ale-courses/devops
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
devops/materials/04-pod-networking-lifecycle-and-patterns.md
ALE Seeder 9c6ce01b67 seed: example course content
2026-01-01 00:00:00 +00:00

2.4 KiB
Raw Permalink Blame History

id title
mat-04-pod-networking-lifecycle-and-patterns Pod Networking, Lifecycle, and Multi-Container Patterns

Pod networking, lifecycle, and patterns

Anatomy of a Pod (namespaces)

A Pod isolates resources via namespaces such as:

  • net namespace (IP, ports, routing table)
  • pid namespace (isolated process tree)
  • mnt namespace (filesystems and volumes)
  • UTS namespace (hostname)
  • IPC namespace (Unix domain sockets and shared memory)

Pods and shared networking

Every Pod has its own network namespace:

  • its own IP
  • its own TCP/UDP port range
  • its own routing table

Single-container Pod:

  • the container uses the Pods network namespace directly.

Multi-container Pod:

  • all containers share the Pods IP/ports/routing table
  • container-to-container communication is via localhost:<port>

Kubernetes pod network overlay

  • Each Pod gets a unique IP that is routable inside the clusters pod network.
  • The pod network is a flat overlay network that allows Pod-to-Pod communication even across nodes on different underlay networks.

Pod lifecycle

Typical phases:

  1. Pending (accepted but not yet running)
  2. Running
  3. Succeeded (for short-lived apps that complete)
  4. Running (for long-lived apps that keep running)

Pod restart policy

Possible configs:

  • Always (default)
  • OnFailure
  • Never

Guidance:

  • short-lived apps should be OnFailure or Never
  • long-lived apps can be either, but are typically managed via Controllers
  • short-lived apps are often wrapped in Jobs (e.g., CronJobs)

Pod immutability

Pods are immutable. If you need to change metadata, create a new Pod.

Multi-container Pod patterns

Common patterns:

  • Sidecar: performs a secondary task for the main container (logging, metrics, service mesh, …)
    • adapter (variation): reformats output (e.g., nginx logs → prometheus)
    • ambassador (variation): brokers connectivity to external systems
  • Init container: guaranteed to start and finish before the main container (pull content, setup privileges, …)

Pod hostnames

  • Every container in a Pod inherits its hostname from the Pod name.
  • All containers in a multi-container Pod share the same hostname.
  • Use DNS-safe Pod names: a-z, 0-9, -, .

Pod DNS (example format)

Pods can have DNS names in the format:

  • pod-ip-address.my-namespace.pod.cluster-domain.example

Example (default namespace; cluster domain cluster.local):

  • 172-17-0-3.default.pod.cluster.local