首頁 房產(chǎn) > 正文

Kubernetes中容器探測,你都了解了嗎?

1、概述

容器探測用于檢測容器中的應(yīng)用實例是否正常工作,是保障業(yè)務(wù)可用性的一種傳統(tǒng)機制。如果經(jīng)過探測,實例的狀態(tài)不符合預(yù)期,那么kubernetes就會把該問題實例" 摘除 ",不承擔(dān)業(yè)務(wù)流量。kubernetes提供了兩種探針來實現(xiàn)容器探測,分別是:


【資料圖】

liveness probes:存活性探針,用于檢測應(yīng)用實例當(dāng)前是否處于正常運行狀態(tài),如果不是,k8s會重啟容器readiness probes:就緒性探針,用于檢測應(yīng)用實例當(dāng)前是否可以接收請求,如果不能,k8s不會轉(zhuǎn)發(fā)流量

livenessProbe 決定是否重啟容器,readinessProbe 決定是否將請求轉(zhuǎn)發(fā)給容器。

上面兩種探針目前均支持三種探測方式:

Exec命令:在容器內(nèi)執(zhí)行一次命令,如果命令執(zhí)行的退出碼為0,則認(rèn)為程序正常,否則不正常
……  livenessProbe:    exec:      command:      - cat      - /tmp/healthy……
TCPSocket:將會嘗試訪問一個用戶容器的端口,如果能夠建立這條連接,則認(rèn)為程序正常,否則不正常
……        livenessProbe:    tcpSocket:      port: 8080……
HTTPGet:調(diào)用容器內(nèi)Web應(yīng)用的URL,如果返回的狀態(tài)碼在200和399之間,則認(rèn)為程序正常,否則不正常
……  livenessProbe:    httpGet:      path: / #URI地址      port: 80 #端口號      host: 127.0.0.1 #主機地址      scheme: HTTP #支持的協(xié)議,http或者https……
2、存活性探針(1)Exec模式

創(chuàng)建pod-liveness-exec.yaml。

apiVersion: v1kind: Podmetadata:  name: pod-liveness-exec  namespace: devspec:  containers:  - name: nginx    image: nginx    ports:     - name: nginx-port      containerPort: 80    livenessProbe:      exec:        command: ["/bin/cat","/tmp/hello.txt"] # 執(zhí)行一個查看文件的命令

因為/tmp/hello.txt 文件不存在,導(dǎo)致反復(fù)重啟容器。

#進入yaml目錄[root@k8s-master ~]# lsanaconda-ks.cfg  pod-liveness-exec.yaml[root@k8s-master ~]# clear[root@k8s-master ~]#[root@k8s-master ~]##查看當(dāng)前dev命名空間下無pod[root@k8s-master ~]# kubectl get pod -n devNo resources found in dev namespace.[root@k8s-master ~]##創(chuàng)建pod[root@k8s-master ~]# kubectl apply -f pod-liveness-exec.yamlpod/pod-liveness-exec created[root@k8s-master ~]##再次查看dev命名空間已創(chuàng)建pod[root@k8s-master ~]# kubectl get pod -n devNAME                READY   STATUS              RESTARTS   AGEpod-liveness-exec   0/1     ContainerCreating   0          5s#查看pod詳情[root@k8s-master ~]# kubectl describe pod pod-liveness-exec -n dev#在最下面Events中,容器創(chuàng)建過程報錯Events:  Type     Reason     Age   From               Message  ----     ------     ----  ----               -------  Normal   Scheduled  28s   default-scheduler  Successfully assigned dev/pod-liveness-exec to k8s-node2  Normal   Pulling    27s   kubelet            Pulling image "nginx"  Normal   Pulled     11s   kubelet            Successfully pulled image "nginx" in 15.48165061s  Normal   Created    11s   kubelet            Created container nginx  Normal   Started    11s   kubelet            Started container nginx  Warning  Unhealthy  7s    kubelet            Liveness probe failed: /bin/cat: /tmp/hello.txt: No such file or directory#再次頻繁查看dev下pod信息可以發(fā)現(xiàn) pod的重啟次數(shù)一直在增加[root@k8s-master ~]# kubectl get pod -n devNAME                READY   STATUS    RESTARTS      AGEpod-liveness-exec   1/1     Running   3 (53s ago)   2m54s[root@k8s-master ~]# kubectl get pod -n devNAME                READY   STATUS    RESTARTS      AGEpod-liveness-exec   1/1     Running   4 (20s ago)   3m1s

這個時候我們將 yaml改為查看已存在的文件。

apiVersion: v1kind: Podmetadata:  name: pod-liveness-exec  namespace: devspec:  containers:  - name: nginx    image: nginx    ports:     - name: nginx-port      containerPort: 80    livenessProbe:      exec:        command: ["/bin/cat","/usr/share/nginx/html/index.html"] # 執(zhí)行一個查看文件的命令 此文件為nginx歡迎頁面 因為我們的容器就是nginx所以這個文件肯定存在的

再看效果:

(2)TCPSocket模式

創(chuàng)建pod-liveness-tcpsocket.yaml。

apiVersion: v1kind: Podmetadata:  name: pod-liveness-tcpsocket  namespace: devspec:  containers:  - name: nginx    image: nginx    ports:     - name: nginx-port      containerPort: 80    livenessProbe:      tcpSocket:        port: 8080 # 嘗試訪問8080端口,端口不存在

因為容器中8080端口未開通,所以連接失敗。

[root@k8s-master ~]# lsanaconda-ks.cfg  pod-liveness-tcpsocket.yaml[root@k8s-master ~]##創(chuàng)建pod[root@k8s-master ~]# kubectl apply -f pod-liveness-tcpsocket.yamlpod/pod-liveness-tcpsocket created[root@k8s-master ~]##獲取pod[root@k8s-master ~]# kubectl get pod -n devNAME                     READY   STATUS    RESTARTS   AGEpod-liveness-tcpsocket   1/1     Running   0          12s#查看詳情可以看出最后一步 連接被拒絕[root@k8s-master ~]# kubectl describe pod pod-liveness-tcpsocket -n devEvents:  Type     Reason     Age               From               Message  ----     ------     ----              ----               -------  Normal   Scheduled  23s               default-scheduler  Successfully assigned dev/pod-liveness-tcpsocket to k8s-node2  Normal   Pulling    22s               kubelet            Pulling image "nginx"  Normal   Pulled     21s               kubelet            Successfully pulled image "nginx" in 475.556438ms  Normal   Created    21s               kubelet            Created container nginx  Normal   Started    21s               kubelet            Started container nginx  Warning  Unhealthy  2s (x2 over 12s)  kubelet            Liveness probe failed: dial tcp 172.17.169.138:8080: connect: connection refused#頻繁獲取pod詳情可以看出  重啟次數(shù)也在不斷增加[root@k8s-master ~]# kubectl get pod -n devNAME                     READY   STATUS    RESTARTS      AGEpod-liveness-tcpsocket   1/1     Running   3 (32s ago)   2m13s[root@k8s-master ~]#[root@k8s-master ~]# kubectl get pod -n devNAME                     READY   STATUS    RESTARTS      AGEpod-liveness-tcpsocket   1/1     Running   3 (46s ago)   2m27s[root@k8s-master ~]#[root@k8s-master ~]# kubectl get pod -n devNAME                     READY   STATUS    RESTARTS      AGEpod-liveness-tcpsocket   1/1     Running   4 (16s ago)   2m37s

然后將 tcpSocket.port 改為80 再重復(fù)以上步驟就會發(fā)現(xiàn),容器正常啟動。

(3)HTTPGet模式

創(chuàng)建pod-liveness-httpget.yaml。

apiVersion: v1kind: Podmetadata:  name: pod-liveness-httpget  namespace: devspec:  containers:  - name: nginx    image: nginx    ports:    - name: nginx-port      containerPort: 80    livenessProbe:      httpGet:  # 其實就是訪問http://127.0.0.1:80/hello          scheme: HTTP #支持的協(xié)議,http或者https        port: 80 #端口號        path: /hello #URI地址 此地址不存在
[root@k8s-master ~]##創(chuàng)建pod[root@k8s-master ~]# kubectl apply -f pod-liveness-httpget.yamlpod/pod-liveness-httpget created#獲取pod[root@k8s-master ~]# kubectl get pod -n devNAME                   READY   STATUS              RESTARTS   AGEpod-liveness-httpget   0/1     ContainerCreating   0          7s[root@k8s-master ~]# kubectl get pod -n devNAME                   READY   STATUS              RESTARTS   AGEpod-liveness-httpget   0/1     ContainerCreating   0          13s#查看pod詳情 發(fā)現(xiàn)最后HTTP執(zhí)行報404[root@k8s-master ~]# kubectl describe pod pod-liveness-httpget -n devEvents:  Type     Reason     Age   From               Message  ----     ------     ----  ----               -------  Normal   Scheduled  24s   default-scheduler  Successfully assigned dev/pod-liveness-httpget to k8s-node2  Normal   Pulling    23s   kubelet            Pulling image "nginx"  Normal   Pulled     8s    kubelet            Successfully pulled image "nginx" in 15.416092349s  Normal   Created    8s    kubelet            Created container nginx  Normal   Started    8s    kubelet            Started container nginx  Warning  Unhealthy  4s    kubelet            Liveness probe failed: HTTP probe failed with statuscode: 404#頻繁獲取pod,發(fā)現(xiàn)pod重啟次數(shù)不斷增加[root@k8s-master ~]# kubectl get pod -n devNAME                   READY   STATUS    RESTARTS   AGEpod-liveness-httpget   1/1     Running   0          36s[root@k8s-master ~]# kubectl get pod -n devNAME                   READY   STATUS    RESTARTS     AGEpod-liveness-httpget   1/1     Running   1 (3s ago)   43s[root@k8s-master ~]# kubectl get pod -n devNAME                   READY   STATUS    RESTARTS      AGEpod-liveness-httpget   1/1     Running   2 (47s ago)   117s

然后將 httpGet.path 改為/ 再重復(fù)以上步驟就會發(fā)現(xiàn),容器正常啟動。

至此,已經(jīng)使用liveness Probe演示了三種探測方式,但是查看livenessProbe的子屬性,會發(fā)現(xiàn)除了這三種方式,還有一些其他的配置,在這里一并解釋下:

[root@k8s-master01 ~]# kubectl explain pod.spec.containers.livenessProbeFIELDS:   exec      tcpSocket       httpGet         initialDelaySeconds    # 容器啟動后等待多少秒執(zhí)行第一次探測   timeoutSeconds         # 探測超時時間。默認(rèn)1秒,最小1秒   periodSeconds          # 執(zhí)行探測的頻率。默認(rèn)是10秒,最小1秒   failureThreshold       # 連續(xù)探測失敗多少次才被認(rèn)定為失敗。默認(rèn)是3。最小值是1   successThreshold       # 連續(xù)探測成功多少次才被認(rèn)定為成功。默認(rèn)是1	  
		
    

關(guān)鍵詞:

最近更新

關(guān)于本站 管理團隊 版權(quán)申明 網(wǎng)站地圖 聯(lián)系合作 招聘信息

Copyright © 2005-2023 創(chuàng)投網(wǎng) - m.670818.com All rights reserved
聯(lián)系我們:39 60 29 14 2@qq.com
皖I(lǐng)CP備2022009963號-3