Pods
- A Pod is a group of one or more containers, with shared storage and network resources, and a specification for how to run the containers. Containers inside the pod share storage and network resources (IP address and ports).
- You can use workload resources to create and manage multiple Pods for you. A controller for the resource handles replication and rollout and automatic healing in case of Pod failure. Here are some examples of workload resources that manage one or more Pods: Deployment, StatefulSet, and DaemonSet. Controllers for workload resources create Pods from a pod template and manage those Pods on your behalf.
apiVersion: v1
kind: Pod
metadata:
name: nginx
spec:
containers:
- name: nginx
image: nginx:1.14.2
ports:
- containerPort: 80
- Pods follow a defined lifecycle, starting in the
Pending phase, moving through Running if at least one of its primary containers starts OK, and then through either the Succeeded or Failed phases depending on whether any container in the Pod terminated in failure. Refer Pod Phase and Container States.
- A given Pod (as defined by a UID) is never "rescheduled" to a different node; instead, that Pod can be replaced by a new, near-identical Pod, with even the same name if desired, but with a different UID.
- When something is said to have the same lifetime as a Pod, such as a volume, that means that the thing exists as long as that specific Pod (with that exact UID) exists. If that Pod is deleted for any reason, and even if an identical replacement is created, the related thing (a volume, in this example) is also destroyed and created anew.
- Debugging pods : Debug pods and Debug running pods
- Configuring pod to use PVC
- UserAccount & ServiceAccount (bots like Prometheus, and Jenkins)
- You cannot change most setting once a pod is created. But you can change the pod definition inside a deployment. As any change in pod definition will trigger the deployment process that will start updating the pods.
How to use Secrets as environment variables in a pods
https://kubernetes.io/docs/tasks/inject-data-application/distribute-credentials-secure/#define-container-environment-variables-using-secret-data