健康性探测
健康性探测可主要分为:startupProbe、livenessProbe和readinessProbe
用于探测的三种探针:
ExecAction: 在容器中执行一个命令,返回码为0表示成功;
TCPSocketAction: 通过与容器的某个TCP端口建立连接,端口打开即认为成功;
HTTPGetAction:通过向容器IP地址的某端口发送get请求组,状态码为200-400表示成功;
探测结果是3种
seccess:探测通过;
failure:探测不通过;
unknown:探测失败,不会采取任何行动
探测时的主要参数:
failureThreshold:探测失败几次认为任务失败,默认3次,最小1次;
initialDelaySeconds: 容器启动多久以后开始探测;
periodSeconds:探测周期,默认10s,最小1s;
successThreshold:连续探测多久可认为探测成功,默认1次,livenessprobe和startupprobe只能为1;
timeoutSeconds:每次探测的超时时间,默认1s;
startupProbe示例
apiVersion: v1
kind: Pod
metadata:
name: startup-probe
labels:
func: startup-probe
spec:
containers:
- name: nginx
image: docker.io/library/nginx:stable-alpine-perl
imagePullPolicy: IfNotPresent
ports:
- containerPort: 80
lifecycle:
postStart:
exec:
command: ["/bin/sh","-c","echo this is a nginx server in container, and the ip is $(ip add show eth0 | grep -w inet | awk '{print $2}') > /usr/share/nginx/html/index.html" ]
startupProbe:
periodSeconds: 10
initialDelaySeconds: 20
periodSeconds: 5
successThreshold: 1
tcpSocket:
port: 80
[root@master-worker-node-1 pod]# kubectl apply -f test-healthcheck.yaml
pod/startup-probe created
[root@master-worker-node-1 ~]# kubectl get pods -o wide -w
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
startup-probe 0/1 Running 0 4s 10.244.31.47 only-worker-node-3 <none> <none>
startup-probe 0/1 Running 0 25s 10.244.31.47 only-worker-node-3 <none> <none>
startup-probe 1/1 Running 0 25s 10.244.31.47 only-worker-node-3 <none> <none>
如果探测失败,将kill容器,并根据重启策略(默认是always)重启pod
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 37s default-scheduler Successfully assigned default/startup-probe to only-worker-node-3
Warning Unhealthy 2s (x3 over 12s) kubelet Startup probe failed: dial tcp 10.244.31.48:1080: connect: connection refused
Normal Killing 2s kubelet Container nginx failed startup probe, will be restarted
Normal Pulled 1s (x2 over 36s) kubelet Container image "docker.io/library/nginx:stable-alpine-perl" already present on machine
Normal Created 1s (x2 over 36s) kubelet Created container nginx
Normal Started 1s (x2 over 35s) kubelet Started container nginx
startupProbe探测是一次性行为验证
cat > test-startupProbe <<eof
apiVersion: v1
kind: Pod
metadata:
name: centos
namespace: default
labels:
func: test
spec:
restartPolicy: OnFailure
containers:
- name: centos
image: tomcat
imagePullPolicy: IfNotPresent
command: ['/bin/bash','-c','/usr/local/tomcat/bin/startup.sh; sleep 120; /usr/local/tomcat/bin/shutdown.sh']
startupProbe:
timeoutSeconds: 3
tcpSocket:
port: 8080
initialDelaySeconds: 30
periodSeconds: 10
eof
livenessPorbe
readinessProbe
livenessProbe和readinessProbe的语法和startupProbe基本一样,探测的方法也是哪几种,只是各自的功能各不相同。
小结
健康性探测主要有三种,startupProbe livenessProbe 和 readinessProbe,三种探测的方法和主要参数都一致
startupProbe主要用于启动后探测,他是一次性行为,如果探测不成功,将kill容器。此时根据容器的重启策略进行操作,默认为always,因此,如果探测不成功,将kill容器,重启容器,反复进行。但是如果启动探测成功以后,运行一段时间,正常退出,退出码为0,那么将不会重启
livenessProbe主要用于存活性探测,主要用于在容器异常的时候杀死容器,并根据重启策略进行重启。
readinessProbe主要用于服务就绪性探测,主要用于将pod加到service后端endpoint的场景,保证服务可用才加入
liveness和readiness两种探测的配置方法完全一样,支持的配置参数也一样。不同之处在于探测失败后的行为: Liveness探测是重启容器; Readiness探则是将容器设置为不可用,不接收 Service转发的请求。
Liveness探测和 Readiness探测是独立执行的,二者之间没有依赖,所以可以单独使用,也可以同时使用。用Liveness探判断容器是否需要重启以实现自愈:用 Readiness探测判断容器是否已经准备好对外提供服务。