4 Pods

 

This chapter covers

  • An introduction to pods
  • Managing multiple containers within a pod
  • Using volumes with pods

Podman is short for Pod Manager. A pod is a concept popularized by the Kubernetes project; it is a group of one or more containers working together for a common purpose and sharing the same namespaces and cgroups (resource constraints). Additionally, Podman ensures that on SELinux machines, all container processes within a pod share the same SELinux labels. This means they can all work together from an SELinux point of view.

4.1 Running pods

Podman pods (see figure 4.1), just like Kubernetes Pods, always include a container called the infra container—sometimes called the pause container (not to be confused with the rootless pause container mentioned in section 5.2). The infra container only holds open the namespaces and cgroups from the kernel, allowing containers to come and go within the pod. When Podman adds a container to a pod, it adds the container process to the cgroups and namespaces. Notice that the infra container has a container monitor process, conmon, monitoring it. Every container within a pod has its own conmon.

Conmon is a lightweight C program that monitors the container until it exits, allowing the Podman executable to exit and reconnect to the container. Conmon does the following when monitoring the container:

4.2 Creating a pod

4.3 Adding a container to a pod

4.4 Starting a pod

4.5 Stopping a pod

4.6 Listing pods

4.7 Removing pods

Summary

sitemap