All Products
Search

This Product

    Container Compute Service:Configure Sidecar container startup and shutdown sequence

    Document Center

    Container Compute Service:Configure Sidecar container startup and shutdown sequence

    Last Updated:Mar 26, 2026

    ACS runs workloads on virtual nodes, which don't support Kubernetes DaemonSets. To replicate DaemonSet-like behavior—such as running a logging agent, monitoring collector, or traffic proxy alongside every application container—add Sidecar containers to your Pods.

    Unlike DaemonSets, Sidecar containers share the Pod lifecycle. To make them behave like independent daemons, you need to control two things: the Sidecar must start before the application container, and it must stop automatically when the application container exits (critical for Job-type workloads).

    ACS supports two methods to declare Sidecar containers, depending on your cluster version:

    Method Kubernetes version Mechanism
    Native Kubernetes Sidecar declaration (recommended) 1.29 and later Declare the Sidecar as an init container with restartPolicy: Always
    ACS custom declaration 1.28 and earlier Set the __IS_SIDECAR__ environment variable on a regular container
    Important

    Use the native Kubernetes Sidecar declaration for clusters running Kubernetes 1.29 or later. The ACS custom declaration method has a known limitation on Kubernetes 1.29 and later or other types of Kubernetes clusters: after a failure retry, containerStatus and pod status are not updated to Running. It is recommended that you upgrade your cluster to version 1.29 or later and use the native Kubernetes Sidecar declaration method.

    How it works

    Native Kubernetes Sidecar declaration (Kubernetes 1.29+)

    Sidecar containers are declared as init containers with restartPolicy: Always. Because init containers run before regular containers, the Sidecar starts before the application container. The restartPolicy: Always setting allows the Sidecar to restart independently without affecting other containers. When the application container in a Job-type Pod finishes, Kubernetes forcibly stops the Sidecar with exit code 0, allowing the Job to complete.

    ACS custom declaration (Kubernetes 1.28 and earlier)

    Set the __IS_SIDECAR__ environment variable to true on a regular container. ACS treats that container as a Sidecar: it starts before other regular containers and restarts according to restartPolicy: Always semantics. ACS clusters on 1.28 and earlier include compatibility adjustments to update container status correctly.

    Prerequisites

    Before you begin, ensure that you have:

    • An ACS cluster

    • kubectl configured to connect to the cluster

    Declare Sidecar containers

    The following example creates a Job named test with two containers: app (the application container) and sidecar (the Sidecar container). The Sidecar tails a log file written by the application container.

    Choose the method that matches your cluster version.

    Native Kubernetes Sidecar declaration (Kubernetes 1.29+)

    Create a file named test-sidecar.yaml with the following content:

    apiVersion: batch/v1
kind: Job
metadata:
  name: test
spec:
  template:
    metadata:
      labels:
        app: test
    spec:
      initContainers:
      - name: sidecar
        image: registry-cn-hangzhou.ack.aliyuncs.com/ack-demo/busybox:1.28
        command: ['sh', '-c', 'touch /var/logs.txt && tail -F /var/logs.txt']
        restartPolicy: Always  # Declares this init container as a Sidecar: starts before app and restarts independently
      containers:
      - name: app
        image: registry-cn-hangzhou.ack.aliyuncs.com/ack-demo/busybox:1.28
        command: ['sh', '-c', 'for i in $(seq 1 10);do echo "logging" >> /var/logs.txt; sleep 1; done']
      restartPolicy: Never
  backoffLimit: 2

    ACS custom declaration (Kubernetes 1.28 and earlier)

    Create a file named test-sidecar.yaml with the following content:

    apiVersion: batch/v1
kind: Job
metadata:
  name: test
spec:
  template:
    metadata:
      labels:
        app: test
    spec:
      containers:
      - name: app
        image: registry-cn-hangzhou.ack.aliyuncs.com/ack-demo/busybox:1.28
        command: ['sh', '-c', 'for i in $(seq 1 10);do echo "logging" >> /var/logs.txt; sleep 1; done']
      - name: sidecar
        image: registry-cn-hangzhou.ack.aliyuncs.com/ack-demo/busybox:1.28
        command: ['sh', '-c', 'touch /var/logs.txt && tail -F /var/logs.txt']
        env:
        - name: __IS_SIDECAR__
          value: "true"  # Declares this regular container as a Sidecar: starts before app and stops when app exits
      restartPolicy: Never
  backoffLimit: 2

    Verify the result

    1. Apply the manifest:

      kubectl apply -f test-sidecar.yaml

    2. Check that the Job completed successfully. The Conditions field should show Complete: True and the Succeeded pod count should be 1:

      kubectl describe job test

      image

    3. Check the Pod details to confirm startup order and exit behavior:

      kubectl describe pod <pod-name>

      • Startup order: The sidecar container's start time is earlier than app. This confirms that any services the application depends on—such as traffic forwarding or log collection—are ready before the application starts.

        image

      • Exit code: The sidecar container exits with code 0 after app finishes. Exit code 0 means the forced termination is not treated as a failure, so the Job reaches Succeeded status.

        image

    Configuration reference

    Method Field or environment variable Values
    Native Kubernetes Sidecar declaration restartPolicy on the init container Always — declares the init container as a Sidecar<br>Never (default) — regular init container
    ACS custom declaration __IS_SIDECAR__ environment variable on a regular container true — declares the container as a Sidecar<br>false (default) — regular container