Appearance
What are Deployments, ReplicaSets, and StatefulSets, and when should each be used?
Lets break down these three workload resources. While they all manage Pods, they serve very different roles in the architecture.
The short answer for modern platform design: Use Deployments for stateless applications, use StatefulSets for databases or distributed systems, and almost never manage ReplicaSets directly.
Here is the detailed engineering breakdown of how they differ and when to use them.
1. ReplicaSet: The Low-Level Enforcer
A ReplicaSet is a relatively low-level resource. Its primary job is simple: maintain a stable set of replica Pods running at any given time.
- How it works: It uses a control loop to constantly reconcile the current number of Pods matching a specific Label Selector against the desired
replicascount. If it finds too few, it creates more from its Pod template; if too many, it deletes the excess. - The Limitation: A ReplicaSet creates and manages Pods, but it lacks the logic to manage updates to those Pods. It does not know how to perform a rolling update from Version A to Version B.
- Best Practice: Do not use ReplicaSets directly. They are designed to be used as a building block by higher-level abstractions like Deployments.
2. Deployment: The Standard for Stateless Apps
A Deployment is a higher-level abstraction that manages ReplicaSets to provide declarative updates for Pods. It is the standard workload resource for stateless applications (like web servers, microservices, or workers) where Pods are interchangeable.
- How it works: When you define a Deployment, the Deployment controller creates a ReplicaSet to bring up the desired Pods.
- Rolling Updates: When you update the
PodTemplateSpec(e.g., changing the container image), the Deployment creates a new ReplicaSet and slowly scales it up while scaling down the old ReplicaSet. - Rollbacks: Because the Deployment keeps a history of old ReplicaSets, you can easily rollback to a previous revision if a new deployment is unstable.
- Rolling Updates: When you update the
- When to use it: Use a Deployment for any workload that does not maintain unique persistent state or require a stable network identity. Ideally, 90% of your workloads should be Deployments.
3. StatefulSet: For Applications Requiring Identity
A StatefulSet manages applications where the specific identity of a Pod matters. Unlike Deployments, where Pods are fungible (interchangeable), Pods in a StatefulSet have a "sticky" identity.
- How it works:
- Stable Network ID: Pods get a predictable, persistent hostname (e.g.,
web-0,web-1) rather than a random hash. This allows peers to discover each other reliably. - Stable Storage: It uses
volumeClaimTemplatesto create a unique PersistentVolumeClaim (PVC) for each Pod. Ifweb-0crashes and is rescheduled to a new node, it re-attaches to the exact same disk that the previousweb-0used. - Ordered Operations: By default, it performs deployment, scaling, and termination in a strict order (0, then 1, then 2), ensuring that data integrity is maintained during topological changes.
- Stable Network ID: Pods get a predictable, persistent hostname (e.g.,
- When to use it: Use StatefulSets for databases (MySQL, PostgreSQL), distributed stores (Cassandra, ZooKeeper, etcd), or any application that requires stable network identifiers or persistent storage that must remain attached to a specific instance.
Summary: Design Decision Matrix
| Feature | Deployment | StatefulSet | ReplicaSet |
|---|---|---|---|
| Primary Use Case | Stateless Apps (Web, API) | Stateful Apps (DBs, Queues) | Internal Use Only |
| Pod Identity | Interchangeable (random hash) | Sticky / Unique (web-0, web-1) | Interchangeable |
| Storage | Shared or Ephemeral | Unique per Pod (Sticky PVC) | Shared or Ephemeral |
| Update Strategy | Rolling Update (creates new RS) | Ordered Rolling Update | None (must delete Pods manually) |
| Managed By | You (via kubectl/manifests) | You (via kubectl/manifests) | Deployment Controller |
Engineering Note on "Sticky Identity": StatefulSet is critical because it guarantees that a specific network identity (hostname) always maps to the same storage identity. This is vital for distributed consensus algorithms (like Raft or Paxos) which rely on knowing exactly which member of the cluster committed a transaction.