Difference between revisions of "Kind: Pod"
Jump to navigation
Jump to search
Line 9: | Line 9: | ||
[[spec.imagePullSecrets]] | [[spec.imagePullSecrets]] | ||
− | === Nginx example === | + | === [[Nginx example]] === |
{{kind pod nginx}} | {{kind pod nginx}} | ||
Line 20: | Line 20: | ||
{{kind pod resources}} | {{kind pod resources}} | ||
− | |||
== [[initContainers]] == | == [[initContainers]] == |
Revision as of 10:36, 22 October 2024
spec. spec.containers spec.initContainers spec.securityContext spec.volumes spec.nodeSelector spec.imagePullSecrets
Contents
Nginx example
apiVersion: v1 kind: Pod metadata: name: nginx labels: env: test spec: containers: - name: nginx image: nginx imagePullPolicy: IfNotPresent nodeSelector: disktype: ssd
Alpine container to access a PV:
apiVersion: v1 kind: Pod metadata: name: myalpinewithvolume spec: containers: - name: alpine image: alpine:latest command: ['ash'] tty: true stdin: true volumeMounts: - name: myvolume mountPath: /myvolume volumes: - name: myvolume persistentVolumeClaim: claimName: myPVCtoMount
https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ --- apiVersion: v1 kind: Pod metadata: name: frontend spec: containers: - name: app image: images.my-company.example/app:v4 resources: requests: memory: "64Mi" cpu: "250m" limits: memory: "128Mi" cpu: "500m" - name: log-aggregator image: images.my-company.example/log-aggregator:v6 resources: requests: memory: "64Mi" cpu: "250m" limits: memory: "128Mi" cpu: "500m"
initContainers
https://kubernetes.io/docs/concepts/workloads/pods/init-containers/#init-containers-in-use
apiVersion: v1 kind: Pod metadata: name: myapp-pod labels: app: myapp spec: containers: - name: myapp-container image: busybox:1.28 command: ['sh', '-c', 'echo The app is running! && sleep 3600'] initContainers: - name: init-myservice image: busybox:1.28 command: ['sh', '-c', "until nslookup myservice.$(cat /var/run/secrets/kubernetes.io/serviceaccount/namespace).svc.cluster.local; do echo waiting for myservice; sleep 2; done"] - name: init-mydb image: busybox:1.28 command: ['sh', '-c', "until nslookup mydb.$(cat /var/run/secrets/kubernetes.io/serviceaccount/namespace).svc.cluster.local; do echo waiting for mydb; sleep 2; done"]
securityContext
apiVersion: v1 kind: Pod metadata: name: security-context-demo spec: securityContext: runAsUser: 1000 runAsGroup: 3000 fsGroup: 2000 volumes: - name: sec-ctx-vol emptyDir: {} containers: - name: sec-ctx-demo image: busybox:1.28 command: [ "sh", "-c", "sleep 1h" ] volumeMounts: - name: sec-ctx-vol mountPath: /data/demo securityContext: allowPrivilegeEscalation: false
imagePullSecrets
apiVersion: v1 kind: Pod metadata: name: private-reg spec: containers: - name: private-reg-container image: <your-private-image> imagePullSecrets: - name: regcred
Sidecar container
apiVersion: v1 kind: Pod metadata: name: my-pod spec: containers: - name: main-container image: busybox command: ["sh", "-c", "echo 'Main process running'; sleep 30"] - name: sidecar-container image: busybox command: ["sh", "-c", "while true; do sleep 3600; done"]
Related
dnsPolicy:
- Kubernetes init containers
autoScaler:
envFrom:
LivenessProbe
lifecycle:
ports:
- Kubernetes, env:
nodeName
NodeSelector
kind: ReplicaSet
kubectl run
- Configure a Security Context for a Pod or Container
- Resource Management for Pods and Containers
- imagePullSecrets
See also
Advertising: