Kubernetes Pods & Services Explained
Kubernetes (K8s) is the industry-standard container orchestration platform, but its concepts can be overwhelming for newcomers. This guide covers the core building blocks — pods, services, deployments, and namespaces — and how they work together to run your applications reliably at scale.
Containers and Pods
A container is a lightweight, isolated process running your application. A pod is the smallest deployable unit in Kubernetes — it wraps one or more containers that share network and storage. Most pods contain a single container, but sidecar patterns (logging agent, proxy) put multiple containers in one pod. Pod containers share an IP address and can communicate via localhost.
Pod Lifecycle
Pods go through phases: Pending (waiting to be scheduled), Running (at least one container is running), Succeeded (all containers exited successfully), Failed (a container exited with an error), and Unknown (status cannot be determined). Pods are ephemeral — they are not repaired, they are replaced. If a pod fails, a controller creates a new one. This disposability is a core Kubernetes principle. Use the JSON Formatter to inspect pod spec YAML/JSON definitions.
Deployments and ReplicaSets
You rarely create pods directly. A Deployment manages a set of identical pods through a ReplicaSet. You specify the desired number of replicas, and the Deployment ensures that many pods are always running. If a pod crashes, the ReplicaSet creates a new one. Deployments also manage rolling updates — gradually replacing old pods with new ones to achieve zero-downtime deployments.
apiVersion: apps/v1
kind: Deployment
metadata:
name: web
spec:
replicas: 3
selector:
matchLabels:
app: web
template:
spec:
containers:
- name: web
image: myapp:v2
ports:
- containerPort: 8080
Services: Accessing Your Pods
Pods have dynamic IP addresses that change when pods are replaced. A Service provides a stable network endpoint that routes traffic to a set of pods selected by labels. Service types include: ClusterIP (internal access only, the default), NodePort (exposes on each node's IP), LoadBalancer (provisions a cloud load balancer), and ExternalName (DNS alias to an external service). Use the IP Lookup tool to understand IP addressing and network concepts.
Labels and Selectors
Labels are key-value pairs attached to Kubernetes objects: app: web, env: production, version: v2. Selectors match labels to connect resources — a Service with selector app: web routes traffic to all pods with that label. Labels are how Kubernetes creates loose coupling between resources.
Namespaces
Namespaces partition a cluster into virtual clusters. Resources in one namespace are isolated from resources in another (by default). Use namespaces to separate environments (dev, staging, prod), teams, or applications. Resource quotas and network policies can be applied per namespace for multi-tenant clusters.
ConfigMaps and Secrets
ConfigMaps store configuration data as key-value pairs and inject them into pods as environment variables or mounted files. Secrets are similar but for sensitive data — they are base64-encoded (not encrypted by default — use encryption at rest). Externalising configuration from your container image means the same image runs in all environments with different config. Convert between JSON and YAML configuration formats with the JSON to YAML Converter.
Getting Started
Start with a local cluster using minikube, kind, or Docker Desktop's built-in Kubernetes. Deploy a simple web application with a Deployment and a Service. Use kubectl get pods, kubectl logs, and kubectl describe to observe what is happening. Kubernetes has a steep learning curve, but these core concepts — pods, deployments, services, and namespaces — are the foundation everything else builds on.