@@ -236,7 +236,7 @@ To investigate the root cause of a `CrashLoopBackOff` issue, a user can:
236236 application code. Running this container image locally or in a development
237237 environment can help diagnose application specific issues.
238238
239- ### Container restart policy {#restart-policy}
239+ ### Container restarts {#restart-policy}
240240
241241The ` spec ` of a Pod has a ` restartPolicy ` field with possible values Always, OnFailure,
242242and Never. The default value is Always.
@@ -262,6 +262,105 @@ problems, the kubelet resets the restart backoff timer for that container.
262262[ Sidecar containers and Pod lifecycle] ( /docs/concepts/workloads/pods/sidecar-containers/#sidecar-containers-and-pod-lifecycle )
263263explains the behaviour of ` init containers ` when specify ` restartpolicy ` field on it.
264264
265+ #### Individual container restart policy and rules {#container-restart-rules}
266+
267+ {{< feature-state
268+ feature_gate_name="ContainerRestartRules" >}}
269+
270+ If your cluster has the feature gate ` ContainerRestartRules ` enabled, you can specify
271+ ` restartPolicy ` and ` restartPolicyRules ` on _ inidividual containers_ can to override the Pod
272+ restart policy. Container restart policy and rules applies to {{< glossary_tooltip text="app containers" term_id="app-container" >}}
273+ in the Pod and to regular [ init containers] ( /docs/concepts/workloads/pods/init-containers/ ) .
274+
275+ A Kubernetes-native [ sidecar container] ( /docs/concepts/workloads/pods/sidecar-containers/ )
276+ has its container-level ` restartPolicy ` set to ` Always ` , and does not support ` restartPolicyRules ` .
277+
278+ The container restarts will follow the same exponential backoff as pod restart policy described above.
279+ Supported container restart policies:
280+
281+ * ` Always ` : Automatically restarts the container after any termination.
282+ * ` OnFailure ` : Only restarts the container if it exits with an error (non-zero exit status).
283+ * ` Never ` : Does not automatically restart the terminated container.
284+
285+ Additionally, _ individual containers_ can specify ` restartPolicyRules ` . If the ` restartPolicyRules `
286+ field is specified, then container ` restartPolicy ` ** must** also be specified. The ` restartPolicyRules `
287+ define a list of rules to apply on container exit. Each rule will consist of a condition
288+ and an action. The supported condition is ` exitCodes ` , which compares the exit code of the container
289+ with a list of given values. The supported action is ` Restart ` , which means the container will be
290+ restarted. The rules will be evaluated in order. On the first match, the action will be applied.
291+ If none of the rules’ conditions matched, Kubernetes fallback to container’s configured
292+ ` restartPolicy ` .
293+
294+ For example, a Pod with OnFailure restart policy that have a ` try-once ` container. This allows
295+ Pod to only restart certain containers:
296+
297+ ``` yaml
298+ apiVersion : v1
299+ kind : Pod
300+ metadata :
301+ name : on-failure-pod
302+ spec :
303+ restartPolicy : OnFailure
304+ containers :
305+ - name : try-once-container # This container will run only once because the restartPolicy is Never.
306+ image : docker.io/library/busybox:1.28
307+ command : ['sh', '-c', 'echo "Only running once" && sleep 10 && exit 1']
308+ restartPolicy : Never
309+ - name : on-failure-container # This container will be restarted on failure.
310+ image : docker.io/library/busybox:1.28
311+ command : ['sh', '-c', 'echo "Keep restarting" && sleep 1800 && exit 1']
312+ ` ` `
313+
314+ A Pod with Always restart policy with an init container that only execute once. If the init
315+ container fails, the Pod fails. This alllows the Pod to fail if the initialiaztion failed,
316+ but also keep running once the initialization succeeds:
317+
318+ ` ` ` yaml
319+ apiVersion : v1
320+ kind : Pod
321+ metadata :
322+ name : fail-pod-if-init-fails
323+ spec :
324+ restartPolicy : Always
325+ initContainers :
326+ - name : init-once # This init container will only try once. If it fails, the pod will fail.
327+ image : docker.io/library/busybox:1.28
328+ command : ['sh', '-c', 'echo "Failing initialization" && sleep 10 && exit 1']
329+ restartPolicy : Never
330+ containers :
331+ - name : main-container # This container will always be restarted once initialization succeeds.
332+ image : docker.io/library/busybox:1.28
333+ command : ['sh', '-c', 'sleep 1800 && exit 0']
334+ ` ` `
335+
336+ A Pod with Never restart policy with a container that ignores and restarts on specific exit codes.
337+ This is useful to differentiate between restartable errors and non-restartable errors:
338+
339+ ` ` ` yaml
340+ apiVersion : v1
341+ kind : Pod
342+ metadata :
343+ name : restart-on-exit-codes
344+ spec :
345+ restartPolicy : Never
346+ containers :
347+ - name : restart-on-exit-codes
348+ image : docker.io/library/busybox:1.28
349+ command : ['sh', '-c', 'sleep 60 && exit 0']
350+ restartPolicy : Never # Container restart policy must be specified if rules are specified
351+ restartPolicyRules : # Only restart the container if it exits with code 42
352+ - action : Restart
353+ exitCodes :
354+ operator : In
355+ values : [42]
356+ ` ` `
357+
358+ Restart rules can be used for many more advanced lifecycle management scenarios. Note, restart rules
359+ are affected by the same inconsistencies as the regular restart policy. Kubelet restarts, container
360+ runtime garbage collection, intermitted connectivity issues with the control plane may cause the state
361+ loss and containers may be re-run even when designed only run once. Please make sure to design your
362+ Pods accordingly.
363+
265364### Reduced container restart delay
266365
267366{{< feature-state
0 commit comments