Working with containers.
Before you can refer to a Kubernetes pod,
in a deployment in a cluster you must create a Docker image and push it to a registry.
Kubernetes works with a number of different private registries.
In this course you use the IBM Container Service on IBM Cloud or Bluemix.
Docker stores keys for private registries in its HOME directory,
either in.dockercfg file or under.docker/config.json file.
If you put this file in the home directory of
user route on a kubelet then Docker will use it.
You can create a Kubernete secret object to store
a registry key by using the Kube control create secret command.
This approach is recommended for any cloud providers where node creation is automated.
Pods can only reference image pull secrets in their own namespace.
So this process needs to be done one time per namespace.
A kubelet can periodically run
a diagnostic probe on a container
by calling a handler that is implemented by the container.
There are different types of handlers,
an approach can return a result of success, failure or unknown.
A livenessProbe indicates whether the container is running.
If the livenessProbe fails,
the kubelet kills the container,
and the container is subjected to its restart policy.
If a container does not provide a livenessProbe the default state is success.
For example, if a probe fails and you want the container to be stopped and restarted,
you can add a liveness probe to the deployment configuration
and specify a restart policy of always or on failure.
There is also a readinessProbe,
which indicates whether the container is ready to service requests.
If the readinessProbe fails the endpoints controller removes
the pods IP address from the endpoints of all services that match the pod.
The default state of readiness before the initial delay is failure.
If a container does not provide a readinessProbe,
the default state is success.
For example, if you want to send traffic to a pod only when
a probe succeeds at a readinessProbe to the deployment configuration.
In this case the pod will start without receiving
any traffic and only start receiving traffic after the probe succeeds.
Kubernetes supports many capabilities for working with containers.
These tasks include, assigning memory and CPU resources to containers,
configuring a pod to use a volume for storage,
configuring a security context for a pod or a container,
pulling an image from a private registry,
configuring a container by using a configMap,
using configMap data in a pod,
attaching handlers to container lifecycle events,
configuring liveness and readiness probes and more.
Many of these tasks are covered in
more detail in the tutorials and other modules of this course.