Kubernetes中容器探測,你都了解了嗎?
作者:全棧行動派
LivenessProbe 決定是否重啟容器,ReadinessProbe 決定是否將請求轉發給容器。
1、概述
容器探測用于檢測容器中的應用實例是否正常工作,是保障業務可用性的一種傳統機制。如果經過探測,實例的狀態不符合預期,那么kubernetes就會把該問題實例" 摘除 ",不承擔業務流量。kubernetes提供了兩種探針來實現容器探測,分別是:
- liveness probes:存活性探針,用于檢測應用實例當前是否處于正常運行狀態,如果不是,k8s會重啟容器
- readiness probes:就緒性探針,用于檢測應用實例當前是否可以接收請求,如果不能,k8s不會轉發流量
livenessProbe 決定是否重啟容器,readinessProbe 決定是否將請求轉發給容器。
上面兩種探針目前均支持三種探測方式:
- Exec命令:在容器內執行一次命令,如果命令執行的退出碼為0,則認為程序正常,否則不正常
……
livenessProbe:
exec:
command:
- cat
- /tmp/healthy
……
- TCPSocket:將會嘗試訪問一個用戶容器的端口,如果能夠建立這條連接,則認為程序正常,否則不正常
……
livenessProbe:
tcpSocket:
port: 8080
……
- HTTPGet:調用容器內Web應用的URL,如果返回的狀態碼在200和399之間,則認為程序正常,否則不正常
……
livenessProbe:
httpGet:
path: / #URI地址
port: 80 #端口號
host: 127.0.0.1 #主機地址
scheme: HTTP #支持的協議,http或者https
……
2、存活性探針
(1)Exec模式
創建pod-liveness-exec.yaml。
apiVersion: v1
kind: Pod
metadata:
name: pod-liveness-exec
namespace: dev
spec:
containers:
- name: nginx
image: nginx
ports:
- name: nginx-port
containerPort: 80
livenessProbe:
exec:
command: ["/bin/cat","/tmp/hello.txt"] # 執行一個查看文件的命令
因為/tmp/hello.txt 文件不存在,導致反復重啟容器。
#進入yaml目錄
[root@k8s-master ~]# ls
anaconda-ks.cfg pod-liveness-exec.yaml
[root@k8s-master ~]# clear
[root@k8s-master ~]#
[root@k8s-master ~]#
#查看當前dev命名空間下無pod
[root@k8s-master ~]# kubectl get pod -n dev
No resources found in dev namespace.
[root@k8s-master ~]#
#創建pod
[root@k8s-master ~]# kubectl apply -f pod-liveness-exec.yaml
pod/pod-liveness-exec created
[root@k8s-master ~]#
#再次查看dev命名空間已創建pod
[root@k8s-master ~]# kubectl get pod -n dev
NAME READY STATUS RESTARTS AGE
pod-liveness-exec 0/1 ContainerCreating 0 5s
#查看pod詳情
[root@k8s-master ~]# kubectl describe pod pod-liveness-exec -n dev
#在最下面Events中,容器創建過程報錯
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 28s default-scheduler Successfully assigned dev/pod-liveness-exec to k8s-node2
Normal Pulling 27s kubelet Pulling image "nginx"
Normal Pulled 11s kubelet Successfully pulled image "nginx" in 15.48165061s
Normal Created 11s kubelet Created container nginx
Normal Started 11s kubelet Started container nginx
Warning Unhealthy 7s kubelet Liveness probe failed: /bin/cat: /tmp/hello.txt: No such file or directory
#再次頻繁查看dev下pod信息可以發現 pod的重啟次數一直在增加
[root@k8s-master ~]# kubectl get pod -n dev
NAME READY STATUS RESTARTS AGE
pod-liveness-exec 1/1 Running 3 (53s ago) 2m54s
[root@k8s-master ~]# kubectl get pod -n dev
NAME READY STATUS RESTARTS AGE
pod-liveness-exec 1/1 Running 4 (20s ago) 3m1s
這個時候我們將 yaml改為查看已存在的文件。
apiVersion: v1
kind: Pod
metadata:
name: pod-liveness-exec
namespace: dev
spec:
containers:
- name: nginx
image: nginx
ports:
- name: nginx-port
containerPort: 80
livenessProbe:
exec:
command: ["/bin/cat","/usr/share/nginx/html/index.html"] # 執行一個查看文件的命令 此文件為nginx歡迎頁面 因為我們的容器就是nginx所以這個文件肯定存在的
再看效果:
(2)TCPSocket模式
創建pod-liveness-tcpsocket.yaml。
apiVersion: v1
kind: Pod
metadata:
name: pod-liveness-tcpsocket
namespace: dev
spec:
containers:
- name: nginx
image: nginx
ports:
- name: nginx-port
containerPort: 80
livenessProbe:
tcpSocket:
port: 8080 # 嘗試訪問8080端口,端口不存在
因為容器中8080端口未開通,所以連接失敗。
[root@k8s-master ~]# ls
anaconda-ks.cfg pod-liveness-tcpsocket.yaml
[root@k8s-master ~]#
#創建pod
[root@k8s-master ~]# kubectl apply -f pod-liveness-tcpsocket.yaml
pod/pod-liveness-tcpsocket created
[root@k8s-master ~]#
#獲取pod
[root@k8s-master ~]# kubectl get pod -n dev
NAME READY STATUS RESTARTS AGE
pod-liveness-tcpsocket 1/1 Running 0 12s
#查看詳情可以看出最后一步 連接被拒絕
[root@k8s-master ~]# kubectl describe pod pod-liveness-tcpsocket -n dev
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 23s default-scheduler Successfully assigned dev/pod-liveness-tcpsocket to k8s-node2
Normal Pulling 22s kubelet Pulling image "nginx"
Normal Pulled 21s kubelet Successfully pulled image "nginx" in 475.556438ms
Normal Created 21s kubelet Created container nginx
Normal Started 21s kubelet Started container nginx
Warning Unhealthy 2s (x2 over 12s) kubelet Liveness probe failed: dial tcp 172.17.169.138:8080: connect: connection refused
#頻繁獲取pod詳情可以看出 重啟次數也在不斷增加
[root@k8s-master ~]# kubectl get pod -n dev
NAME READY STATUS RESTARTS AGE
pod-liveness-tcpsocket 1/1 Running 3 (32s ago) 2m13s
[root@k8s-master ~]#
[root@k8s-master ~]# kubectl get pod -n dev
NAME READY STATUS RESTARTS AGE
pod-liveness-tcpsocket 1/1 Running 3 (46s ago) 2m27s
[root@k8s-master ~]#
[root@k8s-master ~]# kubectl get pod -n dev
NAME READY STATUS RESTARTS AGE
pod-liveness-tcpsocket 1/1 Running 4 (16s ago) 2m37s
然后將 tcpSocket.port 改為80 再重復以上步驟就會發現,容器正常啟動。
(3)HTTPGet模式
創建pod-liveness-httpget.yaml。
apiVersion: v1
kind: Pod
metadata:
name: pod-liveness-httpget
namespace: dev
spec:
containers:
- name: nginx
image: nginx
ports:
- name: nginx-port
containerPort: 80
livenessProbe:
httpGet: # 其實就是訪問http://127.0.0.1:80/hello
scheme: HTTP #支持的協議,http或者https
port: 80 #端口號
path: /hello #URI地址 此地址不存在
[root@k8s-master ~]#
#創建pod
[root@k8s-master ~]# kubectl apply -f pod-liveness-httpget.yaml
pod/pod-liveness-httpget created
#獲取pod
[root@k8s-master ~]# kubectl get pod -n dev
NAME READY STATUS RESTARTS AGE
pod-liveness-httpget 0/1 ContainerCreating 0 7s
[root@k8s-master ~]# kubectl get pod -n dev
NAME READY STATUS RESTARTS AGE
pod-liveness-httpget 0/1 ContainerCreating 0 13s
#查看pod詳情 發現最后HTTP執行報404
[root@k8s-master ~]# kubectl describe pod pod-liveness-httpget -n dev
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 24s default-scheduler Successfully assigned dev/pod-liveness-httpget to k8s-node2
Normal Pulling 23s kubelet Pulling image "nginx"
Normal Pulled 8s kubelet Successfully pulled image "nginx" in 15.416092349s
Normal Created 8s kubelet Created container nginx
Normal Started 8s kubelet Started container nginx
Warning Unhealthy 4s kubelet Liveness probe failed: HTTP probe failed with statuscode: 404
#頻繁獲取pod,發現pod重啟次數不斷增加
[root@k8s-master ~]# kubectl get pod -n dev
NAME READY STATUS RESTARTS AGE
pod-liveness-httpget 1/1 Running 0 36s
[root@k8s-master ~]# kubectl get pod -n dev
NAME READY STATUS RESTARTS AGE
pod-liveness-httpget 1/1 Running 1 (3s ago) 43s
[root@k8s-master ~]# kubectl get pod -n dev
NAME READY STATUS RESTARTS AGE
pod-liveness-httpget 1/1 Running 2 (47s ago) 117s
然后將 httpGet.path 改為/ 再重復以上步驟就會發現,容器正常啟動。
至此,已經使用liveness Probe演示了三種探測方式,但是查看livenessProbe的子屬性,會發現除了這三種方式,還有一些其他的配置,在這里一并解釋下:
[root@k8s-master01 ~]# kubectl explain pod.spec.containers.livenessProbe
FIELDS:
exec <Object>
tcpSocket <Object>
httpGet <Object>
initialDelaySeconds <integer> # 容器啟動后等待多少秒執行第一次探測
timeoutSeconds <integer> # 探測超時時間。默認1秒,最小1秒
periodSeconds <integer> # 執行探測的頻率。默認是10秒,最小1秒
failureThreshold <integer> # 連續探測失敗多少次才被認定為失敗。默認是3。最小值是1
successThreshold <integer> # 連續探測成功多少次才被認定為成功。默認是1責任編輯:姜華
來源:
今日頭條
