一、pod的进阶
pod的进阶:
1.1、pod的生命周期当中的状态:
1、Running运行中,pod已经分配到节点上且pod内的容器正常运行。正常状态(ready 1/1)。
2、complete:完成之后退出,容器内的返回码是0,echo $?(表示容器正常运行结束)
3、pending:挂起状态,pod已经创建好了,但是没有被分配到节点上。
面试题:出现pending状态如何解决?
-
1、节点上的资源不足 nginx------node1 node1---->换个节点
-
2、污点,节点上设置了污点标签,导致节点不可部署
-
3、pv,节点上没有合适的pv挂载点(手动),创建pv失败。(手动,自动)
-
4、网络原因,防火墙导致节点不可用。
-
5、swap没有关闭,k8s禁止使用交换分区。
-
6、HostPort已经被占用,NodePort节点上的端口被占用,也会pending。
-
7、ImagePullBackOff:镜像拉取失败
-
8、CrashLoopBackOff:容器已经启动了,但是异常退出了,可以看日志,或者查看详细信息情况。
-
9、error:pod启动过程中报错,日志可以查询。
-
10、PodInitializing:初始化中(pod内部有初始化init容器)
-
11、Evicte:pod被驱逐。
pod状态一览:
CrashLoopBackOff: 容器退出,kubelet正在将它重启
InvalidImageName: 无法解析镜像名称
ImageInspectError: 无法校验镜像
ErrImageNeverPull: 策略禁止拉取镜像
ImagePullBackOff: 正在重试拉取
RegistryUnavailable: 连接不到镜像中心
ErrImagePull: 通用的拉取镜像出错
CreateContainerConfigError: 不能创建kubelet使用的容器配置
CreateContainerError: 创建容器失败
m.internalLifecycle.PreStartContainer 执行hook报错
RunContainerError: 启动容器失败
PostStartHookError: 执行hook报错
ContainersNotInitialized: 容器没有初始化完毕
ContainersNotReady: 容器没有准备完毕
ContainerCreating: 容器创建中
PodInitializing:pod 初始化中
DockerDaemonNotReady: docker还没有完全启动
NetworkPluginNotReady: 网络插件还没有完全启动
Evicte: pod被驱赶
4、Failed:失败:容器内的返回码是非0状态退出,进入失败状态。
logs -f 可以查看pod的日志 describe pod 查看pod的详细情况,也可以查询到错误原因。
5、Terminating(终止中)
pod正在删除中。
6、Unknown:未知
集群出现问题了,API出现了问题,或者是API server和调度器之间通信有问题(证书过期)。
1.2、资源限制
docker cpu 100000
内存 m g
k8s cpu 最小单位 100m 0.1 一个cpu的10%
1000m 1 沾满一个cpu
500m 0.5 占cpu的50%
2 占2个cpu
内存:单位 Ki Mi Gi Ti
1、cpu和内存做资源限制
[root@master01 k8s-yaml]# vim test1.yml
#定义api接口的版本
apiVersion: v1
kind: Pod
metadata:
name: nginx1
labels:
app: nginx1
spec:
containers:
- name: nginx
image: nginx:1.22
resources:
requests:
cpu: "0.5"
memory: "512Mi"
#软限制,最低的要求,可以不做
limits:
cpu: "1"
memory: "1Gi"
#硬策略,最多使用这么多
[root@master01 k8s-yaml]# kubectl apply -f test1.yml
pod/nginx1 created
[root@master01 k8s-yaml]# kubectl describe pod nginx1
Limits:
cpu: 1
memory: 1Gi
Requests:
cpu: 500m
memory: 512Mi
二、探针probe:(面试必问)
探针是对容器执行定期的检查。
2.1、启动探针
探针:启动探针,在容器启动时,根据条件判断容器是否成功。如果有启动探针和其他探针并列。只有启动探针执行完毕(成功),后续的探针才会执行,启动探针失败,整个容器判定为失败,pod也会进入失败状态。
在整个容器的生命周期当中,只有启动探针在启动时执行,执行成功之后,后续不再执行。
startupProbe
2.2、存活探针
存活探针:livenessProbe 探测容器是否正常运行(Running),如果探测失败,会根据pod的重启策略来决定是否重启。
将伴随整个pod的生命周期。
2.3、就绪探针
就绪探针:readinessProbe 探测pod的状态是否进入ready,如果进入ready状态失败,service将会把这个pod的ip从转发中移除。
service不会把请求转发到这个pod
nginx1 --3 node1 node2 node3
nginx1-pod 10.244.0.10
nginx1-pod2 10.244.0.11-------------service----------NodePort 192.168.168.81:30001
nginx1-pod3 10.244.0.12----------ready 0/1
就绪探针没有检测成功或者失败,pod可能是running,但是ready一定是0/1。
存活探针一般用于容器内的配置文件或者是关键组件是否正常。
就绪探针一般用于指定端口的服务,需要对外提供访问的业务。
这两个探针都会伴随整个pod的生命周期。
2.4、probe的检测方法:
1、exec方法:就是进入容器内,指定命令,命令的返回码是0就是成功,非0都是失败。
在容器内使用自定义命令来检测容器内的健康状况,判断关键配置文件是否存在,依赖环境是否完整等等。
2、tcpSocket方法:对容器的ip地址进行tcp检查(三次握手),和指定的端口进行连接,如果三次握手和端口通信建立连接正常。
则认为成功,判断容器的端口是否正常启动,端口是否处于监听状态。
3、httpGet方法:对容器内的ip+端口进行http请求,请求的方式是get。响应码大于等于200且小于400,都是成功。
200=<x<400,主要应用于web容器。
结果:
1、成功。
2、失败。定义了容器的重启策略,容器会进行重启。
3、未知。探针失败,但是不会采取任何行动。
2.5、lifecycle字段:
2.5、容器钩子:
1、postStart----启动钩子
postStart:容器启动时立即执行的命令,执行容器内需要执行的初始化命令,等待依赖环境。
2、preStop----停止钩子
preStop:停止之前执行的任务,清理任务,同步文件等等(导出容器内的数据)。
1、启动任务失败,pod能否进入正常状态
2、停止任务失败,pod能否退出
3、如果和探针一起,启动失败的任务影响探针嘛?
影响,优先级大于启动探针
容器的启动的钩子----->启动探针-------->存活和就绪探针
存活探针
[root@master01 k8s-yaml]# vim test2.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: centos
labels:
app: centos7
spec:
replicas: 1
selector:
matchLabels:
app: centos7
template:
metadata:
labels:
app: centos7
spec:
#定义pod的容器参数
containers:
- name: centos7
image: centos:7
command: ["/bin/bash","-c","touch /opt/123.txt && sleep 3600"]
livenessProbe:
exec:
command: ["/usr/bin/test","-e","/opt/123.txt"]
initialDelaySeconds: 1
#initialDelaySeconds: 表示容器启动之后多少秒开始第一次探测,1是秒,要等待应用程
#序准备好之后再探测。以避免结果有误。
periodSeconds: 3
#在pod的生命周期内,探针的检测时间间隔是3秒 ,也没有固定的范围,根据业务容器的>情况来看,比较敏感的检测时间,可以缩短时间间隔
#在pod的生命周期内,探针的检测时间间隔是3秒,也没有固定的范围,根据业务容器的情
况来看,比较敏感的检测时间,可以缩短时间间隔
failureThreshold: 2
#表示次数,表示探针检测容器失败几次就把容器标记为不健康。
timeoutSeconds: 1
#timeoutSeconds的时间必须小于periodSeconds,表示探针在多少时间之内完成探测。
successThreshold: 1
#只要探针成功一次,就把容器标记为健康,这个值只能是1,默认也是1,可以不写。
[root@master01 k8s-yaml]# kubectl apply -f test2.yaml
deployment.apps/centos created
[root@master01 k8s-yaml]# kubectl get pod
[root@master01 k8s-yaml]# kubectl describe pod centos-6746885856-pvd88
Liveness: exec [/usr/bin/test -e /opt/123.txt] delay=1s timeout=1s period=3s #success=1 #failure=2
##删除文件,触发存活探针
[root@master01 k8s-yaml]# kubectl exec -it centos-6746885856-nvndp
error: you must specify at least one command for the container
[root@master01 k8s-yaml]# kubectl exec -it centos-6746885856-nvndp bash
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead.
[root@centos-6746885856-nvndp /]# cd /opt/
[root@centos-6746885856-nvndp opt]# ls
123.txt
[root@centos-6746885856-nvndp opt]# rm -rf *
[root@centos-6746885856-nvndp opt]# exit
exit
[root@master01 k8s-yaml]# kubectl describe pod centos-6746885856-nvndp
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 71s default-scheduler Successfully assigned default/centos-6746885856-nvndp to node02
Normal Pulled 70s kubelet Container image "centos:7" already present on machine
Normal Created 70s kubelet Created container centos7
Normal Started 70s kubelet Started container centos7
Warning Unhealthy 1s (x2 over 4s) kubelet Liveness probe failed:
Normal Killing 1s kubelet Container centos7 failed liveness probe, will be restarted
探针的优化(面试)
initialDelaySeconds: 1
#initialDelaySeconds: 表示容器启动之后多少秒开始第一次探测,1是秒,要等待应用程
#序准备好之后再探测。以避免结果有误。
periodSeconds: 3
#在pod的生命周期内,探针的检测时间间隔是3秒 ,也没有固定的范围,根据业务容器的>情况来看,比较敏感的检测时间,可以缩短时间间隔
#在pod的生命周期内,探针的检测时间间隔是3秒,也没有固定的范围,根据业务容器的情
况来看,比较敏感的检测时间,可以缩短时间间隔
failureThreshold: 2
#表示次数,表示探针检测容器失败几次就把容器标记为不健康。
timeoutSeconds: 1
#timeoutSeconds的时间必须小于periodSeconds,表示探针在多少时间之内完成探测。
successThreshold: 1
#只要探针成功一次,就把容器标记为健康,这个值只能是1,默认也是1,可以不写。
存活探针不设置参数
[root@master01 k8s-yaml]# vim test3.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: centos
labels:
app: centos7
spec:
replicas: 1
selector:
matchLabels:
app: centos7
template:
metadata:
labels:
app: centos7
spec:
#定义pod的容器参数
containers:
- name: centos7
image: centos:7
command: ["/bin/bash","-c","touch /opt/123.txt && sleep 3600"]
livenessProbe:
exec:
command: ["/usr/bin/test","-e","/opt/123.txt"]
# initialDelaySeconds: 1
#initialDelaySeconds: 表示容器启动之后多少秒开始第一次探测,1是秒,要等待应用程
#序准备好之后再探测。以避免结果有误。
# periodSeconds: 3
#在pod的生命周期内,探针的检测时间间隔是3秒 ,也没有固定的范围,根据业务容器的>情况来看,比较敏感的检测时间,可以缩短时间间隔
#在pod的生命周期内,探针的检测时间间隔是3秒,也没有固定的范围,根据业务容器的情
况来看,比较敏感的检测时间,可以缩短时间间隔
# failureThreshold: 2
#表示次数,表示探针检测容器失败几次就把容器标记为不健康。
# timeoutSeconds: 1
#timeoutSeconds的时间必须小于periodSeconds,表示探针在多少时间之内完成探测。
# successThreshold: 1
#只要探针成功一次,就把容器标记为健康,这个值只能是1,默认也是1,可以不写。
[root@master01 k8s-yaml]# kubectl get pod
[root@master01 k8s-yaml]# kubectl describe pod centos-596c98dd98-wwfbl
Liveness: exec [/usr/bin/test -e /opt/123.txt] delay=0s timeout=1s period=10s #success=1 #failure=3
存活探针检测方法为tcp-80
[root@master01 k8s-yaml]# vim test3.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx
labels:
app: centos7
spec:
replicas: 1
selector:
matchLabels:
app: centos7
template:
metadata:
labels:
app: centos7
spec:
#定义pod的容器参数
containers:
- name: nginx
image: nginx:1.22
livenessProbe:
tcpSocket:
port: 80
[root@master01 k8s-yaml]# kubectl apply -f test3.yaml
deployment.apps/nginx created
[root@master01 k8s-yaml]# kubectl get pod
[root@master01 k8s-yaml]# kubectl describe pod nginx-585c6b6f4b-kfrjv
Liveness: tcp-socket :80 delay=0s timeout=1s period=10s #success=1 #failure=3
存活探针检测方法为tcp-81
[root@master01 k8s-yaml]# vim test3.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx
labels:
app: centos7
spec:
replicas: 1
selector:
matchLabels:
app: centos7
template:
metadata:
labels:
app: centos7
spec:
#定义pod的容器参数
containers:
- name: nginx
image: nginx:1.22
livenessProbe:
tcpSocket:
port: 81
[root@master01 k8s-yaml]# kubectl get pod -o wide
nginx-654cfc659-nlkzh 0/1 CrashLoopBackOff 4 2m28s 10.244.2.91 node02 <none>
[root@master01 k8s-yaml]# kubectl describe pod nginx-654cfc659-nlkzh
存活探针检测方法为http-81
[root@master01 k8s-yaml]# vim test3.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx
labels:
app: centos7
spec:
replicas: 1
selector:
matchLabels:
app: centos7
template:
metadata:
labels:
app: centos7
spec:
#定义pod的容器参数
containers:
- name: nginx
image: nginx:1.22
livenessProbe:
httpGet:
port: 80
scheme: HTTP
path: /index.html
[root@master01 k8s-yaml]# kubectl apply -f test3.yaml
[root@master01 k8s-yaml]# kubectl get pod -o wide
[root@master01 k8s-yaml]# kubectl describe pod nginx-5859bfdf9f-xbqnn
Liveness: http-get http://:80/index.html delay=0s timeout=1s period=10s #success=1 #failure=3
启动探针检测方法为http-80+就绪探针--exec指定命令检测文件是否存在
[root@master01 k8s-yaml]# vim test3.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx
labels:
app: centos7
spec:
replicas: 1
selector:
matchLabels:
app: centos7
template:
metadata:
labels:
app: centos7
spec:
#定义pod的容器参数
containers:
- name: nginx
image: nginx:1.22
livenessProbe:
startupProbe:
httpGet:
port: 80
scheme: HTTP
path: /index.html
readinessProbe:
exec:
command: ["/usr/bin/test","-e","/etc/passwd"]
[root@master01 k8s-yaml]# kubectl apply -f test3.yaml
[root@master01 k8s-yaml]# kubectl get pod -o wide
[root@master01 k8s-yaml]# kubectl describe pod nginx-76f8b6d4f7-xt4mp
#scheme:调用的协议(http)
#path:path: /index.html curl 192.168.168.81
# initialDelaySeconds: 1
#initialDelaySeconds: 表示容器启动之后多少秒开始第一次探测,1是秒,要等待应用程
#序准备好之后再探测。以避免结果有误。
# periodSeconds: 3
#在pod的生命周期内,探针的检测时间间隔是3秒 ,也没有固定的范围,根据业务容器的>情况来看,比较敏感的检测时间,可以缩短时间间隔
#在pod的生命周期内,探针的检测时间间隔是3秒,也没有固定的范围,根据业务容器的情
况来看,比较敏感的检测时间,可以缩短时间间隔
# failureThreshold: 2
#表示次数,表示探针检测容器失败几次就把容器标记为不健康。
# timeoutSeconds: 1
#timeoutSeconds的时间必须小于periodSeconds,表示探针在多少时间之内完成探测。
# successThreshold: 1
#只要探针成功一次,就把容器标记为健康,这个值只能是1,默认也是1,可以不写。
[root@master01 k8s-yaml]# vim test3.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx
labels:
app: centos7
spec:
replicas: 1
selector:
matchLabels:
app: centos7
template:
metadata:
labels:
app: centos7
spec:
#定义pod的容器参数
containers:
- name: nginx
image: nginx:1.22
livenessProbe:
startupProbe:
httpGet:
port: 80
scheme: HTTP
path: /index.html
readinessProbe:
exec:
command: ["/usr/bin/test","-e","/etc/passwd"]
---
#表示分段,上一个yml结束,下一个新的yml
apiVersion: v1
kind: Service
metadata:
name: nginx-1
# namespace
labels:
app: nginx1
spec:
type: NodePort
ports:
- port: 80
targetPort: 80
nodePort: 30000
selector:
app: centos7
[root@master01 k8s-yaml]# kubectl apply -f test3.yaml
[root@master01 k8s-yaml]# kubectl get pod
NAME READY STATUS RESTARTS AGE
nfs1-76f66b958-68wpl 1/1 Running 0 12h
nginx-76f8b6d4f7-hhvdq 1/1 Running 0 41s
[root@master01 k8s-yaml]# kubectl exec -it nginx-76f8b6d4f7-hhvdq bash
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead.
root@nginx-76f8b6d4f7-hhvdq:/# cd /usr/share/nginx/html/
root@nginx-76f8b6d4f7-hhvdq:/usr/share/nginx/html# ls
50x.html index.html
root@nginx-76f8b6d4f7-hhvdq:/usr/share/nginx/html# cat index.html
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
root@nginx-76f8b6d4f7-hhvdq:/usr/share/nginx/html# echo 123456 > index.html
root@nginx-76f8b6d4f7-hhvdq:/usr/share/nginx/html# cat index.html
123456
root@nginx-76f8b6d4f7-hhvdq:/usr/share/nginx/html# exit
exit
[root@master01 k8s-yaml]# curl 192.168.168.81
curl: (7) Failed connect to 192.168.168.81:80; 拒绝连接
[root@master01 k8s-yaml]# curl 192.168.168.81:30000
123456
[root@master01 k8s-yaml]# vim test3.yaml
[root@master01 k8s-yaml]# kubectl exec -it nginx-76f8b6d4f7-hhvdq bash
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead.
root@nginx-76f8b6d4f7-hhvdq:/# rm -rf /etc/passwd
root@nginx-76f8b6d4f7-hhvdq:/# exit
exit
[root@master01 k8s-yaml]# kubectl get pod
NAME READY STATUS RESTARTS AGE
nfs1-76f66b958-68wpl 1/1 Running 0 12h
nginx-76f8b6d4f7-hhvdq 1/1 Running 0 5m48s
[root@master01 k8s-yaml]# kubectl get pod
NAME READY STATUS RESTARTS AGE
nfs1-76f66b958-68wpl 1/1 Running 0 12h
nginx-76f8b6d4f7-hhvdq 0/1 Running 0 8m18s
就绪探针生效,文件丢失,ready变化
启动钩子---指定命令检测文件不存在,导致后续容器启动失败
[root@master01 k8s-yaml]# vim test3.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx
labels:
app: centos7
spec:
replicas: 1
selector:
matchLabels:
app: centos7
template:
metadata:
labels:
app: centos7
spec:
#定义pod的容器参数
containers:
- name: nginx
image: nginx:1.22
livenessProbe:
startupProbe:
httpGet:
port: 80
scheme: HTTP
path: /index.html
readinessProbe:
exec:
command: ["/usr/bin/test","-e","/etc/passwd"]
lifecycle:
postStart:
exec:
command: ["/bin/bash","-c","cat /opt/123.txt"]
---
#表示分段,上一个yml结束,下一个新的yml
apiVersion: v1
kind: Service
metadata:
name: nginx-1
# namespace
labels:
app: nginx1
spec:
type: NodePort
ports:
- port: 80
targetPort: 80
[root@master01 k8s-yaml]# kubectl apply -f test3.yaml --force
[root@master01 k8s-yaml]# kubectl get pod
NAME READY STATUS RESTARTS AGE
nfs1-76f66b958-68wpl 1/1 Running 0 12h
nginx-df44cb667-kt4xj 0/1 PostStartHookError: command '/bin/bash -c cat /opt/123.txt' exited with 1: cat: /opt/123.txt: No such file or directory
1 3s
[root@master01 k8s-yaml]# kubectl describe pod nginx-df44cb667-p4vsp
Warning FailedPostStartHook 4m49s (x4 over 5m33s) kubelet Exec lifecycle hook ([/bin/bash -c cat /opt/123.txt]) for Container "nginx" in Pod "nginx-df44cb667-p4vsp_default(8ee9249a-e118-4e25-8b10-cb53e8cc189f)" failed - error: command '/bin/bash -c cat /opt/123.txt' exited with 1: cat: /opt/123.txt: No such file or directory
, message: "cat: /opt/123.txt: No such file or directory\n"
Normal Killing 4m49s (x4 over 5m33s) kubelet FailedPostStartHook
Warning BackOff 25s (x27 over 5m31s) kubelet Back-off restarting failed container
lifecycle字段:
容器钩子:
postStart:容器启动时立即执行的命令,执行容器内需要执行的初始化命令,等待依赖环境。
preStop:停止之前执行的任务,清理任务,同步文件等等(导出容器内的数据)。
1、启动任务失败,pod能否进入正常状态
2、停止任务失败,pod能否退出
3、如果和探针一起,启动失败的任务影响探针嘛?
影响,优先级大于启动探针
容器的启动的钩子----->启动探针-------->存活和就绪探针
4、容器的钩子,不论是启动还是停止之前的命令,只能使用exec。
容器的钩子,不论是启动还是停止之前的命令,只能使用exec。
[root@master01 k8s-yaml]# vim test3.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx
labels:
app: centos7
spec:
replicas: 3
selector:
matchLabels:
app: centos7
template:
metadata:
labels:
app: centos7
spec:
#定义pod的容器参数
containers:
- name: nginx
image: nginx:1.22
livenessProbe:
startupProbe:
httpGet:
port: 81
scheme: HTTP
path: /index.html
readinessProbe:
exec:
command: ["/usr/bin/test","-e","/etc/passwd"]
lifecycle:
postStart:
tcpSocket:
port: 80
---
#表示分段,上一个yml结束,下一个新的yml
apiVersion: v1
kind: Service
metadata:
name: nginx-1
# namespace
labels:
app: nginx1
spec:
type: NodePort
ports:
- port: 80
targetPort: 80
[root@master01 k8s-yaml]# kubectl apply -f test3.yaml
[root@master01 k8s-yaml]# kubectl get pod
NAME READY STATUS RESTARTS AGE
nfs1-76f66b958-68wpl 1/1 Running 0 13h
nginx-56f444c575-qq29d 0/1 CrashLoopBackOff 5 7m17s
[root@master01 k8s-yaml]# kubectl describe pod nginx-56f444c575-qq29d
Warning FailedPostStartHook 4m6s (x4 over 6m21s) kubelet Cannot run handler: invalid handler: &Handler{Exec:nil,HTTPGet:nil,TCPSocket:&TCPSocketAction{Port:{0 80 },Host:,},}
Normal Killing 4m6s (x4 over 6m21s) kubelet FailedPostStartHook
Warning BackOff 66s (x17 over 5m19s) kubelet Back-off restarting failed container
容器的钩子,不论是启动还是停止之前的命令,只能使用exec。
容器的钩子,不论是启动还是停止之前的命令,只能使用exec。
[root@master01 k8s-yaml]# vim test3.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx
labels:
app: centos7
spec:
replicas: 1
selector:
matchLabels:
app: centos7
template:
metadata:
labels:
app: centos7
spec:
#定义pod的容器参数
containers:
- name: nginx
image: nginx:1.22
livenessProbe:
startupProbe:
httpGet:
port: 81
scheme: HTTP
path: /index.html
readinessProbe:
exec:
command: ["/usr/bin/test","-e","/etc/passwd"]
lifecycle:
postStart:
httpGet:
port: 80
scheme: HTTP
path: /index.html
---
#表示分段,上一个yml结束,下一个新的yml
apiVersion: v1
kind: Service
metadata:
name: nginx-1
# namespace
labels:
app: nginx1
spec:
type: NodePort
ports:
- port: 80
targetPort: 80
[root@master01 k8s-yaml]# kubectl apply -f test3.yaml
deployment.apps/nginx created
service/nginx-1 unchanged
[root@master01 k8s-yaml]# kubectl get pod
NAME READY STATUS RESTARTS AGE
nfs1-76f66b958-68wpl 1/1 Running 0 13h
nginx-cbf59dc9f-s4tx6 0/1 PostStartHookError: Get "http://10.244.2.213:80//index.html": dial tcp 10.244.2.213:80: connect: connection refused 0 2s
[root@master01 k8s-yaml]# kubectl describe pod nginx-cbf59dc9f-s4tx6
Warning FailedPostStartHook 24s (x3 over 38s) kubelet Http lifecycle hook (/index.html) for Container "nginx" in Pod "nginx-cbf59dc9f-s4tx6_default(ab801d25-2c1f-4ede-a9ac-351d843b8067)" failed - error: Get "http://10.244.2.213:80//index.html": dial tcp 10.244.2.213:80: connect: connection refused, message: ""
容器的钩子,不论是启动还是停止之前的命令,只能使用exec。
启动及停止exec指定命令写入文件
[root@master01 k8s-yaml]# vim test4.yaml
apiVersion: v1
kind: Pod
metadata:
name: centos1
labels:
app: centos1
spec:
containers:
- name: centos
image: centos:7
command: ["/bin/bash","-c","sleep 30"]
lifecycle:
postStart:
exec:
command: ["/bin/bash","-c","echo start > /opt/123.txt && sleep 10"]
preStop:
exec:
command: ["/bin/bash","-c","echo stop > /opt/123.txt && sleep 10"]
启动及停止exec指定命令写入文件,通过挂载目录查看
[root@master01 k8s-yaml]# vim test4.yaml
apiVersion: v1
kind: Pod
metadata:
name: centos1
labels:
app: centos1
spec:
containers:
- name: centos
image: centos:7
command: ["/bin/bash","-c","sleep 30"]
volumeMounts:
- name: data-v
mountPath: /opt/test1
#容器内的目录,挂载卷的名称
lifecycle:
postStart:
exec:
command: ["/bin/bash","-c","echo start >> /opt/test1/123.txt && sleep 10"]
preStop:
exec:
command: ["/bin/bash","-c","echo stop >> /opt/test1/456.txt && sleep 10"]
volumes:
- name: data-v
hostPath:
path: /opt/test
type: DirectoryOrCreate
[root@master01 k8s-yaml]# kubectl apply -f test4.yaml --force
pod/centos1 configured
[root@master01 k8s-yaml]# kubectl exec -it centos1 bash
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead.
[root@centos1 /]# cd /opt/test1/
[root@centos1 test1]# ls
123.txt 456.txt
[root@centos1 test1]# command terminated with exit code 137
[root@master01 k8s-yaml]# kubectl exec -it centos1 bash
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead.
[root@centos1 /]# cd /opt/test1/
[root@centos1 test1]# ls
123.txt 456.txt
[root@centos1 test1]# cat 456.txt
stop
[root@centos1 test1]# cat 123.txt
start
启动及停止exec指定命令写入文件
[root@master01 k8s-yaml]# vim test4.yaml
apiVersion: v1
kind: Pod
metadata:
name: centos1
labels:
app: centos1
spec:
containers:
- name: centos
image: centos:7
command: ["/bin/bash","-c","sleep 30"]
volumeMounts:
- name: data-v
mountPath: /opt/test1
#容器内的目录,挂载卷的名称
lifecycle:
postStart:
exec:
command: ["/bin/bash","-c","echo start >> /opt/test1/123.txt && sleep 10"]
preStop:
exec:
command: ["/bin/bash","-c","echo stop >> /opt/test1/321.txt && sleep 10"]
volumes:
- name: data-v
hostPath:
path: /opt/test
type: DirectoryOrCreate
[root@master01 k8s-yaml]# kubectl apply -f test4.yaml
pod/centos1 created
[root@master01 k8s-yaml]# kubectl exec -it centos1 bash
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead.
[root@centos1 /]# cd /opt/test1/
[root@centos1 test1]# ls
123.txt
[root@centos1 test1]# command terminated with exit code 137
[root@master01 k8s-yaml]# kubectl delete pod centos1
pod "centos1" deleted
[root@master01 k8s-yaml]# kubectl get pod -o wide
centos1 0/1 ContainerCreating 0 2s <none> node02 <none> <none>
[root@node02 test]# cat 321.txt
stop
探针三种:
启动 : 启动执行完毕之后,后续不再执行。
存活 :
就绪
存活和就绪会伴随整个pod的生命周期
三种方法:
exec
tcpSocket
httpGet
作业:
启动钩子和退出钩子
和节点挂载:/usr/share/nginx/html 节点: /opt/node
exec执行 要能在目录中看到开始和打印的结果
包含探针:
1、启动探针:
方法:exec 检测 /usr/share/nginx/html/index.html 文件是否存在
2、存活探针
方法:httpGET
访问验证返回码是否正确
3、就绪探针
tcpSocket
监听容器的80端口是否正常
启动探针、存活探针、就绪探针、启动及停止钩子通过exec指定命令写入文件
[root@master01 k8s-yaml]# vim test5.yaml
apiVersion: v1
kind: Pod
metadata:
name: nginx1
labels:
app: nginx1
spec:
containers:
- name: nignx1
image: nginx:1.22
volumeMounts:
- name: data-v
mountPath: /usr/share/nginx/html
#设置容器钩子
lifecycle:
#设置启动钩子
postStart:
exec:
command: ["/bin/bash","-c","echo start >> /usr/share/nginx/html/index.html"]
#设置停止钩子
preStop:
exec:
command: ["/bin/bash","-c","echo stop >> /usr/share/nginx/html/error.html"]
startupProbe:
exec:
command: ["/usr/bin/test","-e","/usr/share/nginx/html/index.html"]
livenessProbe:
httpGet:
port: 80
scheme: HTTP
path: /index.html
readinessProbe:
tcpSocket:
port: 80
volumes:
- name: data-v
hostPath:
path: /opt/node
type: DirectoryOrCreate
[root@master01 k8s-yaml]# kubectl apply -f test5.yaml
[root@master01 k8s-yaml]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx1 1/1 Running 0 51s 10.244.1.66 node01 <none> <none>
[root@master01 k8s-yaml]# kubectl describe pod nginx1
Liveness: http-get http://:80/index.html delay=0s timeout=1s period=10s #success=1 #failure=3
Readiness: tcp-socket :80 delay=0s timeout=1s period=10s #success=1 #failure=3
Startup: exec [/usr/bin/test -e /usr/share/nginx/html/index.html] delay=0s timeout=1s period=10s #success=1 #failure=3
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 63s default-scheduler Successfully assigned default/nginx1 to node01
Normal Pulled 63s kubelet Container image "nginx:1.22" already present on machine
Normal Created 63s kubelet Created container nignx1
Normal Started 63s kubelet Started container nignx1
[root@node01 node]# cat /opt/node/index.html
start
[root@master01 k8s-yaml]# kubectl delete pod nginx1
pod "nginx1" deleted
[root@node01 node]# cat error.html
stop