这是我参与更文挑战的第4天,活动详情查看: 更文挑战
「本文已参与 周末学习计划,点击查看详情 」
探针
探针(Probe)是由kubelet对容器进行的定期诊断。注意,探针的目标是容器而不是pod。
探针可以执行如下三种操作:
ExecAction
在容器内执行指定命令,如果命令退出时返回码为0,则认为成功
TCPSocketAction
对指定容器的IP+端口进行TCP检测,类似于telnet操作,如果端口为开,则认为成功
HTTPGetAction
对指定的容器IP地址进行GET请求,如果HTTP响应码大于等于200且小于400,则认为成功
每次探测都会返回如下三种结果之一:
容器通过探测 容器未通过探测 未知,即探测本身失败 然后根据探测方式又可以分为如下两类
readinessProbe 就绪探针,指示容器是否准备好服务请求。如果失败,该pod将会从所有匹配的service中被移除。如果容器不提供就绪探针,则默认为Success。对应容器的ready状态。
livenessProbe 存活探针,指示容器是否正在运行。如果失败,则kubelet会杀死容器,并根据restartPolicy决定是否重启容器。如果容器不提供存活探针,则默认为Succes。
探针实例操作 下面分别针对两种探针做一下实例操作
readinessProbe操作 通过yaml文件test-readiness-httpget.yaml来创建一个带就绪探针的pod
apiVersion: v1
kind: Pod
metadata:
name: test-readiness-httpget
namespace: default
labels:
app: myapp
version: v1
spec:
containers:
- name: mynginx
image: nginx
imagePullPolicy: IfNotPresent
readinessProbe:
httpGet:
port: 80
path: /fake_index.html
initialDelaySeconds: 1
periodSeconds: 3
可以看到主容器使用nginx镜像,如果访问pod_ip:80/fake_index.html的返回码不在200到400之间则认为容器还没有就绪
创建容器,查看状态
[root@k8s-master k8s-test]# kubectl apply -f test-readiness-httpget.yaml
pod/test-readiness-httpget created
[root@k8s-master k8s-test]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
curl-6bf6db5c4f-kljp4 1/1 Running 1 2d2h 10.244.1.2 k8s-node1 <none> <none>
hellok8s 2/2 Running 0 31h 10.244.1.6 k8s-node1 <none> <none>
test-init-main 1/1 Running 6 9h 10.244.1.8 k8s-node1 <none> <none>
test-readiness-httpget 0/1 Running 0 6s 10.244.1.10 k8s-node1 <none> <none>
可以看到pod状态虽然是running,但是其中的容器却还没有显示ready状态。进去看一下pod的详细信息
[root@k8s-master k8s-test]# kubectl describe pod test-readiness-httpget
Name: test-readiness-httpget
Namespace: default
Priority: 0
Node: k8s-node1/172.29.56.176
Start Time: Thu, 30 Apr 2020 18:48:41 +0800
Labels: app=myapp
version=v1
Annotations: kubectl.kubernetes.io/last-applied-configuration:
{"apiVersion":"v1","kind":"Pod","metadata":{"annotations":{},"labels":{"app":"myapp","version":"v1"},"name":"test-readiness-httpget","name...
Status: Running
IP: 10.244.1.10
Containers:
mynginx:
Container ID: docker://272b07aca3c7b9900f6fe91d7418c03315d5f079553c4108f20cd36aadc48f65
Image: nginx
Image ID: docker-pullable://nginx@sha256:86ae264c3f4acb99b2dee4d0098c40cb8c46dcf9e1148f05d3a51c4df6758c12
Port: <none>
Host Port: <none>
State: Running
Started: Thu, 30 Apr 2020 18:48:42 +0800
Ready: False
Restart Count: 0
Readiness: http-get http://:80/fake_index.html delay=1s timeout=1s period=3s #success=1 #failure=3
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from default-token-hln8x (ro)
Conditions:
Type Status
Initialized True
Ready False
ContainersReady False
PodScheduled True
Volumes:
default-token-hln8x:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-hln8x
Optional: false
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s
node.kubernetes.io/unreachable:NoExecute for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 2m33s default-scheduler Successfully assigned default/test-readiness-httpget to k8s-node1
Normal Pulled <invalid> kubelet, k8s-node1 Container image "nginx" already present on machine
Normal Created <invalid> kubelet, k8s-node1 Created container mynginx
Normal Started <invalid> kubelet, k8s-node1 Started container mynginx
Warning Unhealthy <invalid> (x22 over <invalid>) kubelet, k8s-node1 Readiness probe failed: HTTP probe failed with statuscode: 404
在最下面的Events中可以看到,因为就绪探针返回了404,所以失败,进而导致容器不能处于ready状态。
这个时候进入pod中的容器,人为添加一个目标文件
[root@k8s-master k8s-test]# kubectl exec test-readiness-httpget -it -- /bin/bash
root@test-readiness-httpget:/# echo "hello fake index" > /usr/share/nginx/html/fake_index.html
root@test-readiness-httpget:/# exit
exit
进入容器的命令为kubectl exec <pod_name> -c <container_name> -it -- ,如果pod里面只有一个容器的话可以省略容器名。这里就是运行容器内的bash,并创建了一个目标文件。
再次查看发现容器已经就绪,并且也可以获取到刚才添加的文件内容
