Skip to content

Pod lifecycle

The Pod lifecycle refers to the sequence of states and processes a Kubernetes Pod goes through from its initial creation to its termination.^[400-devops-06-kubernetes-k8s-ithelp-day10-readme.md]

Understanding this lifecycle is critical for managing application health and availability. A Pod acts as the fundamental deployment unit, and its status is influenced by initialization routines, restart policies, lifecycle hooks, and health probes.^[400-devops-06-kubernetes-k8s-ithelp-day10-readme.md]

Pod Phase

The high-level state of a Pod is represented by its Phase, which is typically displayed in the STATUS column when running kubectl get pods.^[400-devops-06-kubernetes-k8s-ithelp-day10-readme.md]

The possible phase values are strictly defined:

  • Pending: The Pod has been accepted by the cluster, but scheduling has not occurred, or container images are still being pulled.^[400-devops-06-kubernetes-k8s-ithelp-day10-readme.md]
  • Running: The Pod is bound to a node; all containers have been created, and at least one is running, starting, or restarting.^[400-devops-06-kubernetes-k8s-ithelp-day10-readme.md]
  • Succeeded: All containers in the Pod have terminated successfully and will not be restarted.^[400-devops-06-kubernetes-k8s-ithelp-day10-readme.md]
  • Failed: All containers have terminated, and at least one terminated in failure (non-zero exit code).^[400-devops-06-kubernetes-k8s-ithelp-day10-readme.md]
  • Unknown: The state of the Pod cannot be obtained, usually due to a communication error with the node.^[400-devops-06-kubernetes-k8s-ithelp-day10-readme.md]

Restart Policy

The restartPolicy defines how Kubernetes handles container termination within a Pod.^[400-devops-06-kubernetes-k8s-ithelp-day10-readme.md] This policy is applied by the kubelet on the specific node where the Pod is running.

Available policy values include:

  • Always: The container is restarted upon termination. This is the default value.^[400-devops-06-kubernetes-k8s-ithelp-day10-readme.md]
  • OnFailure: The container is restarted only if it terminates with an error (non-zero exit code).^[400-devops-06-kubernetes-k8s-ithelp-day10-readme.md]
  • Never: The container is never restarted.^[400-devops-06-kubernetes-k8s-ithelp-day10-readme.md]

When a restart occurs, the kubelet employs an exponential backoff delay (10s, 20s, 40s, up to a 5-minute cap), which resets after 10 minutes of successful execution.^[400-devops-06-kubernetes-k8s-ithelp-day10-readme.md] Different controllers impose restrictions on valid policies; for example, [[Deployment]] and ReplicaSet generally require Always, while [[Job]] controllers support OnFailure or Never.^[400-devops-06-kubernetes-k8s-ithelp-day10-readme.md]

Initialization Containers

Init Containers are specialized containers that run before the main application containers start.^[400-devops-06-kubernetes-k8s-ithelp-day10-readme.md]

If multiple Init containers are defined, they execute sequentially in the order they appear in the Pod's specification.^[400-devops-06-kubernetes-k8s-ithelp-day10-readme.md] All Init containers must complete successfully before the main containers are allowed to start.^[400-devops-06-kubernetes-k8s-ithelp-day10-readme.md]

Common use cases include:

  • Dependency Waiting: Waiting for a dependent service (e.g., a database) to become ready.^[400-devops-06-kubernetes-k8s-ithelp-day10-readme.md]
  • Configuration Setup: Preparing configuration files or data required by the main application.^[400-devops-06-kubernetes-k8s-ithelp-day10-readme.md]

Init containers share the same network and storage namespaces as the main containers, allowing them to coordinate and share data using [[Volumes]].^[400-devops-06-kubernetes-k8s-ithelp-day10-readme.md]

Lifecycle Hooks

Lifecycle Hooks allow specific logic to be executed at critical points in a container's lifecycle, triggered by the kubelet.^[400-devops-06-kubernetes-k8s-ithelp-day10-readme.md]

  • PostStart: Executed immediately after the container is created.^[400-devops-06-kubernetes-k8s-ithelp-day10-readme.md] There is no guarantee that this hook runs before the container's entry point (ENTRYPOINT). If this hook hangs or takes too long, the container may never reach the Running state.^[400-devops-06-kubernetes-k8s-ithelp-day10-readme.md]
  • PreStop: Executed immediately before the container is terminated.^[400-devops-06-kubernetes-k8s-ithelp-day10-readme.md] This call is synchronous and blocking, meaning the container deletion signal is not sent until the hook completes. It is commonly used for graceful shutdowns.^[400-devops-06-kubernetes-k8s-ithelp-day10-readme.md]

Health Checks

Health checks utilize Probes to diagnose the status of containers running within the Pod.^[400-devops-06-kubernetes-k8s-ithelp-day10-readme.md] These mechanisms allow the system to detect failures and prevent traffic from being routed to unhealthy instances.

Probe Handlers

To perform a check, Kubernetes supports four handler types:

  • Exec: Executes a specific command inside the container. A return code of 0 indicates success.^[400-devops-06-kubernetes-k8s-ithelp-day10-readme.md]
  • TCPSocket: Attempts to open a TCP connection to a specified port. Success is determined by whether the port is open.^[400-devops-06-kubernetes-k8s-ithelp-day10-readme.md]
  • HTTPGet: Sends an HTTP GET request to a specific IP and port. A status code between 200 and 399 indicates success.^[400-devops-06-kubernetes-k8s-ithelp-day10-readme.md]
  • gRPC: Sends a gRPC request (supported from v1.24). This requires specifying the port.^[400-devops-06-kubernetes-k8s-ithelp-day10-readme.md]

Probe Types

Three types of probes determine how the kubelet reacts to container status:

  • livenessProbe: Checks if the container is running.^[400-devops-06-kubernetes-k8s-ithelp-day10-readme.md] If this probe fails, the kubelet terminates the container, and the restart policy is triggered.
  • readinessProbe: Checks if the container is ready to serve traffic.^[400-devops-06-kubernetes-k8s-ithelp-day10-readme.md] If this probe fails, the Pod is removed from the corresponding Service endpoints, stopping traffic flow.
  • startupProbe: Checks if the application has started successfully.^[400-devops-06-kubernetes-k8s-ithelp-day10-readme.md] If configured, other probes are disabled until this one succeeds. If it fails, the kubelet terminates the container.

Sources

^[400-devops-06-kubernetes-k8s-ithelp-day10-readme.md]