8: Kubernetes Probes and Namespaces: A Comprehensive Guide with Examples
Kubernetes offers powerful features like Probes for health checks and Namespaces for resource management and isolation. Let’s dive into their functionality with practical examples.
Probes in Kubernetes
Probes allow Kubernetes to check the health and state of applications running in Pods. There are three types of probes: Startup Probe, Readiness Probe, and Liveness Probe. Here's how they work with examples.
1. Startup Probe
Purpose: Ensures the application inside a container starts successfully.
When It Runs: Only once during startup. If it fails, the Pod remains in a
Runningstate but is not marked as ready.
Example: Startup Probe
A Pod YAML file with a Startup Probe:
apiVersion: v1
kind: Pod
metadata:
name: startup-probe-example
spec:
containers:
- name: app
image: nginx
startupProbe:
httpGet:
path: /
port: 80
initialDelaySeconds: 5
periodSeconds: 10
Explanation:
initialDelaySeconds: Time to wait before starting the probe.
periodSeconds: Frequency of checks.
If the probe fails, you can debug using:
kubectl describe pod startup-probe-example
Check the Events section for probe failure details.
2. Readiness Probe
Purpose: Checks if the application is ready to serve traffic.
Behavior: If the probe fails, Kubernetes removes the Pod's IP from the Service endpoint, isolating it from traffic.
Example: Readiness Probe
A Deployment YAML file with a Readiness Probe:
apiVersion: apps/v1
kind: Deployment
metadata:
name: readiness-probe-example
spec:
replicas: 2
selector:
matchLabels:
app: readiness-app
template:
metadata:
labels:
app: readiness-app
spec:
containers:
- name: app
image: nginx
readinessProbe:
httpGet:
path: /
port: 80
periodSeconds: 5
timeoutSeconds: 2
failureThreshold: 3
Explanation:
periodSeconds: Frequency of checks.
timeoutSeconds: Time to wait for a response.
failureThreshold: Number of consecutive failures to mark the Pod as unready.
Check Pod readiness with:
kubectl get pod -l app=readiness-app
If unready, the Pod will show 0/1.
3. Liveness Probe
Purpose: Checks if the application is still running.
Behavior: If the probe fails, Kubernetes restarts the container.
Example: Liveness Probe
A Pod YAML file with a Liveness Probe:
apiVersion: v1
kind: Pod
metadata:
name: liveness-probe-example
spec:
containers:
- name: app
image: nginx
livenessProbe:
httpGet:
path: /
port: 80
initialDelaySeconds: 10
periodSeconds: 5
Explanation:
- If the
/endpoint is unreachable, Kubernetes restarts the container.
Verify restart events using:
kubectl describe pod liveness-probe-example
Namespaces in Kubernetes
A Namespace is a virtual boundary in Kubernetes to isolate resources. By default, all resources are created in the default Namespace, but creating separate Namespaces provides better organization and management.
1. Creating Namespaces
Imperative Command
kubectl create namespace dev
Declarative Method
Create a YAML file for the Namespace:
apiVersion: v1
kind: Namespace
metadata:
name: dev
Apply the file:
kubectl apply -f namespace.yaml
List all Namespaces:
kubectl get namespace
2. Deploying in a Specific Namespace
To deploy resources in the dev Namespace, use the -n flag:
kubectl apply -f deployment.yaml -n dev
Example Deployment YAML:
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
namespace: dev
spec:
replicas: 2
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx
This ensures the Deployment is isolated in the dev Namespace.
3. Setting Resource Quotas on Namespaces
Resource quotas prevent resource overuse in a Namespace.
Example: Set Quota for CPU, Memory, Pods, and Services
Command:
kubectl -n dev create quota dev-quota --hard=cpu=2,memory=3G,pods=4,services=3
Check quota details:
kubectl describe namespace dev
If you attempt to exceed the quota (e.g., by creating 5 Pods), Kubernetes will throw an error:
kubectl describe replicaset <replicaset-name>
Declarative Quota YAML:
apiVersion: v1
kind: ResourceQuota
metadata:
name: dev-quota
namespace: dev
spec:
hard:
cpu: "2"
memory: "3Gi"
pods: "4"
services: "3"
Apply the quota:
kubectl apply -f resource-quota.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
labels:
app: nginx
spec:
replicas: 2
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:latest
ports:
- containerPort: 80
resources:
requests:
memory: "100Mi"
cpu: "50m"
limits:
memory: "128Mi"
cpu: "100m"
startupProbe:
exec:
command:
- cat
- /usr/share/nginx/html/index.html
initialDelaySeconds: 5
readinessProbe:
exec:
command:
- cat
- /usr/share/nginx/html/index.html
initialDelaySeconds: 10
periodSeconds: 5
timeoutSeconds: 3
failureThreshold: 2
successThreshold: 1
livenessProbe:
exec:
command:
- cat
- /usr/share/nginx/html/index.html
initialDelaySeconds: 10
periodSeconds: 5
timeoutSeconds: 3
failureThreshold: 4
successThreshold: 1
---
apiVersion: v1
kind: Service
metadata:
name: nginx-service
labels:
app: nginx
spec:
selector:
app: nginx
ports:
- protocol: TCP
port: 80
targetPort: 80
type: ClusterIP
---
apiVersion: autoscaling/v1
kind: HorizontalPodAutoscaler
metadata:
name: k8s-autoscaler
spec:
maxReplicas: 10
minReplicas: 2
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: nginx-deployment
targetCPUUtilizationPercentage: 10
Conclusion
Kubernetes Probes and Namespaces are essential for managing containerized applications effectively.
Probes ensure application health and reliability by detecting startup issues, readiness for traffic, and operational failures.
Namespaces enable resource isolation, name conflict resolution, and quota enforcement, making them ideal for multi-team environments.
Use the examples provided to implement Probes and Namespaces in your Kubernetes clusters for better application reliability and organization.
