杭州兼职网站建设,网页设计素材图片免费,广州网站排名推广公司,呼伦贝尔网站建设Kubernetes之Pod生命周期Pod生命周期官方文档Pod的状态初始化容器案例钩子函数Exec命令TCPSocketHTTPGet案例容器探测Exec命令TCPSocketHTTPGet探测时间重启策略Pod生命周期官方文档
Pod生命周期官方文档
Pod的状态
pending#xff1a;挂起#xff0c;apiserver创建了pod资…
Kubernetes之Pod生命周期Pod生命周期官方文档Pod的状态初始化容器案例钩子函数Exec命令TCPSocketHTTPGet案例容器探测Exec命令TCPSocketHTTPGet探测时间重启策略Pod生命周期官方文档
Pod生命周期官方文档
Pod的状态
pending挂起apiserver创建了pod资源对象已存入etcd中但它尚未被调度完成或者仍处于从仓库下载镜像的过程中running运行中pod已经被调度到某节点并且所有容器都已经被kubelet创建完成complet成功pod中所有容器都已经成功终止并且不会重启failed失败pod中所有容器都已经终止了并且至少有一个容器是因为失败终止的即容器以非0状态退出或者被系统禁止unknown未知apiserver无法正常获取到pod对象的状态信息通常是由于无法与所在工作节点的kubelet通信所致
初始化容器
k8s的初始化容器initContainer优先级都是高于主容器container的。无论容器写在初始化容器前还是写在初始化容器后会最先执行的都是初始化容器。只有初始化容器执行成功后才可以启动主容器。初始化容器的应用场景应该是多pod。比如mysql和业务分开两个pod。此时业务pod添加初始化容器初始化容器执行telnet检查mysql是否启动了。若mysql启动则业务pod启动否则业务pod等待mysql启动。
初始化容器是在pod主容器启动之前要运行的容器主要是做一些主容器的前置工作它具有两大特征
初始化容器必须运行完成直至结束若某初始化容器运行失败那么kubernetes需要重启它直到成功完成初始化容器必须按照定义的顺序执行当且仅当前一个成功之后后面的一个才能运行
案例
apiVersion: v1
kind: Pod
metadata:name: pod-initcontainernamespace: bubble-dev
spec:containers:- name: main-containerimage: nginx:1.17.9ports:- name: nginx-portcontainerPort: 80initContainers:- name: mysqlimage: busybox:1.30 command: [ /bin/sh,-c,sleep 40;] - name: redisimage: busybox:1.30busybox:1.30启动成功之后会立即停止通过使用command命令40S之后这个容器才会停止 启动主容器main-container必须等待初始化容器mysql和redis启动并运行成功之后才可以启动
vi pod-initcontainer.yaml
cat pod-initcontainer.yaml
kubectl create ns bubble-dev
kubectl create -f pod-initcontainer.yaml[rootmaster ~]# kubectl describe pods -n bubble-dev
Name: pod-initcontainer
Namespace: bubble-dev
Priority: 0
Node: node1/192.168.102.160
Start Time: Thu, 12 Jan 2023 10:44:14 -0500
Labels: none
Annotations: none
Status: Running
IP: 172.17.0.2
IPs:IP: 172.17.0.2
Init Containers:mysql:Container ID: docker://6c41381ade3cb74d93b4b449920a89ce1b534860da4a3803d886389b7873f5c4Image: busybox:1.30Image ID: docker-pullable://busyboxsha256:4b6ad3a68d34da29bf7c8ccb5d355ba8b4babcad1f99798204e7abb43e54ee3dPort: noneHost Port: noneCommand:/bin/sh-csleep 40;State: TerminatedReason: CompletedExit Code: 0Started: Thu, 12 Jan 2023 10:44:16 -0500Finished: Thu, 12 Jan 2023 10:44:56 -0500Ready: TrueRestart Count: 0Environment: noneMounts:/var/run/secrets/kubernetes.io/serviceaccount from default-token-9bq4c (ro)redis:Container ID: docker://8a504efac19030ab4a266599795e7ad1368f351f48eae8eb45101100aec0dec1Image: busybox:1.30Image ID: docker-pullable://busyboxsha256:4b6ad3a68d34da29bf7c8ccb5d355ba8b4babcad1f99798204e7abb43e54ee3dPort: noneHost Port: noneState: TerminatedReason: CompletedExit Code: 0Started: Thu, 12 Jan 2023 10:44:57 -0500Finished: Thu, 12 Jan 2023 10:44:57 -0500Ready: TrueRestart Count: 0Environment: noneMounts:/var/run/secrets/kubernetes.io/serviceaccount from default-token-9bq4c (ro)
Containers:main-container:Container ID: docker://920298ed4e9f76c825249290078a9a408476df66175e6fc8b9dcdaf25346f324Image: nginx:1.17.9Image ID: docker-pullable://nginxsha256:88ea86df324b03b3205cbf4ca0d999143656d0a3394675630e55e49044d38b50Port: 80/TCPHost Port: 0/TCPState: RunningStarted: Thu, 12 Jan 2023 10:44:58 -0500Ready: TrueRestart Count: 0Environment: noneMounts:/var/run/secrets/kubernetes.io/serviceaccount from default-token-9bq4c (ro)
Conditions:Type StatusInitialized True Ready True ContainersReady True PodScheduled True
Volumes:default-token-9bq4c:Type: Secret (a volume populated by a Secret)SecretName: default-token-9bq4cOptional: false
QoS Class: BestEffort
Node-Selectors: none
Tolerations: node.kubernetes.io/not-ready:NoExecute for 300snode.kubernetes.io/unreachable:NoExecute for 300s
Events:Type Reason Age From Message---- ------ ---- ---- -------Normal Scheduled 4m47s default-scheduler Successfully assigned bubble-dev/pod-initcontainer to node1Normal Pulled 4m46s kubelet, node1 Container image busybox:1.30 already present on machineNormal Created 4m46s kubelet, node1 Created container mysqlNormal Started 4m45s kubelet, node1 Started container mysqlNormal Pulled 4m4s kubelet, node1 Container image busybox:1.30 already present on machineNormal Created 4m4s kubelet, node1 Created container redisNormal Started 4m4s kubelet, node1 Started container redisNormal Pulled 4m3s kubelet, node1 Container image nginx:1.17.9 already present on machineNormal Created 4m3s kubelet, node1 Created container main-containerNormal Started 4m3s kubelet, node1 Started container main-container我们可以分析出Pod中首先启动并运行的是mysql容器mysql容器运行成功后redis容器开始启动并运行完成运行后主容器才开始启动。
钩子函数
k8s在主容器启动之后和停止之前提供了两个钩子函数
post-start容器创建之后执行(相关命令)如果失败了则会自动重启容器容器创建后立即执行注意由于是异步执行它无法保证一定在ENTRYPOINT之前运行。如果失败容器会被杀死并根据RestartPolicy决定是否重启pre-stop容器终止之前执行(相关命令) 例如杀死进程等容器终止前执行常用于资源清理。执行完成之后容器将成功终止如果失败容器同样也会被杀死。在其完成之前会阻塞删除容器的操作
钩子的回调函数支持三种方式Exec命令、TCPSocket、HTTPGet
Exec命令
spec:containers:- name: main-containerimage: nginx:1.17.1lifecycle:postStart:exec: # 容器创建之后执行(相关命令)修改nginx页面command: [/bin/sh,-c,echo honey /usr/share/nginx/html/index.html]preStop:exec: # 容器停止之后执行停止nginx服务command: [/usr/sbin/nginx,-s,quit ]TCPSocket
spec:containers:- name: main-containerimage: nginx:1.17.1lifecycle:postStart:tcpSocket:port: 8080HTTPGet
spec:containers:- name: main-containerimage: nginx:1.17.1lifecycle:postStart:httpGet:path: /init # URI地址port: 80 # 端口号host: 192.168.110.1 # 主机地址scheme: HTTP # 支持的协议http或https案例
apiVersion: v1
kind: Pod
metadata:name: pod-hooknamespace: bubble-dev
spec:containers:- name: main-containerimage: nginx:1.17.9lifecycle:postStart:exec: # 容器创建之后执行(相关命令)修改nginx页面command: [/bin/sh,-c,echo honey /usr/share/nginx/html/index.html]preStop:exec: # 容器停止之后执行停止nginx服务command: [/usr/sbin/nginx,-s,quit ]容器探测
k8s提供了livenessProbe(可用性探针)和readinessProbe(就绪性探针)对容器的健康性进行检测类似心跳机制。 判断我们的应用实例是否存活如果为宕机状态则自动重启同时如果发现该pod无法接受请求则service不会转发到该pod上执行。
存活探针(可用性探针)用于检测容器实例当前是否处于正常运行的状态如果不是正常运行的状态k8s则会重启容器就绪探针(就绪性探针)用于检测应用实例当前是否可以接收请求如果不能接收请求k8s不会将请求转发到该实例
其实非常好理解livenessProbe 判断容器是否重启、readinessProbe 判断是否路由转发
支持三种探测方式
Exec命令在容器内执行一次命令如果命令执行的退出码为0则认为程序正常否则不正常TCPSocket会尝试访问一个用户指定的容器端口如果能够成功建立连接则认为正常否则认为不正常HTTPGet调用容器内Web系统的url如果http状态码是在200和399之间则认为程序正常否则不正常
Exec命令
apiVersion: v1
kind: Pod
metadata:name: pod-execnamespace: bubble-dev
spec:containers:- name: nginximage: nginx:1.17.9ports:- name: nginx-portcontainerPort: 80livenessProbe: # 存活探针(可用性探针)exec: # 执行一个查看文件的命令command: [/bin/cat ,/tmp/honey.txt] 我们可以看到由于没有/tmp/honey.txt这个文件执行的查看命令是失败的所以容器一直在进行重新启动操作
如果将命令修改成pwd则不会有问题
apiVersion: v1
kind: Pod
metadata:name: pod-execnamespace: bubble-dev
spec:containers:- name: nginximage: nginx:1.17.9ports:- name: nginx-portcontainerPort: 80livenessProbe: # 存活探针(可用性探针)exec: # 执行一个pwd的命令command: [/bin/pwd ,/] TCPSocket
apiVersion: v1
kind: Pod
metadata:name: pod-tcpnamespace: bubble-dev
spec:containers:- name: nginximage: nginx:1.17.9ports:- name: nginx-portcontainerPort: 80livenessProbe: # 存活探针(可用性探针)tcpSocket: # 底层会尝试访问容器ip:8080port: 8080将端口号修改成80则不会有问题
apiVersion: v1
kind: Pod
metadata:name: pod-tcpnamespace: bubble-dev
spec:containers:- name: nginximage: nginx:1.17.9ports:- name: nginx-portcontainerPort: 80livenessProbe: # 存活探针(可用性探针)tcpSocket: # 底层会尝试访问容器ip:80port: 80HTTPGet
apiVersion: v1
kind: Pod
metadata:name: pod-httpnamespace: bubble-dev
spec:containers:- name: nginximage: nginx:1.17.9ports:- name: nginx-portcontainerPort: 80protocol: TCPlivenessProbe:httpGet: # 访问指定的scheme://host:port/pathscheme: HTTP # 支持的协议http或者httpsport: 80 # 端口号path: /honey # URI地址 该地址不存在会报错404将URI地址修改成 / 则不会有问题
apiVersion: v1
kind: Pod
metadata:name: pod-httpnamespace: bubble-dev
spec:containers:- name: nginximage: nginx:1.17.9ports:- name: nginx-portcontainerPort: 80protocol: TCPlivenessProbe:httpGet: # 访问指定的scheme://host:port/pathscheme: HTTP # 支持的协议http或者httpsport: 80 # 端口号path: / # URI地址探测时间
容器探测的原理本身就是心跳策略
initialDelaySeconds integer # 容器启动后 等待多少秒 开始执行第一次探测
timeoutSeconds integer # 探测超时时间 默认1秒最小1秒
periodSeconds integer # 执行探测的频率默认是10秒最小1秒
failureThreshold integer # 连续探测失败多少次才被认定为失败默认是3最小值是1
successThreshold integer # 连续探测成功多少次才被认定为成功默认是1apiVersion: v1
kind: Pod
metadata:name: pod-secondsnamespace: bubble-dev
spec:containers:- name: nginximage: nginx:1.17.9ports:- name: nginx-portcontainerPort: 80protocol: TCPlivenessProbe:httpGet: # 访问指定的scheme://host:port/pathscheme: HTTP # 支持的协议http或者httpsport: 80 # 端口号path: /honey # URI地址 该地址不存在会报错404initialDelaySeconds: 10 # 容器启动后10s开始探测 failureThreshold: 2 # 探测2次认为是失败restartPolicy: Never # 设置重启策略为Never 无论状态如何都不会重启重启策略
重启策略有三种
Always出现问题时自动重启该容器默认方式OnFailure容器终止运行且退出码不为0时重启Never不论状态为何都不重启该容器
apiVersion: v1
kind: Pod
metadata:name: pod-restartnamespace: bubble-dev
spec:containers:- name: nginximage: nginx:1.17.9ports:- name: nginx-portcontainerPort: 80protocol: TCPlivenessProbe:httpGet: # 访问指定的scheme://host:port/pathscheme: HTTP # 支持的协议http或者httpsport: 80 # 端口号path: /honey # URI地址 该地址不存在会报错404restartPolicy: Never # 设置重启策略为Never 无论状态如何都不会重启
