探针是由kubelet对容器执行的定期诊断。要执行诊断,kubelet调用由容器实现的Handler。有三种类型的处理程序
ExecAction:在容器内执行指定命令。如果命令退出时返回码为0则认为诊断成功
TCPSockertAction:对指定端口上的容器的ip地址执行TCP检查。如果端口打开,则诊断被认为是成功的
HTTPGetAction:对指定的端口和路劲上的容器的ip地址执行HTTP Get请求。如果响应的状态码大于等于200且小于400,则诊断被认为成功
探测方式
livenessProbe:指示容器是否正在运行。如果存活探测失败,则kubelet会杀死容器,并且容器将受到其重启策略的影响。如果容器不提供存活探针,则默认状态为Success
readinessProbe:指示容器是否准备好服务请求。如果就绪探测失败,端点控制器将从与pod匹配的所有Service的端点中删除该pod的ip地址。初始延迟之前的就绪状态默认为Failure。如果容器不提供就绪探针,则默认为Success
检测探针-就绪检测
rsadinessProbe-httpget
示例
apiVersion: v1
kind: Pod
metadata:
name: readiness-httpget-pod
spec:
containers:
- name: readiness-httpget-container
image: nginx
imagePullPolicy: IfNotPresent //镜像下载策略 如果本地有就不远程下载
readinessProbe: //就绪检测
httpGet: //httpGet检测方案
port: 80
path: /index1.html //检查路劲
initialDelaySeconds: 1 //检测延时 1秒之后开始检测
periodSeconds: 3 //重试检测时间
检测探针-存活检测
livenessProbe-exec
示例
apiVersion: v1
kind: Pod
metadata:
name: liveness-exec-pod
spec
containes:
- name: liveness-exec-container
image: busybox
imagePullPolicy: IfNotPresent
command: ['/bin/sh','-c','touch /tmp/liven; sleep 60; rm -rf /tmp/liven; sleep 3600']
livenessProbe:
exec:
command: ['test','-e','/tmp/liven'] //检测文件是否存在
initiaiDelaySeconds: 1 //检测延时 1秒之后开始检测
periodSeconds: 3 //重试检测时间
检测结果
[root@master yaml]# kubectl get po -w
NAME READY STATUS RESTARTS AGE
liveness-exec-pod 1/1 Running 0 33s
liveness-exec-pod 1/1 Running 1 101s
会反复重启
livenessProbe-httpget
示例
apiVersion: v1
kind: Pod
metadata:
name: liveness-httpget-pod
spec:
containers:
- name: liveness-httpget-container
image: busybox
imagePullPolicy: IfNotPresent
ports:
- name: http
containerPort: 80
livenessProbe:
httpGet:
port: http
path: /index.html
initialDelaySeconds: 1 //检测延时 1秒之后开始检测
periodSeconds: 3 //重试检测时间
timeoutSeconds: 10 //每次访问最大超时时间
检测结果
正常情况
[root@master yaml]# kubectl get po -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
liveness-httpget-pod 1/1 Running 0 19s 10.244.2.57 node2 <none> <none>
[root@master yaml]# curl 10.244.2.57
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
进入容器删除index.html文件再次查看
[root@master yaml]# kubectl exec -it liveness-httpget-pod bash
root@liveness-httpget-pod:/# rm -rf /usr/share/nginx/html/index.html
root@liveness-httpget-pod:/# exit
exit
[root@master yaml]# kubectl get po -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
liveness-httpget-pod 1/1 Running 1 62s 10.244.2.57 node2 <none> <none>
看到pod已经重启
livenessProbe-tcp
示例
apiVersion: v1
kind: Pod
metadata:
name: probe-tcp
spec:
containers:
- name: nginx
image: nginx
livenessProbe:
initialDelaySeconds: 5
periodSeconds: 3
timeoutSeconds: 1
tcpSocket:
port: 88
检测结果
[root@master yaml]# kubectl get po -w
NAME READY STATUS RESTARTS AGE
probe-tcp 1/1 Running 0 6s
probe-tcp 1/1 Running 1 24s
probe-tcp 1/1 Running 2 43s
会发现pod一直重启 原因是设置的tcpSocket与容器的端口连接不上
启动、退出动作
示例
apiVersion: v1
kind: Pod
metadata:
name: lifecycle-demo
spec:
containers:
- name: lifecycle-demo-container
image: nginx
lifecycle:
postStart:
exec:
command: ['/bin/sh','-c','echo hello hello hello > /usr/share/message']
preStop:
exec:
command: ['/bin/sh','-c','echo bye bye bye > /usr/share/message']
Pod的状态可能存在的值
1,挂起(pending):pod已被kubernetes系统接受,但有一个或者多个容器镜像尚未创建,等待时间包括调度pod的时间和通过网络下载镜像的时间,需要花点时间
2,运行中(running):该pod已经绑定到了一个节点上,pod中所有的容器都已被创建,至少一个容器正在运行,或者正处于启动或重启状态
3,成功(succeeded):pod中的所有容器都被成功终止,并且不会再启动
4,失败(failed):pod中的所有容器已经终止,并且至少有一个容器是因为失败终止,也就是说容器以非0状态退出或者被系统终止
5,未知(unknow):因为某些原因无法取得pod的状态,通常是因为pod所在主机通信失败
