IT 잡지식/DevOps

[CKA] KodeKloud - Multi Container PODs

쯀리♥️ 2024. 7. 5. 01:02

 

 

안녕하세요, 쯀리입니다.

오늘은Multi Container PODs에 대해 알아보겠습니다. 
보통 하나의 파드에 하나의 컨테이너가 실행되는 것이 대다수인데 여러개의 컨테이너를 하나의 Pod에 배포하는것에 대해 알아볼게요.

https://kubernetes.io/docs/tasks/access-application-cluster/communicate-containers-same-pod-shared-volume/

 

Communicate Between Containers in the Same Pod Using a Shared Volume

This page shows how to use a Volume to communicate between two Containers running in the same Pod. See also how to allow processes to communicate by sharing process namespace between containers. Before you begin You need to have a Kubernetes cluster, and t

kubernetes.io

 


 

Multi-Container Pods

Kubernetes에서 Multi-Container Pods는 하나의 Pod 안에 여러 개의 컨테이너를 포함하는 것을 의미합니다. Pod는 Kubernetes에서 가장 작은 배포 단위로, 하나 이상의 컨테이너를 포함할 수 있습니다. Multi-Container Pod는 여러 컨테이너가 서로 밀접하게 협력하며 동작해야 할 때 유용합니다.

Multi-Container Pod의 사용 사례

  1. Sidecar 패턴: 주 컨테이너의 기능을 보조하기 위해 보조 컨테이너를 사용하는 패턴입니다. 예를 들어, 로깅, 데이터 수집, 프록시 등의 역할을 할 수 있습니다.
  2. Ambassador 패턴: 주 컨테이너를 대신하여 네트워크 요청을 처리하는 역할을 합니다.
  3. Adapter 패턴: 주 컨테이너의 출력을 다른 형식으로 변환하는 역할을 합니다.

Quiz

1. Identify the number of containers created in the red pod.

controlplane ~ ➜  k describe pod red
Name:             red
....
Containers:
  apple:
    Container ID:  
    Image:         busybox
    Image ID:      
    Port:          <none>
    Host Port:     <none>
    Command:
      sleep
      4500
    State:          Waiting
      Reason:       ContainerCreating
    Ready:          False
    Restart Count:  0
    Environment:    <none>
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-npq8n (ro)
  wine:
    Container ID:  
    Image:         busybox
    Image ID:      
    Port:          <none>
    Host Port:     <none>
    Command:
      sleep
      4500
    State:          Waiting
      Reason:       ContainerCreating
    Ready:          False
    Restart Count:  0
    Environment:    <none>
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-npq8n (ro)
  scarlet:
    Container ID:  
    Image:         busybox
    Image ID:      
    Port:          <none>
    Host Port:     <none>
    Command:
      sleep
      4500
    State:          Waiting
      Reason:       ContainerCreating
    Ready:          False
    Restart Count:  0
    Environment:    <none>
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-npq8n (ro)

apple, wine, scarlet 이렇게 3개가 있네요

2. Identify the name of the containers running in the blue pod.

Containers:
  teal:
    Container ID:  containerd://b7bc24496e9b0c0e5237d28eee4a1cc58c885ea76b8a6f4215e0fe7bb347415c
    Image:         busybox
    Image ID:      docker.io/library/busybox@sha256:9ae97d36d26566ff84e8893c64a6dc4fe8ca6d1144bf5b87b2b85a32def253c7
    Port:          <none>
    Host Port:     <none>
    Command:
      sleep
      4500
    ....
  navy:
    Container ID:  containerd://bc7321a7573f03e3ce16c164d73082b4c7e4d7715d6906c4fba04f42ca8a5317
    Image:         busybox
    Image ID:      docker.io/library/busybox@sha256:9ae97d36d26566ff84e8893c64a6dc4fe8ca6d1144bf5b87b2b85a32def253c7
    Port:          <none>
    Host Port:     <none>
    Command:
      sleep
      4500
    ...

배포되어있는 컨테이너는 teal & navy 입니다.

3. Create a multi-container pod with 2 containers.
Use the spec given below:
If the pod goes into the crashloopbackoff then add the command sleep 1000 in the lemon container.

Name: yellow
Container 1 Name: lemon
Container 1 Image: busybox
Container 2 Name: gold
Container 2 Image: redis
controlplane ~ ➜  cat multi-con.yaml 
apiVersion: v1
kind: Pod
metadata:
  name: yellow
spec:
  restartPolicy: Never
  containers:

  - name: lemon
    image: busybox
    command: 
      - "sleep"
      - "1000"

  - name: gold
    image: redis

 

5. We have deployed an application logging stack in the elastic-stack namespace. Inspect it.

controlplane ~ ➜  k get pods -n elastic-stack
NAME             READY   STATUS    RESTARTS   AGE
app              1/1     Running   0          11m
elastic-search   1/1     Running   0          11m
kibana           1/1     Running   0          11m

 

6. Once the pod is in a ready state, inspect the Kibana UI using the link above your terminal. There shouldn't be any logs for now. We will configure a sidecar container for the application to send logs to Elastic Search.
You can inspect the Kibana logs by running:

 
kubectl -n elastic-stack logs kibana

 

7. Inspect the app pod and identify the number of containers in it.
It is deployed in the elastic-stack namespace.

controlplane ~ ✖ k describe po app -n elastic-stack
Name:             app
Namespace:        elastic-stack
Priority:         0
Service Account:  default
Node:             controlplane/192.35.64.6
Start Time:       Thu, 04 Jul 2024 15:34:19 +0000
Labels:           name=app
Annotations:      <none>
Status:           Running
IP:               10.244.0.4
IPs:
  IP:  10.244.0.4
Containers:
  app:
    Container ID:   containerd://123485ad14b8e2a217633724e2ee4240694bff47fc81bc6cb123f5722e1e15f9
    Image:          kodekloud/event-simulator
    Image ID:       docker.io/kodekloud/event-simulator@sha256:1e3e9c72136bbc76c96dd98f29c04f298c3ae241c7d44e2bf70bcc209b030bf9
    Port:           <none>
    Host Port:      <none>
  ....

1개 

8. The application outputs logs to the file /log/app.log. View the logs and try to identify the user having issues with Login. Inspect the log file inside the pod.

controlplane ~ ➜  k exec -it app -n elastic-stack -c app -- cat /log/app.log | grep Login
[2024-07-04 15:34:30,019] WARNING in event-simulator: USER5 Failed to Login as the account is locked due to MANY FAILED ATTEMPTS.
[2024-07-04 15:34:35,025] WARNING in event-simulator: USER5 Failed to Login as the account is locked due to MANY FAILED ATTEMPTS.

User5이 문제입니다!

9. Edit the pod in the elastic-stack namespace to add a sidecar container to send logs to Elastic Search. Mount the log volume to the sidecar container.

https://kubernetes.io/docs/tasks/access-application-cluster/communicate-containers-same-pod-shared-volume/

 

Communicate Between Containers in the Same Pod Using a Shared Volume

This page shows how to use a Volume to communicate between two Containers running in the same Pod. See also how to allow processes to communicate by sharing process namespace between containers. Before you begin You need to have a Kubernetes cluster, and t

kubernetes.io

Only add a new container. Do not modify anything else. Use the spec provided below.

Name: app
Container Name: sidecar
Container Image: kodekloud/filebeat-configured
Volume Mount: log-volume
Mount Path: /var/log/event-simulator/
Existing Container Name: app
Existing Container Image: kodekloud/event-simulator
 
---
apiVersion: v1
kind: Pod
metadata:
  name: app
  namespace: elastic-stack
  labels:
    name: app
spec:
  containers:
  - name: app
    image: kodekloud/event-simulator
    volumeMounts:
    - mountPath: /log
      name: log-volume

  - name: sidecar
    image: kodekloud/filebeat-configured
    volumeMounts:
    - mountPath: /var/log/event-simulator/
      name: log-volume

  volumes:
  - name: log-volume
    hostPath:
      # directory location on host
      path: /var/log/webapp
      # this field is optional
      type: DirectoryOrCreate

하나의 파드에 하나의 컨테이너에 대한 것만 익히다가 다중 컨테이너 사용을 보니 새롭습니다. 

Multi-Container Pod의 특징

  1. 단일 네트워크 네임스페이스: 동일한 Pod 내의 모든 컨테이너는 같은 네트워크 네임스페이스를 공유하므로, localhost로 서로 통신할 수 있습니다.
  2. 공유 볼륨: 같은 Pod 내의 컨테이너는 동일한 볼륨을 마운트하여 데이터를 공유할 수 있습니다.
  3. 공동 스케줄링: Pod의 모든 컨테이너는 동일한 노드에 배치되며, 같이 스케줄링됩니다.

다음시간에는 init Containers에 관해 알아보겠습니다. 

 


참조

 Udemy Labs - Certified Kubernetes Administrator with Practice Tests