是否在 Kubernetes 中为每个容器或每个 pod 定义了运行状况检查?
[英]Are healthchecks defined per container or per pod in Kubernetes?
问题描述
In Google Cloud blog they say that if Readiness probe fails, then traffic will not be routed to a pod .
在Google Cloud 博客中,他们说如果 Readiness 探测失败,那么流量将不会被路由到pod 。 And if Liveliness probe fails, a pod will be restarted.如果 Liveliness 探测失败,则会重新启动一个pod 。
Kubernetes docs they say that the kubelet uses Liveness probes to know if a container needs to be restarted. Kubernetes 文档他们说 kubelet 使用 Liveness 探针来了解容器是否需要重新启动。 And Readiness probes are used to check if a container is ready to start accepting requests from clients. Readiness 探针用于检查容器是否准备好开始接受来自客户端的请求。
My current understanding is that a pod is considered Ready and Alive when all of its containers are ready.我目前的理解是,当一个 pod 的所有容器都准备好时,它就被认为是 Ready and Alive。 This in turn implies that if 1 out of 3 containers in a pod fails, then the entire pod will be considered as failed (not Ready / not Alive).这反过来意味着,如果 pod 中的 3 个容器中有 1 个发生故障,则整个 pod 将被视为失败(未就绪/未激活)。 And if 1 out of 3 containers was restarted, then it means that the entire pod was restarted.如果 3 个容器中有 1 个被重启,那么就意味着整个 pod 都被重启了。 Is this correct?这个对吗?
2 个解决方案
解决方案1
4 已采纳 2021-03-09 10:25:44
A Pod is ready only when all of its containers are ready.只有当所有容器都准备好时, Pod才准备就绪。 When a Pod is ready, it should be added to the load balancing pools of all matching Services because it means that this Pod is able to serve requests.当一个 Pod 准备好后,它应该被添加到所有匹配的服务的负载均衡池中,因为这意味着这个 Pod 能够服务请求。
As you can see in the Readiness Probe documentation :正如您在Readiness Probe 文档中看到的那样:
The kubelet uses readiness probes to know when a container is ready to start accepting traffic.
Using readiness probe can ensure that traffic does not reach a container that is not ready for it.使用就绪探测可以确保流量不会到达尚未准备好的容器。
Using liveness probe can ensure that container is restarted when it fail ( the kubelet will kill and restart only the specific container).使用liveness probe可以确保容器在失败时重启(kubelet 只会杀死并重启特定的容器)。
Additionally, to answer your last question, I will use an example:此外,为了回答您的最后一个问题,我将使用一个示例:
And if 1 out of 3 containers was restarted, then it means that the entire pod was restarted.
Let's have a simple Pod manifest file with livenessProbe for one container that always fails:让我们为一个总是失败的容器创建一个带有livenessProbe的简单Pod清单文件:
---
# web-app.yml
apiVersion: v1
kind: Pod
metadata:
labels:
run: web-app
name: web-app
spec:
containers:
- image: nginx
name: web
- image: redis
name: failed-container
livenessProbe:
httpGet:
path: /healthz # I don't have this endpoint configured so it will always be failed.
port: 8080
After creating web-app Pod and waiting some time, we can check how the livenessProbe works:创建web-app Pod并等待一段时间后,我们可以检查livenessProbe的工作原理:
$ kubectl describe pod web-app
Name: web-app
Namespace: default
Containers:
web:
...
State: Running
Started: Tue, 09 Mar 2021 09:56:59 +0000
Ready: True
Restart Count: 0
...
failed-container:
...
State: Waiting
Reason: CrashLoopBackOff
Last State: Terminated
Reason: Completed
Exit Code: 0
Ready: False
Restart Count: 7
...
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
...
Normal Killing 9m40s (x2 over 10m) kubelet Container failed-container failed liveness probe, will be restarted
...
As you can see, only the failed-container container was restarted ( Restart Count: 7 ).如您所见,仅重新启动了failed-container容器( Restart Count: 7 )。
More information can be found in the Liveness, Readiness and Startup Probes documentation .更多信息可以在Liveness、Readiness 和 Startup Probes 文档中找到。
解决方案2
1 2021-03-09 05:35:47
For Pods with multiple containers, we do have an option to restart only single containers conditions applied it have required access.对于具有多个容器的 Pod,我们确实可以选择仅重新启动单个容器条件应用它需要访问。
Command:命令:
kubectl exec POD_NAME -c CONTAINER_NAME "Command used for restarting the container"
Such that required POD is not deleted and k8s doesn't need to recreate the POD.这样所需的 POD 不会被删除,并且 k8s 不需要重新创建 POD。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.