Kubernetes Core Concepts: Init Containers

adil
4 min readSep 25, 2023

Many applications depend on external services to function correctly.

Thanks to the init containers, you can delay the startup process until the external service is up and running.

Some applications need to retrieve data from external services during startup.

Thanks to the init containers, you can read secret credentials from Secrets, access the external service, and get the necessary data from the external service. Secret credentials are not exposed to your application container. In this way, you can store the secret credentials safely.

Some scripts, such as database migration scripts, need to be executed before the main container is started.

Thanks to the init containers, you can use a smaller/larger image in init containers. There will be no unnecessary scripts or container layers in your main container.

For the pre-start scripts, Kubernetes provides a solution: Init Containers

Photo by Irham Setyaki on Unsplash

The init container or containers will execute the necessary commands before the main container starts.

The main container won’t start if one of the init containers fails.

00-connectivity-check-with-init-containers.yaml

---
apiVersion: v1
kind: Pod
metadata:
name: web-pod
spec:
containers:
- image: webratio/nodejs-http-server
name: web-container
initContainers:
- name: ping
image: busybox
command: ['sh']
args:
- -c
- >-
ping -c 4 8.8.8.8

The init container will test for internet connectivity. web-container will start operating if it is successful.

Apply:

➜  ~ kubectl apply -f 00-connectivity-check-with-init-containers.yaml
pod/web-pod created

➜ ~ kubectl logs web-pod -c ping
PING 8.8.8.8 (8.8.8.8): 56 data bytes
64 bytes from 8.8.8.8: seq=0 ttl=109 time=0.929 ms
64 bytes from 8.8.8.8: seq=1 ttl=109 time=0.896 ms
64 bytes from 8.8.8.8: seq=2 ttl=109 time=0.901 ms
64 bytes from 8.8.8.8: seq=3 ttl=109 time=0.875 ms

--- 8.8.8.8 ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 0.875/0.900/0.929 ms

➜ ~ kubectl logs web-pod -c web-container
Starting up http-server, serving /opt/www
Available on:
http://127.0.0.1:8080
http://192.168.27.220:8080
Hit CTRL-C to stop the server

The init container’s status:

The init container has successfully terminated. So, web-pod can run.

01-connectivity-fail-init-containers.yaml

---
apiVersion: v1
kind: Pod
metadata:
name: web-pod
spec:
containers:
- image: webratio/nodejs-http-server
name: web-container
initContainers:
- name: ping
image: busybox
command: ['sh']
args:
- -c
- >-
ping -c 4 888.888.888.888

The init container will crash since the IP address 888.888.888.888 is invalid.

web-pod failed.

Multiple Init Containers

If there are several init containers, all of them must successfully terminated before the main container starts.

02-multiple-successful-init-containers.yaml

---
apiVersion: v1
kind: Pod
metadata:
name: web-pod
spec:
containers:
- image: webratio/nodejs-http-server
name: web-container
initContainers:
- name: sleep
image: busybox
command: ['sh']
args:
- -c
- >-
sleep 3
- name: ping
image: busybox
command: ['sh']
args:
- -c
- >-
ping -c 4 8.8.8.8

The first init container (sleep) will wait for 3 seconds. After that, the second init container (ping) will ping an external IP. web-container will start if they are terminated successfully.

Apply:

Status of the init containers:

03-one-failed-init-container.yaml

---
apiVersion: v1
kind: Pod
metadata:
name: web-pod
spec:
containers:
- image: webratio/nodejs-http-server
name: web-container
initContainers:
- name: sleep
image: busybox
command: ['sh']
args:
- -c
- >-
sleep 3
- name: ping
image: busybox
command: ['sh']
args:
- -c
- >-
ping -c 4 888.888.888.888

The first container will exit successfully. However, due to an incorrect IP address, the second container will fail.

Apply:

--

--