- One of key fundamental i cam across that how kubernets creates container/pod.
- Imagine a pod running two containers: one container runs a web server (e.g., NGINX), and the other runs a sidecar logging agent (e.g., Fluentd).
- Both containers need to share the same network namespace (so that they can communicate over localhost). Kubernetes creates the pause container to hold the pod’s network namespace.
- The NGINX and Fluentd containers are started, and they both inherit the pause container’s network namespace. This allows them to communicate internally without requiring external networking or additional IP addresses.
- If the NGINX container crashes and is restarted, the network namespace remains intact because the pause container is still running, and the pod’s IP address doesn’t change.