Your first Kubernetes Pod and ReplicaSet (LABS)
Published on

Your first Kubernetes Pod and ReplicaSet (LABS)

Author
Written by Peter Jausovec
    Contents
  1. Running your first Kubernetes Pods
  2. Keeping the Pods running with ReplicaSets
  3. Zero-downtime deployments
  4. Cleanup
Discuss on Discord
In this lab, you'll create your first Kubernetes Pod. This lab assumes you've access to a Kubernetes cluster. You can go through the Creating a Kubernetes cluster in Google Cloud lab to create a Kubernetes cluster.

Running your first Kubernetes Pods

Let's start by creating your first Pod.
apiVersion: v1
kind: Pod
metadata:
  name: hello-pod
  labels:
    app.kubernetes.io/name: hello
spec:
  containers:
    - name: hello-container
      image: busybox
      command: ['sh', '-c', 'echo Hello from my container! && sleep 3600']
Save the above YAML to pod.yaml and use the following command to create the Pod:
kubectl apply -f pod.yaml
If all goes well, you will get the following output:
pod/hello-pod created
Kubernetes responds with the resource type and the name of the Pods that it created. You can use the command kubectl get pods to list all Pods running the default namespace of the cluster.
$ kubectl get pods
NAME        READY   STATUS    RESTARTS   AGE
hello-pod   1/1     Running   0          7s
You can use the logs command to see the output from the container running inside the Pod:
$ kubectl logs hello-podHello from my container!

Note

When running multiple containers running inside the same Pod, you can use the -c flag to specify the container name whose logs you want to get. For example: kubectl logs hello-pod -c hello-container
If we delete this Pod using kubectl delete pod hello-pod, the Pod will be gone forever because nothing would automatically restart it.
If you run the kubectl get pods again, you will notice the Pod is gone:
$ kubectl get pods
No resources found in default namespace.
Not automatically recreating the Pod is the opposite of the behavior we want. If you have your containers running in a Pod, you want Kubernetes to reschedule and restart them if something goes wrong automatically.

Keeping the Pods running with ReplicaSets

The job of a ReplicaSet is to maintain a stable number of pod copies or replicas. The ReplicaSet controller guarantees that a specified number of identical Pods is running at all times. We can control and configure the number of replicas with the replicas field in the resource definition.
To create the pods, ReplicaSet uses the pod template that's part of the resource definition. If you start with a single pod and you want to scale to 5 pods, the ReplicaSet controller uses that current state (one pod) in the cluster and goes and creates four more pods to meet the desired state (5 pods). The ReplicaSet also keeps an eye on the pods, so if you delete one or scale it up or down, it will do the necessary to meet the desired number of replicas.
You can read more about ReplicaSets in the Getting start with Kubernetes article.
Let's look at an example.
apiVersion: apps/v1
kind: ReplicaSet
metadata:
  name: hello
  labels:
    app.kubernetes.io/name: hello
spec:
  replicas: 5
  selector:
    matchLabels:
      app.kubernetes.io/name: hello
  template:
    metadata:
      labels:
        app.kubernetes.io/name: hello
    spec:
      containers:
        - name: hello-container
          image: busybox
          command: ['sh', '-c', 'echo Hello from my container! && sleep 3600']
Save the above YAML to replicaset.yaml and use the following command to create the ReplicaSet:
kubectl apply -f replicaset.yaml
You can view the ReplicaSet by running the following command:
$ kubectl get replicaset
NAME    DESIRED   CURRENT   READY   AGE
hello   5         5         5       30s
The command will show you the name of the ReplicaSet and the number of desired, current, and ready Pod replicas. If you list the Pods, you will notice that five Pods are running:
$ kubectl get po
NAME          READY   STATUS    RESTARTS   AGE
hello-dwx89   1/1     Running   0          31s
hello-fchvr   1/1     Running   0          31s
hello-fl6hd   1/1     Running   0          31s
hello-n667q   1/1     Running   0          31s
hello-rftkf   1/1     Running   0          31s
We can also list the Pods by their labels. For example, if we run kubectl get po -l=app.kubernetes.io/name=hello, we will get all Pods that have app.kubernetes.io/name: hello label set. The output includes the five Pods we created.
Let's also look at the ownerReferences field. We can use the -o yaml flag to get the YAML representation of any object in Kubernetes. Once we get the YAML, we will search for the ownerReferences string:
$ kubectl get po hello-dwx89 -o yaml | grep -A5 ownerReferences
---
ownerReferences:
  - apiVersion: apps/v1
    blockOwnerDeletion: true
    controller: true
    kind: ReplicaSet
    name: hello
In the ownerReferences, Kubernetes sets the name to hello, and the kind to ReplicaSet. The name corresponds to the ReplicaSet that owns the Pod.
Notice how we used po in the command to refer to Pods? Some Kubernetes resources have short names you can use in place of the 'full names'. You can use po when you mean pods or deploy when you mean deployment. To get the full list of supported short names, you can run kubectl api-resources.
Another thing you will notice is how the Pods are named. Previously, where we were creating a single Pod directly, the Pod's name was hello-pod, because that's what we specified in the YAML. Using the ReplicaSet, Kubernetes names the Pods using the combination of the ReplicaSet name (hello) and a semi-random string such as dwx89, fchrv and so on.
Let's try and delete one of the Pods. To delete a resource from Kubernetes you use the delete keyword followed by the resource (e.g. pod) and the resource name hello-dwx89 (note that your Pod will have a different name):
$ kubectl delete po hello-dwx89
pod "hello-dwx89" deleted
Once we've deleted the Pod, we can run kubectl get pods again. Did you notice something? There are still five Pods running.
$ kubectl get po
NAME          READY   STATUS    RESTARTS   AGE
hello-fchvr   1/1     Running   0          14m
hello-fl6hd   1/1     Running   0          14m
hello-n667q   1/1     Running   0          14m
hello-rftkf   1/1     Running   0          14m
hello-vctkh   1/1     Running   0          48s
If you look at the AGE column, you will notice four Pods created 14 minutes ago and one created more recently. ReplicaSet created this new Pod. When we deleted one Pod, the number of actual replicas decreased from five to four. The replica set controller detected that and created a new Pod to match the replicas' desired number (5).
Let's try something different now. We will manually create a Pod with labels that match the ReplicaSets selector labels (app.kubernetes.io/name: hello).
apiVersion: v1
kind: Pod
metadata:
  name: stray-pod
  labels:
    app.kubernetes.io/name: hello
spec:
  containers:
    - name: stray-pod-container
      image: busybox
      command: ['sh', '-c', 'echo Hello from stray pod! && sleep 3600']
Save the above YAML in the stray-pod.yaml file, then create the Pod by running:
$ kubectl apply -f stray-pod.yaml
pod/stray-pod created
The Pod gets created, and all looks good. However, if you run kubectl get pods you will notice that the stray-pod has disappeared. What happened?
The ReplicaSet makes sure only five Pod replicas are running. When we manually created the stray-pod with the label app.kubernetes.io/name=hello that matches the selector label on the ReplicaSet, the ReplicaSet took that new Pod for its own. Remember, the manually created Pod didn't have the owner. With this new Pod under ReplicaSets' management, the number of replicas was six and not five, as stated in the ReplicaSet. Therefore, the ReplicaSet did what it's supposed to do; it deleted the new Pod to maintain the desired state of five replicas.

Zero-downtime deployments

When you've updated your applications in production, it is desired that the deployment/update you do is a zero-downtime update. That means that no production traffic is interrupted when you release the new version of the application.
Unfortunately, we can't zero-downtime updates with a replica set. At least not in a zero-downtime manner.
Let's say we want to change the Docker image used in the original replica set from busybox to busybox:1.31.1. We could use kubectl edit rs hello to open the replica set YAML in the editor, then update the image value.
Once you save the changes - nothing will happen. Five Pods will still keep running as if nothing has happened. Let's check the image used by one of the Pods:
$ kubectl describe po hello-fchvr | grep image
  Normal  Pulling    14m        kubelet, docker-desktop  Pulling image "busybox"
  Normal  Pulled     13m        kubelet, docker-desktop  Successfully pulled image "busybox"
Notice it's referencing the busybox image, but there's no sign of the busybox:1.31.1 anywhere. Let's see what happens if we delete this same Pod:
$ kubectl delete po hello-fchvr
pod "hello-fchvr" deleted
We already know that ReplicaSet will bring up a new Pod (hello-q8fnl in this case) to match the desired replica count from the previous test we did. If we run describe against the new Pod that came up, you will notice how the image has changed:
$ kubectl describe po hello-q8fnl | grep image
  Normal  Pulling    74s        kubelet, docker-desktop  Pulling image "busybox:1.31"
  Normal  Pulled     73s        kubelet, docker-desktop  Successfully pulled image "busybox:1.31"
A similar thing will happen if we delete the other Pods still using the old image (busybox). The ReplicaSet would start new Pods, and this time, the Pods would use the new image busybox:1.31.1.
We can use another resource to manage the ReplicaSets, allowing us to update Pods in a controlled manner. Changing the image name can start Pods using the new image names in a controlled way. This resource is called a Deployment.

Cleanup

To delete all Pods, you need to delete the ReplicaSet by running: kubectl delete rs hello. rs is the short name for replicaset. If you list the Pods (kubectl get po) right after you issued the delete command, you will see the Pods getting terminated:
NAME          READY   STATUS        RESTARTS   AGE
hello-fchvr   1/1     Terminating   0          18m
hello-fl6hd   1/1     Terminating   0          18m
hello-n667q   1/1     Terminating   0          18m
hello-rftkf   1/1     Terminating   0          18m
hello-vctkh   1/1     Terminating   0          7m39s
Once the replica set terminates all Pods, they will be gone, and so will be the ReplicaSet.
Join the discussion
SHARE THIS ARTICLE
Peter Jausovec

Peter Jausovec

Peter Jausovec is a platform advocate at Solo.io. He has more than 15 years of experience in the field of software development and tech, in various roles such as QA (test), software engineering and leading tech teams. He's been working in the cloud-native space, focusing on Kubernetes and service meshes, and delivering talks and workshops around the world. He authored and co-authored a couple of books, latest being Cloud Native: Using Containers, Functions, and Data to Build Next-Generation Applications.

Related posts

Kubernetes Network Policy
Kubernetes

Kubernetes Network Policy

Using the NetworkPolicy resource, you can control the traffic flow for your applications in the cluster, at the IP address level or port level (OSI layer 3 or 4).

Peter Jausovec

Peter Jausovec

Managing service meshes with Meshery
Service Mesh

Managing service meshes with Meshery

If you ever wanted to quickly evaluate service meshes and even run a couple of performace tests, you might want to look into Meshery. Meshery is a multi-service mesh management plane for lifecycle, config and performance management of service meshes.

Peter Jausovec

Peter Jausovec

Setting up SSL certificates with Istio Gateway
Service Mesh

Setting up SSL certificates with Istio Gateway

SSL certificates are a must these days. They helps protect the data being sent between the server and the client by encrypting it, which gives your website more credibility. In this blog post I will explore a couple of different ways you can obtain SSL certificates and configure the Istio Gateway to use them.

Peter Jausovec

Peter Jausovec

Zero Downtime Releases using Kubernetes and Istio
Service Mesh

Zero Downtime Releases using Kubernetes and Istio

The idea behind zero downtime release is to release a new version of the service, without affecting any users — i.e., users don't even know when a new version of the service is released. A practical example would be if you have a website running, how can you can you release a new version without taking the site down?

Peter Jausovec

Peter Jausovec

How to Deploy Traefik Proxy Using Flux and GitOps Principles
General

How to Deploy Traefik Proxy Using Flux and GitOps Principles

GitOps makes configuration management seamless by creating a single source of truth for configuration changes so that changes can be transparent, validated, and low-risk. This article and this GitHub repository will show you how Traefik Proxy and Flux can work together to help you implement GitOps principles. But before we jump in, what are these tools, and how do they help?

Jakub Hajek

Jakub Hajek

Creating a Kubernetes cluster in Google Cloud (LAB)
Kubernetes

Creating a Kubernetes cluster in Google Cloud (LAB)

In this first lab in the series of Kubernetes labs, we'll learn how to create a Kubernetes cluster in Google Cloud

Peter Jausovec

Peter Jausovec

;