.
Why did Kubernetes design a new Pod concept with such a special structure?
- The Pause container is the Pod root container, and its state represents the state of the entire container group
- Multiple business containers in a Pod share the IP of the Pause container, and the Volume
Kubernetes to which the Pause container is connected assigns a unique IP address to each Pod, which is called Pod IP. Multiple containers in a Pod share the Pod IP. Kubernetes requires the underlying network to support TCP/IP direct communication between any two Pods in the cluster, using virtual Layer 2 network technology to achieve direct communication between a container in one Pod and a Pod container on another host.Static Pod & Normal Pod
Ordinary Pod
Once the ordinary Pode is created, it will be stored in etcd, and then will be scheduled by the Kubernetes Master to a specific Node and bound (Binding), and then the Pod will be instantiated by the kubelet process on the corresponding Node. A set of related docker containers are up and running. When a container in a Pod stops, Kubernetes will automatically detect the problem and restart the Pod (restart all containers in the Pod). If the Node where the Pod is located goes down, all Pods on this Node will be re-scheduled To other nodes.
Static Pod (STatic Pod)
The static Pod is not stored in the etcd storage of Kubernetes, but stored in a file on a specific Node, and only starts and runs on this Node.
A static Pod is a Pod managed by kubelet that only exists on a specific Node. They cannot be managed through API Server, cannot be associated with ReplicationController (RC), Deployment, or DaemonSet, and kubelet cannot perform health checks on them. Static Pod is always created by kubelet and always runs on the Node where kubelet is locatedEndpoint
The Pod's IP plus the container port here form a brand new concept---Endpoint, which represents the external communication address of a service process in this Pod. A Pod also has multiple Endpoints. For example, when we define Tomcat as a Pod, we can expose the two Endpoints, the port and the service port.
Event
Event is a record of an event, recording the earliest generation time of the event, the last recurrence time, the number of repetitions, the initiator, the type, and the cause of the event and many other information. Event is usually associated with a specific resource, which is an important reference for troubleshooting. Node description information includes Event, and Pod also has Event records.
When we find that a Pod cannot be created for a long time, we can use kubectl describe pod [Pod name] to check and locate the problem.
Example:
# kubectl get pod
NAME READY STATUS RESTARTS AGE
nginx-deployment-5c6b9976cc-2qbkr 0/1 ContainerCreating 0 14s
nginx-deployment-5c6b9976cc-bqtvp 0/1 ContainerCreating 0 14s
nginx-deployment-5c6b9976cc-ttdrz 0/1 ContainerCreating 0 14s
# kubectl describe pod nginx-deployment-5c6b9976cc-2qbkr
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 35s default-scheduler Successfully assigned default/nginx-deployment-5c6b9976cc-2qbkr to master
Warning FailedCreatePodSandBox 6s (x2 over 28s) kubelet, master Failed create pod sandbox: rpc error: code = Unknown desc = failed pulling image "gcr.io/google_containers/pause-amd64:3.0": Error response from daemon: Get https://gcr.io/v1/_ping: dial tcp 74.125.203.82:443: getsockopt: connection timed out