pod life - avramukk

#kubernetes Let's start with the obvious: `kubectl` sends a YAML definition to the API server. At this stage, `kubectl`: - Discovers API endpoints using OpenAPI (Swagger). - Negotiates the resource version. - Validates the YAML. - Issues a request. ![Source](https://habrastorage.org/r/w1560/getpro/habr/upload_files/84d/304/17d/84d30417d34a5429377cbff781108da6.png "Source") [Source](https://medium.com/itnext/what-happens-when-you-create-a-pod-in-kubernetes-6b789b6db8a8?source=user_profile---------1----------------------------) When the request reaches the API, it goes through the following stages: - Authentication and authorization. - Admission controllers. The request is then stored in etcd. ![Source](https://habrastorage.org/r/w1560/getpro/habr/upload_files/7af/b87/9fb/7afb879fbdcfa001336575a0c825f581.png "Source") [Source](https://medium.com/itnext/what-happens-when-you-create-a-pod-in-kubernetes-6b789b6db8a8?source=user_profile---------1----------------------------) After this, the pod is added to the scheduler queue. The scheduler filters and evaluates nodes to find the best one, and finally binds the pod to the node. This binding is recorded in etcd. ![Source](https://habrastorage.org/r/w1560/getpro/habr/upload_files/f1d/9b8/784/f1d9b8784cf05a914e6ed125cce3a5b2.png "Source") [Source](https://medium.com/itnext/what-happens-when-you-create-a-pod-in-kubernetes-6b789b6db8a8?source=user_profile---------1----------------------------) At this point, the pod only exists in etcd as a record. The infrastructure has not created any containers yet. This is where the kubelet comes into play. ![Source](https://habrastorage.org/r/w1560/getpro/habr/upload_files/76b/a82/7fb/76ba827fbbd1255680a70d4e941aed03.png "Source") [Source](https://medium.com/itnext/what-happens-when-you-create-a-pod-in-kubernetes-6b789b6db8a8?source=user_profile---------1----------------------------) The kubelet retrieves the pod definition and begins delegating tasks: 1. Creating the network with CNI (e.g., Cilium). 2. Creating the container using CRI (e.g., containerd). 3. Creating storage with CSI (e.g., OpenEBS). ![Source](https://habrastorage.org/r/w1560/getpro/habr/upload_files/d9a/0c9/28d/d9a0c928d9440ac5a409338748d6b8e3.png "Source") [Source](https://medium.com/itnext/what-happens-when-you-create-a-pod-in-kubernetes-6b789b6db8a8?source=user_profile---------1----------------------------) Additionally, the kubelet will perform pod checks and, if the pod is running, report its IP address to the control plane. This IP address and the container ports are stored in etcd as endpoints. ![Source](https://habrastorage.org/r/w1560/getpro/habr/upload_files/625/575/0f2/6255750f2130b9f0447cb17d081c6d60.png "Source") [Source](https://medium.com/itnext/what-happens-when-you-create-a-pod-in-kubernetes-6b789b6db8a8?source=user_profile---------1----------------------------) Wait... endpoints? In Kubernetes: - An endpoint is a pair (IP:port), e.g., 10.0.0.2:3000. - An Endpoint is a collection of endpoints (a list of IP:port pairs). For each service in the cluster, **Kubernetes creates an Endpoint object with the corresponding endpoints**. Confusing, right? ![Source](https://habrastorage.org/r/w1560/getpro/habr/upload_files/3a7/cd5/ad6/3a7cd5ad6286f3596b044f0ca2d3ac78.png "Source") [Source](https://medium.com/itnext/what-happens-when-you-create-a-pod-in-kubernetes-6b789b6db8a8?source=user_profile---------1----------------------------) Endpoints (IP:port) are used by: - kube-proxy for setting up iptables rules. - CoreDNS for updating DNS records. - Ingress controllers for configuring inbound traffic. - Service meshes. - Other operators. Once an endpoint is added, the components receive notifications. ![Source](https://habrastorage.org/r/w1560/getpro/habr/upload_files/a43/8bf/40c/a438bf40c48225306b2063a4e8a24c3a.png "Source") [Source](https://medium.com/itnext/what-happens-when-you-create-a-pod-in-kubernetes-6b789b6db8a8?source=user_profile---------1----------------------------) When the endpoint (IP:port) is propagated, you can finally start using the pod! What happens when you delete a pod? It's the exact same process, but in reverse order. The correct sequence is as follows: 1. The application stops accepting connections. 2. Controllers (kube-proxy, ingress, etc.) remove the endpoint. 3. The application drains existing connections. 4. The application shuts down. ![Source](https://habrastorage.org/r/w1560/getpro/habr/upload_files/30d/ba6/3c4/30dba63c47d2b9e81e4185957b7b9588.png "Source") [Source](https://medium.com/itnext/what-happens-when-you-create-a-pod-in-kubernetes-6b789b6db8a8?source=user_profile---------1----------------------------)