mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 12:46:18 +01:00
72 lines
3.3 KiB
Plaintext
72 lines
3.3 KiB
Plaintext
// Module included in the following assemblies:
|
|
//
|
|
// * nodes/nodes-pods-using.adoc
|
|
|
|
[id="nodes-pods-using-example_{context}"]
|
|
= Example pod configurations
|
|
|
|
{product-title} leverages the Kubernetes concept of a _pod_, which is one or more containers deployed together on one host, and the smallest compute unit that can be defined, deployed, and managed.
|
|
|
|
The following is an example definition of a pod. It demonstrates many features of pods, most of which are discussed in other topics and thus only briefly mentioned here:
|
|
|
|
[id="example-pod-definition_{context}"]
|
|
.`Pod` object definition (YAML)
|
|
|
|
[source,yaml]
|
|
----
|
|
kind: Pod
|
|
apiVersion: v1
|
|
metadata:
|
|
name: example
|
|
labels:
|
|
environment: production
|
|
app: abc <1>
|
|
spec:
|
|
restartPolicy: Always <2>
|
|
securityContext: <3>
|
|
runAsNonRoot: true
|
|
seccompProfile:
|
|
type: RuntimeDefault
|
|
containers: <4>
|
|
- name: abc
|
|
args:
|
|
- sleep
|
|
- "1000000"
|
|
volumeMounts: <5>
|
|
- name: cache-volume
|
|
mountPath: /cache <6>
|
|
image: registry.access.redhat.com/ubi7/ubi-init:latest <7>
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
runAsNonRoot: true
|
|
capabilities:
|
|
drop: ["ALL"]
|
|
resources:
|
|
limits:
|
|
memory: "100Mi"
|
|
cpu: "1"
|
|
requests:
|
|
memory: "100Mi"
|
|
cpu: "1"
|
|
volumes: <8>
|
|
- name: cache-volume
|
|
emptyDir:
|
|
sizeLimit: 500Mi
|
|
----
|
|
|
|
<1> Pods can be "tagged" with one or more labels, which can then be used to select and manage groups of pods in a single operation. The labels are stored in key/value format in the `metadata` hash.
|
|
<2> The pod restart policy with possible values `Always`, `OnFailure`, and `Never`. The default value is `Always`.
|
|
<3> {product-title} defines a security context for containers which specifies whether they are allowed to run as privileged containers, run as a user of their choice, and more. The default context is very restrictive but administrators can modify this as needed.
|
|
<4> `containers` specifies an array of one or more container definitions.
|
|
<5> The container specifies where external storage volumes are mounted within the container.
|
|
<6> Specify the volumes to provide for the pod. Volumes mount at the specified path. Do not mount to the container root, `/`, or any path that is the same in the host and the container. This can corrupt your host system if the container is sufficiently privileged, such as the host `/dev/pts` files. It is safe to mount the host by using `/host`.
|
|
<7> Each container in the pod is instantiated from its own container image.
|
|
<8> The pod defines storage volumes that are available to its container(s) to use.
|
|
+
|
|
If you attach persistent volumes that have high file counts to pods, those pods can fail or can take a long time to start. For more information, see link:https://access.redhat.com/solutions/6221251[When using Persistent Volumes with high file counts in OpenShift, why do pods fail to start or take an excessive amount of time to achieve "Ready" state?].
|
|
|
|
[NOTE]
|
|
====
|
|
This pod definition does not include attributes that are filled by {product-title} automatically after the pod is created and its lifecycle begins. The link:https://kubernetes.io/docs/concepts/workloads/pods/pod/[Kubernetes pod documentation] has details about the functionality and purpose of pods.
|
|
====
|