Skip to content

Pod vs Container (Kubernetes)

Mental model

Container = one person. Pod = people sharing a room (same phone line, same desk, same files).

What it looks like

"Pod" feels like a synonym for "container" because most pods contain exactly one container.

What it really is

Container: a single process with its own isolated environment (namespace + cgroup + rootfs).

Pod: a group of one or more containers that share the same network namespace, IPC namespace, and volumes. A pod is the smallest deployable unit in Kubernetes, not a container.

Why it seems confusing

Most pods have exactly one container, so the distinction seems academic. It only clicks when you need multi-container pods.

What actually matters

  • Containers in the same pod share localhost. They communicate over 127.0.0.1 without service discovery.
  • Containers in the same pod share IPC and can mount the same volumes.
  • Pods exist for the sidecar pattern: main app + log shipper + proxy in one network context.
  • Pod IP is ephemeral. When a pod dies, its IP is gone.

Common mistakes

  • Putting unrelated services in the same pod. Pods should hold tightly coupled containers only.
  • Expecting pod IPs to be stable. Use Services for stable endpoints.
  • Ignoring init containers, which run before app containers in the same pod.

Small examples

# Single-container pod (the common case)
apiVersion: v1
kind: Pod
metadata:
  name: web
spec:
  containers:
    - name: app
      image: nginx

# Sidecar pod: envoy proxy + app
apiVersion: v1
kind: Pod
metadata:
  name: web-with-sidecar
spec:
  containers:
    - name: app
      image: myapp:1.0
    - name: proxy
      image: envoyproxy/envoy:v1.28

Pod lifecycle: Pending, Running, Succeeded, Failed.

One-line summary

A pod is a group of containers sharing network and storage; it is the scheduling unit in Kubernetes, not the container.