Key Takeaways
- Pods are Atomic: The smallest deployable unit. Containers within a Pod share IP addresses, network namespaces, and volumes. The hidden “pause” container maintains this shared environment.
- ReplicaSets are the Thermostat: They constantly reconcile the current state of the cluster with the desired state by comparing running Pods to the specified replica count using Labels.
- Deployments Manage Releases: You rarely create Pods or ReplicaSets directly. Deployments provide declarative updates (RollingUpdate, Recreate) and rollback history for your application releases.
- Namespaces Provide Isolation: They partition a single physical cluster into multiple virtual clusters. Crucial for multi-tenancy and applying ResourceQuotas.
- Labels are the Glue: Kubernetes relies on metadata (key-value pairs) rather than hardcoded IDs to link objects together.
Flashcards
What is the role of the "Pause" Container?
It holds the Network and IPC namespaces open for the Pod.
What is the default update strategy for a Deployment?
RollingUpdate.
Are Namespaces themselves namespaced?
No, they are cluster-scoped objects.
How does a ReplicaSet find the Pods it manages?
Using Label Selectors.
Cheat Sheet
| Object | Purpose | Scalability | Rollbacks |
|---|---|---|---|
| Pod | Runs containers (atomic unit). | None (Static) | No |
| ReplicaSet | Ensures N Pods are running. | Yes (Manual) | No |
| Deployment | Manages ReplicaSets and Releases. | Yes | Yes (Maintains history) |
| Namespace | Isolates cluster resources. | N/A | N/A |
Quick Revision
- Use
kubectl rollout undo deployment/<name>to rollback a failed deployment instantly. - InitContainers run to completion before main containers start.
- The
kube-systemnamespace is for Kubernetes control plane components. Avoid deploying user apps there. matchExpressionsallow for set-based label queries (e.g.,In,NotIn).
Next Steps
Now that you understand the core objects that run workloads, it is time to expose them to the outside world. Proceed to 03 Configuration.