How to use Kubernetes init containers with examples


Kubernetes Tutorial

In Kubernetes, we can run more than one container in a Pod, but as a practice, we run only one application container. Along with an application container, we can also run one or more init containers.

Kubernetes init containers run in the same Pod as the main application container, though with a separate life cycle. The pattern is often used to initialize a state or configuration for the application running in the main container.

 

Overview on Kubernetes init containers

  • An init container is an additional container in a Pod that completes a task before the "regular" container is started
  • The regular container will only be started once the init container has been started
  • An init container in a Pod must run and complete before any other application containers in the Pod start.
  • This is a great way to initialize a Kubernetes Pod. You can pull any files (keystores, policies, and so forth), configurations, and so on with an init container.
  • Just as with any other application container, we can have more than one init container in a given Pod; but unlike an application container, each init container must run to completion before the next init container starts.

 

Create a Pod with initContainers

In this example we will create a Pod with initContainers which will act as a pre-requisite to start the main container in the same Pod.

[root@controller ~]# cat pod-init-container.yml
apiVersion: v1
kind: Pod
metadata:
  name: init-container-example-1
spec:
  initContainers:
  - name: sleepy
    image: alpine
    command: ['sleep', '60']
  containers:
  - name: web
    image: nginx

Next we will create a Pod using kubectl command with this YAML file:

[root@controller ~]# kubectl create -f pod-init-container.yml
pod/init-container-example-1 created

Once the Pod is created, we verify the status of this pod:

[root@controller ~]# kubectl get pods
NAME                        READY   STATUS     RESTARTS   AGE
init-container-example-1    0/1     Init:0/1   0          3s
nginx                       1/1     Running    3          34h
pod-as-user-guest           1/1     Running    3          33h
pod-drop-chown-capability   1/1     Running    3          32h
pod-privileged              1/1     Running    4          33h

It shows that the Pod is in initialization stage i.e. the task from the initContainers is being executed currently, and once the init container is done it should be starting the nginx web server.

[root@controller ~]# kubectl get pods
NAME                        READY   STATUS    RESTARTS   AGE
init-container-example-1    1/1     Running   0          8m
nginx                       1/1     Running   3          34h
pod-as-user-guest           1/1     Running   3          33h
pod-drop-chown-capability   1/1     Running   3          33h
pod-privileged              1/1     Running   4          33h

So our nginx web server has started in the init-container-example-1 Pod.

 

How initContainers work

  • During Pod startup, the kubelet delays running init containers until the networking and storage are ready. Then the kubelet runs the Pod's init containers in the order they appear in the Pod's spec.
  • Each init container must exit successfully before the next container starts. If a container fails to start due to the runtime or exits with failure, it is retried according to the Pod restartPolicy. However, if the Pod restartPolicy is set to Always, the init containers use restartPolicy OnFailure.
  • A Pod cannot be Ready until all init containers have succeeded. The ports on an init container are not aggregated under a Service. A Pod that is initializing is in the Pending state but should have a condition Initialized set to true.
  • If the Pod restarts, or is restarted, all init containers must execute again.

 

How initContainers are different from normal Containers

  • Init containers support all the fields and features of app containers, including resource limits, volumes, and security settings. However, the resource requests and limits for an init container are handled differently
  • Also, init containers do not support lifecycle, livenessProbe, readinessProbe, or startupProbe because they must run to completion before the Pod can be ready.
  • If you specify multiple init containers for a Pod, Kubelet runs each init container sequentially. Each init container must succeed before the next can run. When all of the init containers have run to completion, Kubelet initializes the application containers for the Pod and runs them as usual

 

Conclusion

In this Kubernetes tutorial we learned about initContainer and it's usage in Kubernetes Cluster nodes. A Pod can have multiple containers running apps within it, but it can also have one or more init containers, which are run before the app containers are started. Init containers are exactly like regular containers, except:

  • Init containers always run to completion.
  • Each init container must complete successfully before the next one starts.
Deepak Prasad

Deepak Prasad

He is the founder of GoLinuxCloud and brings over a decade of expertise in Linux, Python, Go, Laravel, DevOps, Kubernetes, Git, Shell scripting, OpenShift, AWS, Networking, and Security. With extensive experience, he excels in various domains, from development to DevOps, Networking, and Security, ensuring robust and efficient solutions for diverse projects. You can connect with him on his LinkedIn profile.

Can't find what you're searching for? Let us assist you.

Enter your query below, and we'll provide instant results tailored to your needs.

If my articles on GoLinuxCloud has helped you, kindly consider buying me a coffee as a token of appreciation.

Buy GoLinuxCloud a Coffee

For any other feedbacks or questions you can send mail to admin@golinuxcloud.com

Thank You for your support!!

Leave a Comment