Table of Contents
In Kubernetes, we can run more than one container in a Pod, but as a practice, we run only one application container. Along with an application container, we can also run one or more init containers.
Kubernetes init containers run in the same Pod as the main application container, though with a separate life cycle. The pattern is often used to initialize a state or configuration for the application running in the main container.
Overview on Kubernetes init containers
- An init container is an additional container in a Pod that completes a task before the “regular” container is started
- The regular container will only be started once the init container has been started
- An init container in a Pod must run and complete before any other application containers in the Pod start.
- This is a great way to initialize a Kubernetes Pod. You can pull any files (keystores, policies, and so forth), configurations, and so on with an init container.
- Just as with any other application container, we can have more than one init container in a given Pod; but unlike an application container, each init container must run to completion before the next init container starts.
Create a Pod with initContainers
In this example we will create a Pod with
initContainers which will act as a pre-requisite to start the main container in the same Pod.
[root@controller ~]# cat pod-init-container.yml apiVersion: v1 kind: Pod metadata: name: init-container-example-1 spec: initContainers: - name: sleepy image: alpine command: ['sleep', '60'] containers: - name: web image: nginx
Next we will create a Pod using
kubectl command with this YAML file:
[root@controller ~]# kubectl create -f pod-init-container.yml pod/init-container-example-1 created
Once the Pod is created, we verify the status of this pod:
[root@controller ~]# kubectl get pods NAME READY STATUS RESTARTS AGE init-container-example-1 0/1 Init:0/1 0 3s nginx 1/1 Running 3 34h pod-as-user-guest 1/1 Running 3 33h pod-drop-chown-capability 1/1 Running 3 32h pod-privileged 1/1 Running 4 33h
It shows that the Pod is in initialization stage i.e. the task from the
initContainers is being executed currently, and once the init container is done it should be starting the nginx web server.
[root@controller ~]# kubectl get pods NAME READY STATUS RESTARTS AGE init-container-example-1 1/1 Running 0 8m nginx 1/1 Running 3 34h pod-as-user-guest 1/1 Running 3 33h pod-drop-chown-capability 1/1 Running 3 33h pod-privileged 1/1 Running 4 33h
nginx web server has started in the
How initContainers work
- During Pod startup, the
kubeletdelays running init containers until the networking and storage are ready. Then the kubelet runs the Pod’s init containers in the order they appear in the Pod’s spec.
- Each init container must exit successfully before the next container starts. If a container fails to start due to the runtime or exits with failure, it is retried according to the Pod
restartPolicy. However, if the Pod
restartPolicyis set to
Always, the init containers use
- A Pod cannot be Ready until all init containers have succeeded. The ports on an init container are not aggregated under a Service. A Pod that is initializing is in the Pending state but should have a condition Initialized set to true.
- If the Pod restarts, or is restarted, all init containers must execute again.
How initContainers are different from normal Containers
- Init containers support all the fields and features of app containers, including resource limits, volumes, and security settings. However, the resource requests and limits for an init container are handled differently
- Also, init containers do not support lifecycle, livenessProbe, readinessProbe, or startupProbe because they must run to completion before the Pod can be ready.
- If you specify multiple init containers for a Pod, Kubelet runs each init container sequentially. Each init container must succeed before the next can run. When all of the init containers have run to completion, Kubelet initializes the application containers for the Pod and runs them as usual
In this Kubernetes tutorial we learned about
initContainer and it’s usage in Kubernetes Cluster nodes. A Pod can have multiple containers running apps within it, but it can also have one or more init containers, which are run before the app containers are started. Init containers are exactly like regular containers, except:
- Init containers always run to completion.
- Each init container must complete successfully before the next one starts.