Pods

Introduction Kubernetes Pods are the smallest deployable units in Kubernetes, representing one or more containers that share resources. Understanding the Pod lifecycle is crucial for debugging, monitoring, and managing applications in Kubernetes. This guide visualizes the complete Pod lifecycle: Pod Creation: From YAML manifest to scheduling State Transitions: Pending → Running → Succeeded/Failed Init Containers: Pre-application setup Container Restart Policies: How Kubernetes handles failures Termination: Graceful shutdown process Part 1: Pod Lifecycle Overview Complete Pod State Machine %%{init: {'theme':'dark', 'themeVariables': {'primaryTextColor':'#e5e7eb','secondaryTextColor':'#e5e7eb','tertiaryTextColor':'#e5e7eb','textColor':'#e5e7eb','nodeTextColor':'#e5e7eb','edgeLabelText':'#e5e7eb','clusterTextColor':'#e5e7eb','actorTextColor':'#e5e7eb'}}}%% stateDiagram-v2 [*] --> Pending: Pod created Pending --> Running: All containers started Pending --> Failed: Scheduling failedImage pull failedInvalid config Running --> Succeeded: All containerscompleted successfully(restartPolicy: Never/OnFailure) Running --> Failed: Container failedand won't restartPod deleted during run Running --> Running: Container restarted(restartPolicy: Always/OnFailure) Succeeded --> [*]: Pod cleanup Failed --> [*]: Pod cleanup Running --> Terminating: Delete requestreceived Terminating --> Succeeded: Graceful shutdownsuccessful Terminating --> Failed: Force terminationafter grace period note right of Pending Pod accepted by cluster - Waiting for scheduling - Pulling images - Starting init containers - Creating container runtime end note note right of Running Pod is executing - At least 1 container running - Could be starting/restarting - Application serving traffic - Health checks active end note note right of Succeeded All containers terminated successfully - Exit code 0 - Will not be restarted - Job/CronJob completed end note note right of Failed Pod terminated in failure - Non-zero exit code - OOMKilled - Exceeded restart limit - Node failure end note note right of Terminating Pod shutting down - SIGTERM sent - Grace period active - Endpoints removed - Cleanup in progress end note Pod Creation to Running Flow %%{init: {'theme':'dark', 'themeVariables': {'primaryTextColor':'#e5e7eb','secondaryTextColor':'#e5e7eb','tertiaryTextColor':'#e5e7eb','textColor':'#e5e7eb','nodeTextColor':'#e5e7eb','edgeLabelText':'#e5e7eb','clusterTextColor':'#e5e7eb','actorTextColor':'#e5e7eb'}}}%% flowchart TD Start([kubectl apply -f pod.yaml]) --> APIServer[API ServerValidates YAMLWrites to etcd] APIServer --> Scheduler{Scheduler findssuitable node?} Scheduler -->|No| PendingNoNode[Status: PendingReason: Unschedulable- Insufficient resources- Node selector mismatch- Taints/tolerations] Scheduler -->|Yes| AssignNode[Pod assigned to NodeUpdate: spec.nodeName] AssignNode --> Kubelet[Kubelet on target nodereceives Pod spec] Kubelet --> PullImages{Pull containerimages} PullImages -->|Failed| ImagePullError[Status: PendingReason: ImagePullBackOff- Image doesn't exist- Registry auth failed- Network issues] PullImages -->|Success| InitContainers{Init containersdefined?} InitContainers -->|Yes| RunInit[Run init containerssequentially] InitContainers -->|No| CreateContainers RunInit --> InitSuccess{All initcontainerssucceeded?} InitSuccess -->|No| InitFailed[Status: Init:Erroror Init:CrashLoopBackOff] InitSuccess -->|Yes| CreateContainers[Create main containersSetup networkingMount volumes] CreateContainers --> StartContainers[Start all containersin Pod] StartContainers --> HealthChecks{Startup probedefined?} HealthChecks -->|Yes| StartupProbe[Execute startup probe] HealthChecks -->|No| Running StartupProbe --> StartupResult{Probepassed?} StartupResult -->|No| ProbeFailed[Container not readyIf fails too long:CrashLoopBackOff] StartupResult -->|Yes| Running[Status: Running- Container ready- Liveness probe active- Readiness probe active] Running --> ServingTraffic[Pod receives trafficAdded to Service endpoints] style PendingNoNode fill:#78350f,stroke:#f59e0b style ImagePullError fill:#7f1d1d,stroke:#ef4444 style InitFailed fill:#7f1d1d,stroke:#ef4444 style Running fill:#064e3b,stroke:#10b981 style ServingTraffic fill:#064e3b,stroke:#10b981 Part 2: Pod Creation Sequence API Server to Kubelet Communication %%{init: {'theme':'dark', 'themeVariables': {'primaryTextColor':'#e5e7eb','secondaryTextColor':'#e5e7eb','tertiaryTextColor':'#e5e7eb','textColor':'#e5e7eb','nodeTextColor':'#e5e7eb','edgeLabelText':'#e5e7eb','clusterTextColor':'#e5e7eb','actorTextColor':'#e5e7eb'}}}%% sequenceDiagram participant User as Developer participant API as API Server participant ETCD as etcd participant Sched as Scheduler participant Kubelet as Kubelet (Node) participant Runtime as Container Runtime participant Reg as Container Registry User->>API: kubectl apply -f pod.yaml Note over API: Validate Pod spec- Required fields- Resource limits- Security context API->>ETCD: Write Pod objectStatus: PendingnodeName: ETCD-->>API: Acknowledged API-->>User: Pod created Note over Sched: Watch for unscheduled Pods Sched->>API: List Pods with nodeName="" API-->>Sched: Pod list Note over Sched: Score nodes:- CPU/Memory available- Affinity rules- Taints/TolerationsBest node: node-1 Sched->>API: Bind Pod to node-1 API->>ETCD: Update Pod.spec.nodeName = "node-1" Note over Kubelet: Watch for Pods on node-1 Kubelet->>API: Get Pod specifications API-->>Kubelet: Pod details Kubelet->>Runtime: Pull image: nginx:1.21 Runtime->>Reg: Pull nginx:1.21 Reg-->>Runtime: Image layers Note over Runtime: Extract and cache image Kubelet->>Runtime: Create containerwith Pod spec config Runtime-->>Kubelet: Container created Kubelet->>Runtime: Start container Runtime-->>Kubelet: Container started Kubelet->>API: Update Pod Status:Phase: RunningcontainerStatuses: ready API->>ETCD: Save Pod status Kubelet->>Kubelet: Start health checks- Startup probe- Readiness probe- Liveness probe Note over Kubelet,Runtime: Continuous monitoringand health checking Part 3: Init Containers Init containers run before app containers and must complete successfully before the main containers start. ...