重启策略
简介:
Always: 当容器终止退出后,总是重启容器,默认策略。
OnFailure: 当容器异常退出(退出状态码非0)时,才重启容器。
Never:当容器终止退出,从不重启容器。
[root@master ~]# kubectl explain pod.spec.restartPolicy
KIND: Pod
VERSION: v1
FIELD: restartPolicy <string>
DESCRIPTION:
Restart policy for all containers within the pod. One of Always, OnFailure,
Never. Default to Always. More info:
https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy
修改为Never
[root@master ~]# cat pod.yaml
apiVersion: v1
kind: Pod
metadata:
name: pod-1
namespace: xialuo
labels:
app: myweb
spec:
containers:
- name: web1
image: nginx
- name: busybox
image: busybox
command:
- '/bin/sh'
- '-c'
- 'sleep 36000'
restartPolicy: Never #默认的话不用修改,改为never后停止容器不会重启
[root@master ~]# kubectl apply -f pod.yaml
pod/pod-1 created
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
pod-1 2/2 Running 0 3m2s
[root@master ~]# kubectl get pods -o wide -w #-w实时监控,在node2上面用docker命令关上其中一个,发现不会重启
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
pod-1 2/2 Running 0 11m 10.244.2.26 node2 <none> <none>
pod-1 1/2 NotReady 0 11m 10.244.2.26 node2 <none> <none>
修改为Always
[root@master ~]# cat pod.yaml
apiVersion: v1
kind: Pod
metadata:
name: pod-1
namespace: xialuo
labels:
app: web
spec:
containers:
- name: web1
image: nginx
- name: busybox
image: busybox
command:
- '/bin/sh'
- '-c'
- 'sleep 36000'
restartPolicy: Always #改为Always
#删除原来的pod.yaml ,重启启动一个新的pod
[root@master ~]# kubectl delete -f pod.yaml
pod "pod-1" deleted
[root@master ~]# kubectl apply -f pod.yaml
pod/pod-1 created
启动好后,在node2上停止nginx
[root@master ~]# kubectl get pods -o wide -w
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
pod-1 2/2 Running 0 17m 10.244.2.26 node2 <none> <none>
pod-1 1/2 NotReady 0 17m11s 10.244.2.26 node2 <none> <none>
pod-1 2/2 Running 1 17m27s 10.244.2.26 node12 <none> <none>
等待一定的时间后会重启
健康检查类型
livenessProbe (存活检查) :如果检查失败,将杀死容器,根据Pod的restartPolicy来操作。
readinessProbe (就绪检查) :如果检查失败,Kubernetes会把Pod从service endpoints中剔除。
[root@master ~]# kubectl explain pods.spec.containers.livenessProbe
KIND: Pod
VERSION: v1
RESOURCE: livenessProbe <Object>
DESCRIPTION:
Periodic probe of container liveness. Container will be restarted if the
probe fails. Cannot be updated. More info:
https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
......
[root@master ~]# cat pod.yaml
apiVersion: v1
kind: Pod
metadata:
name: pod-1
namespace: xialuo
labels:
app: web
spec:
containers:
- name: web1
image: nginx
livenessProbe:
httpGet:
port: 80
- name: busybox
image: busybox
command:
- '/bin/sh'
- '-c'
- 'sleep 36000'
restartPolicy: Always
#检查80端口能否访问,能访问就不重启,不能访问就重启。
[root@master ~]# kubectl apply -f pod.yaml
pod/liveness-exec created
[root@master ~]# kubectl describe pods liveness-exec
Name: liveness-exec
Namespace: default
Priority: 0
Node: node2/192.168.149.134
Start Time: Tue, 31 Aug 2021 12:30:31 -0400
Labels: test=liveness-exec
Annotations: <none>
Status: Running
IP: 10.244.2.48
IPs:
IP: 10.244.2.48
Containers:
liveness-demo:
Container ID: docker://6eb2d92e19b18ad00d3b0bda3c398334a663724cf9dbbd6ed9940ce210ce9d0c
Image: busybox
Image ID: docker-pullable://busybox@sha256:b37dd066f59a4961024cf4bed74cae5e68ac26b48807292bd12198afa3ecb778
Port: <none>
Host Port: <none>
Args:
/bin/sh
-c
touch /tmp/healthy; sleep 60; rm -rf /tmp/healthy; sleep 600
State: Running
Started: Tue, 31 Aug 2021 12:30:47 -0400
Ready: True
Restart Count: 0
Liveness: exec [test -e /tmp/healthy] delay=15s timeout=1s period=10s #success=1 #failure=3
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from default-token-qk2gj (ro)
Conditions:
Type Status
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
default-token-qk2gj:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-qk2gj
Optional: false
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 37s default-scheduler Successfully assigned default/liveness-exec to node2
Normal Pulling 36s kubelet Pulling image "busybox"
Normal Pulled 21s kubelet Successfully pulled image "busybox" in 15.41116085s
Normal Created 21s kubelet Created container liveness-demo
Normal Started 21s kubelet Started container liveness-demo
[root@master ~]# kubectl get pods liveness-exec #重启了零次
NAME READY STATUS RESTARTS AGE
liveness-exec 1/1 Running 0 114s
与重启策略相结合使用
支持的检查方式:
httpGet:发送HTTP请求,返回200-400范围状态码为成功。
exec: 执行hell命令返回状态码是0为成功。
tcpSocket:发起TCP Socket建立成功。
环境变量
变量值几种定义方式:
- 自定义变量值
- 变量值从Pod属性获取
- 变量值从Secrt,ConfigMap
初始化容器
Init Container:用于初始化工作,执行完就结束(一次性任务)
- 支持大部分应用容器配置,但不支持健康检查
- 优先应用容器执行
应用场景:
- 环境检查:例如确保应用容器依赖的服务启动后再启动应用容器
- 初始化配置:例如给应用容器准备配置文件
步骤:创建一个有初始化容器的Pod
创将一个Pod,该Pod中包含一个应用容器和初始化容器。在应用容器开始之前,初始化容器的初始化任务已经完成。文件名:pod.yaml
- 这里部署一个web网站,网站程序没有打到镜像中,而是希望从代码仓库中动态拉取放到应用容器中
[root@master ~]# cat init.yaml
apiVersion: v1
kind: Pod
metadata:
name: init-pod
namespace: default
spec:
initContainers:
- name: download
image: busybox
command:
- "wget"
- "-O"
- "/opt/index.html"
- http://www.baidu.com
volumeMounts:
- name: wwwroot
mountPath: "/opt"
containers:
- name: nginx
image: nginx
volumeMounts:
- name: wwwroot
mountPath: /usr/share/nginx/html
volumes:
- name: wwwroot
emptyDir: {}
#创建
[root@master ~]# kubectl apply -f init.yaml
pod/init-pod created
[root@master ~]# kubectl get pods #查看pod,发现在进行初始化
NAME READY STATUS RESTARTS AGE
init-pod 0/1 Init:0/1 0 5s
[root@master ~]# kubectl get pods #等待一定时间后会进入运行
NAME READY STATUS RESTARTS AGE
init-pod 1/1 Running 0 4m50s
查看容器状态
[root@master ~]# kubectl describe pod init-pod
Name: init-pod
Namespace: default
Priority: 0
Node: node2/192.168.149.134
Start Time: Wed, 01 Sep 2021 00:50:43 -0400
Labels: <none>
Annotations: <none>
Status: Running
IP: 10.244.2.60
IPs:
IP: 10.244.2.60
Init Containers:
download:
Container ID: docker://c17dd7674ed897ccbce88c0f8f87d367e364213bb07f8855f14c7f0eac38cea7
Image: busybox
Image ID: docker-pullable://busybox@sha256:b37dd066f59a4961024cf4bed74cae5e68ac26b48807292bd12198afa3ecb778
Port: <none>
Host Port: <none>
Command:
wget
-O
/opt/index.html
http://www.baidu.com
State: Terminated
Reason: Completed
Exit Code: 0
Started: Wed, 01 Sep 2021 00:52:57 -0400
Finished: Wed, 01 Sep 2021 00:52:57 -0400
Ready: True
Restart Count: 0
Environment: <none>
Mounts:
/opt from wwwroot (rw)
/var/run/secrets/kubernetes.io/serviceaccount from default-token-qk2gj (ro)
Containers:
nginx:
Container ID: docker://c4ecf6f4e7a0deec6a7e94fd0459af382787e2fafc79a5c763637d9508b91dbc
Image: nginx
Image ID: docker-pullable://nginx@sha256:4d4d96ac750af48c6a551d757c1cbfc071692309b491b70b2b8976e102dd3fef
Port: <none>
Host Port: <none>
State: Running
Started: Wed, 01 Sep 2021 00:54:42 -0400
Ready: True
Restart Count: 0
Environment: <none>
Mounts:
/usr/share/nginx/html from wwwroot (rw)
/var/run/secrets/kubernetes.io/serviceaccount from default-token-qk2gj (ro)
Conditions:
Type Status
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
wwwroot:
Type: EmptyDir (a temporary directory that shares a pod's lifetime)
Medium:
SizeLimit: <unset>
default-token-qk2gj:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-qk2gj
Optional: false
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 6m28s default-scheduler Successfully assigned default/init-pod to node2
Normal Pulling 6m27s kubelet Pulling image "busybox"
Normal Pulled 4m15s kubelet Successfully pulled image "busybox" in 2m12.721075796s
Normal Created 4m15s kubelet Created container download
Normal Started 4m14s kubelet Started container download
Normal Pulling 4m14s kubelet Pulling image "nginx"
Normal Pulled 2m29s kubelet Successfully pulled image "nginx" in 1m44.480401005s
Normal Created 2m29s kubelet Created container nginx
Normal Started 2m29s kubelet Started container nginx
如果失败init容器默认会在State中显示CrashLoopBackOff (重启/异常),在Reason会显示Error
State 代表状态
Reason 原因
Terminated 终止
Completed 完成
深入理解Pod对象:调度
调度约束
创建一个pod的过程:
总体来说:用户创建完pod提交至API server,之后写入Etcd,Api server的watch方法通知Scheduler有pod需要调度,Scheduler将调度完的列表响应给Api server,Api server将列表信息写入etcd,Apiserver通知node节点上的kubelet,kubelet绑定自身的pod,然后run docekr 返回给Api server,将机器状态写入etcd。
2946
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
