What are production uses for Kubernetes pods without an associated deployment?

Question

I have seen the one-pod <-> one-container rule, which seems to apply to business logic pods, but has exceptions when it comes to shared network/volume related resources.

What are encountered production uses of deploying pods without a deployment configuration?

Answer 1

In our case, we use stand alone pods for debugging purposes only. Otherwise you want your configuration to be stateless and written in YAML files.

For instance, debugging the dns resolution: https://kubernetes.io/docs/tasks/administer-cluster/dns-debugging-resolution/

kubectl apply -f https://k8s.io/examples/admin/dns/dnsutils.yaml
kubectl exec -i -t dnsutils -- nslookup kubernetes.default

Answer 2

I use pods directly to start a Centos (or other operating system) container in which to verify connections or test command line options.

As a specific example, below is a shell script that starts an ubuntu container. You can easily modify the manifest to test secret access or change the service account to test access control.

#!/bin/bash

RANDOMIZER=$(uuid | cut -b-5)
POD_NAME="bash-shell-$RANDOMIZER"
IMAGE=ubuntu
NAMESPACE=$(uuid)

kubectl create namespace $NAMESPACE

kubectl apply -f - <<EOF
apiVersion: v1
kind: Pod
metadata:
  name: $POD_NAME
  namespace: $NAMESPACE
spec:
  containers:
  - name: $POD_NAME
    image: $IMAGE
    command: ["/bin/bash"]
    args: ["-c", "while true; do date; sleep 5; done"]
  hostNetwork: true
  dnsPolicy: Default
  restartPolicy: Never
EOF

echo "---------------------------------"
echo "| Press ^C when pod is running. |"
echo "---------------------------------"

kubectl -n $NAMESPACE get pod $POD_NAME -w

echo

kubectl -n $NAMESPACE exec -it $POD_NAME -- /bin/bash

kubectl -n $NAMESPACE delete pod $POD_NAME
kubectl delete namespace $NAMESPACE