There are two perspectives on the question of what a pod is. One perspective is from Kubernetes. Here, a pod is the atomic unit of scheduling.
On the other hand, if you look at a running Linux system, there are really no such things as containers or pods. Even what you call containers are at the end of the day just Linux processes with isolated views and restricted resources. These isolations resp. restrictions are based on some Linux technologies which include:
- Namespaces: Namespaces provide a way to isolate resources at the kernel level, such as process ID (PID) namespaces, network namespaces, and mount namespaces. Each container gets its own set of namespaces, which isolates it from other containers and the host system.
- Control groups (cgroups): Control groups allow the system to limit the resources that a container can use, such as CPU, memory, and disk I/O. Cgroups ensure that a container does not consume more resources than it is allowed and prevent it from affecting the performance of other containers and the host system.
So, Containers as everyone knows them are normal processes that are executed using namespaces and cgroups. If you use Docker to run a single application in a container, then Docker creates cgroups and namespaces automatically and you get containers as shown in the following image.
However, with a few more parameters, you can create a container that runs multiple applications that share the same network namespace and can communicate with each other via localhost. First you start a container with a single webserver:
$ docker run -d --ipc="shareable" --name nginx -v `pwd`/nginx.conf:/etc/nginx/nginx.conf -p 8080:80 nginx
using this *.conf-file:
error_log stderr;
events { worker_connections 1024; }
http {
access_log /dev/stdout combined;
server {
listen 80 default_server;
server_name example.com www.example.com;
location / {
proxy_pass http://127.0.0.1:2368;
}
}
server_tokens off;
}
Then you join this namespace with a second application:
$ docker run -d --name some-ghost --net=container:nginx --ipc=container:nginx --pid=container:nginx -e NODE_ENV=development ghost
Hopefully now it becomes clearer what a pod is. Pods define the containers you want to launch and Kubernetes or better the container runtime takes care of creating the namespaces and groups in the right way.