--- id: mat-04-pod-networking-lifecycle-and-patterns title: "Pod Networking, Lifecycle, and Multi-Container Patterns" --- # Pod networking, lifecycle, and patterns ## Anatomy of a Pod (namespaces) A Pod isolates resources via namespaces such as: - net namespace (IP, ports, routing table) - pid namespace (isolated process tree) - mnt namespace (filesystems and volumes) - UTS namespace (hostname) - IPC namespace (Unix domain sockets and shared memory) ## Pods and shared networking Every Pod has its own network namespace: - its own IP - its own TCP/UDP port range - its own routing table Single-container Pod: - the container uses the Pod’s network namespace directly. Multi-container Pod: - all containers share the Pod’s IP/ports/routing table - container-to-container communication is via `localhost:` ## Kubernetes pod network overlay - Each Pod gets a unique IP that is routable inside the cluster’s **pod network**. - The pod network is a flat overlay network that allows Pod-to-Pod communication even across nodes on different underlay networks. ## Pod lifecycle Typical phases: 1. Pending (accepted but not yet running) 2. Running 3. Succeeded (for short-lived apps that complete) 4. Running (for long-lived apps that keep running) ## Pod restart policy Possible configs: - Always (default) - OnFailure - Never Guidance: - short-lived apps should be `OnFailure` or `Never` - long-lived apps can be either, but are typically managed via Controllers - short-lived apps are often wrapped in Jobs (e.g., CronJobs) ## Pod immutability Pods are immutable. If you need to change metadata, create a new Pod. ## Multi-container Pod patterns Common patterns: - **Sidecar**: performs a secondary task for the main container (logging, metrics, service mesh, …) - adapter (variation): reformats output (e.g., nginx logs → prometheus) - ambassador (variation): brokers connectivity to external systems - **Init container**: guaranteed to start and finish before the main container (pull content, setup privileges, …) ## Pod hostnames - Every container in a Pod inherits its hostname from the Pod name. - All containers in a multi-container Pod share the same hostname. - Use DNS-safe Pod names: `a-z`, `0-9`, `-`, `.` ## Pod DNS (example format) Pods can have DNS names in the format: - `pod-ip-address.my-namespace.pod.cluster-domain.example` Example (default namespace; cluster domain `cluster.local`): - `172-17-0-3.default.pod.cluster.local`