k8s使用临时容器

使用临时容器,需要开启k8s的聚合功能,修改kube-apiserver kube-scheduler  kubelet配置文件,具体方式如下:

复制代码
#### 以下命令在master节点配置
编辑 kube-apiserver配置
vi /etc/kubernetes/manifests/kube-apiserver.yaml
在spec.containers.command 部分增加如下一行
- --feature-gates=EphemeralContainers=true

vi /etc/kubernetes/manifests/kube-scheduler.yaml
在spec.containers.command 部分增加如下一行
- --feature-gates=EphemeralContainers=true

### 以下命令在所有节点配置
vi /etc/sysconfig/kubelet
KUBELET_EXTRA_ARGS="--feature-gates=EphemeralContainers=true"

## 修改完毕后需要重启kubelet
systemctl restart kubelet
复制代码

 

 

临时容器用于包含主容器玻璃出来的一些调测,在需要的时候临时注入目标pod即可。

[root@mm1 linshi]# kubectl get pods
NAME READY STATUS RESTARTS AGE
app-opp-674fd9c865-k726m 1/1 Running 0 3d
nginx-hpa-6dff47b9b4-f9fdq 1/1 Running 0 3d11h
php-apache-6d477877db-jcm8q 1/1 Running 0 4d
tomcat-test 1/1 Running 0 4h53m

 

可以看到有一个tomcat-test的pod,如果我需要调测该pod,可以使用如下命令直接在pod里面建立临时容器

kubectl debug -it tomcat-test --image=busybox:1.28

 

这种方式的调测有一个缺点,会在pod里留下使用过得所有临时容器信息,且不能复用这些临时容器,且无法删除这些临时容器,这样调测次数多了,增加的内容会很多。具体如下:

复制代码
Ephemeral Containers:
debugger-vk46v:
Container ID: containerd://c025131b11c53d6c1f8818df5b661e9cf88ccb0de51e89924d223bf86781083f
Image: busybox:1.28
Image ID: docker.io/library/busybox@sha256:141c253bc4c3fd0a201d32dc1f493bcf3fff003b6df416dea4f41046e0f37d47
Port: <none>
Host Port: <none>
State: Terminated
Reason: Completed
Exit Code: 0
Started: Thu, 13 Apr 2023 15:45:43 +0800
Finished: Thu, 13 Apr 2023 15:46:51 +0800
Ready: False
Restart Count: 0
Environment: <none>
Mounts: <none>
debugger-99pf4:
Container ID: containerd://01b2e471afec4855bb37c23a7693d930e307a3573fc98de160c23741cfb3cc70
Image: busybox:1.28
Image ID: docker.io/library/busybox@sha256:141c253bc4c3fd0a201d32dc1f493bcf3fff003b6df416dea4f41046e0f37d47
Port: <none>
Host Port: <none>
State: Terminated
Reason: Completed
Exit Code: 0
Started: Thu, 13 Apr 2023 15:48:26 +0800
Finished: Thu, 13 Apr 2023 15:48:32 +0800
Ready: False
Restart Count: 0
Environment: <none>
Mounts: <none>
debugger-bp6rv:
Container ID: containerd://d40d07e92ae458bc76b71d0d75fde1f26c116a026e3fa5864e9813def8315099
Image: busybox:1.28
Image ID: docker.io/library/busybox@sha256:141c253bc4c3fd0a201d32dc1f493bcf3fff003b6df416dea4f41046e0f37d47
Port: <none>
Host Port: <none>
State: Terminated
Reason: Completed
Exit Code: 0
Started: Thu, 13 Apr 2023 15:54:50 +0800
Finished: Thu, 13 Apr 2023 15:54:57 +0800
Ready: False
Restart Count: 0
Environment: <none>
Mounts: <none>
复制代码

 

还可以通过建立pod副本的方式调试

kubectl debug  tomcat-test -it --share-processes --image=busybox:1.28 --copy-to=tomcat-debug --attach=false
这条命令不附加到pod上,同时和业务pod之间共享命名空间

如果你没有使用 --container 指定新的容器名,kubectl debug 会自动生成的

默认情况下,-i 标志使 kubectl debug 附加到新容器上。 你可以通过指定 --attach=false 来防止这种情况。 如果你的会话断开连接,你可以使用 kubectl attach 重新连接。

--share-processes 允许在此 Pod 中的其他容器中查看该容器的进程

接下来查询pod,可以看到新建了一个debugger开头的调试pod,可以反复attch这个调测pod,用完清理即可

1 [root@mm1 linshi]# kubectl get pods
2 NAME                          READY   STATUS    RESTARTS      AGE
3 app-opp-674fd9c865-k726m      1/1     Running   0             3d1h
4 nginx-hpa-6dff47b9b4-f9fdq    1/1     Running   0             3d12h
5 php-apache-6d477877db-jcm8q   1/1     Running   0             4d
6 tomcat-debug                  2/2     Running   1 (17m ago)   18m
7 tomcat-test                   1/1     Running   0             5h11m

 

使用exec参数进入临时容器当中,可以看到业务pod的进程,进行一些调测活动

复制代码
1 [root@mm1 linshi]# kubectl exec -it tomcat-debug   -- /bin/bash
2 Defaulted container "tomcat-java" out of: tomcat-java, debugger-l4ppw
3 bash-4.4# ps -ef
4 PID   USER     TIME  COMMAND
5     1 65535     0:00 /pause
6     7 root      0:03 /usr/lib/jvm/java-1.8-openjdk/jre/bin/java -Djava.util.logging.config.file=/usr/local/tomcat/conf/logging.properties -Djava.util.logging.manager=org.
7    26 root      0:00 sh
8    64 root      0:00 /bin/bash
9    70 root      0:00 ps -ef
复制代码

 

接下来退出当前临时容器,再次进入也没问题

复制代码
[root@mm1 linshi]# kubectl exec -it tomcat-debug   -- /bin/bash
Defaulted container "tomcat-java" out of: tomcat-java, debugger-l4ppw
bash-4.4# ps -ef
PID   USER     TIME  COMMAND
    1 65535     0:00 /pause
   26 root      0:00 sh
   93 root      0:03 /usr/lib/jvm/java-1.8-openjdk/jre/bin/java -Djava.util.logging.config.file=/usr/local/tomcat/conf/logging.properties -Djava.util.logging.manager=org.
  145 root      0:00 /bin/bash
  151 root      0:00 ps -ef
bash-4.4# cd /usr/local/tomcat/logs/
bash-4.4# ls
catalina.2023-04-13.log              localhost.2023-04-13.log             manager.2023-04-13.log
host-manager.2023-04-13.log          localhost_access_log.2023-04-13.txt
bash-4.4# tail -f catalina.2023-04-13.log 
13-Apr-2023 07:52:12.442 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployDirectory Deployment of web application directory [/usr/local/tomcat/webapps/docs] has finished in [16] ms
13-Apr-2023 07:52:12.443 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployDirectory Deploying web application directory [/usr/local/tomcat/webapps/examples]
13-Apr-2023 07:52:12.698 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployDirectory Deployment of web application directory [/usr/local/tomcat/webapps/examples] has finished in [255] ms
13-Apr-2023 07:52:12.699 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployDirectory Deploying web application directory [/usr/local/tomcat/webapps/host-manager]
13-Apr-2023 07:52:12.752 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployDirectory Deployment of web application directory [/usr/local/tomcat/webapps/host-manager] has finished in [53] ms
13-Apr-2023 07:52:12.753 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployDirectory Deploying web application directory [/usr/local/tomcat/webapps/manager]
13-Apr-2023 07:52:12.773 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployDirectory Deployment of web application directory [/usr/local/tomcat/webapps/manager] has finished in [20] ms
13-Apr-2023 07:52:12.780 INFO [main] org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler ["http-nio-8080"]
13-Apr-2023 07:52:12.791 INFO [main] org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler ["ajp-nio-8009"]
13-Apr-2023 07:52:12.824 INFO [main] org.apache.catalina.startup.Catalina.start Server startup in 688 ms
^C
bash-4.4# 
bash-4.4# exit
exit
command terminated with exit code 130

[root@mm1 linshi]# kubectl get pods
NAME                          READY   STATUS    RESTARTS      AGE
app-opp-674fd9c865-k726m      1/1     Running   0             3d1h
nginx-hpa-6dff47b9b4-f9fdq    1/1     Running   0             3d12h
php-apache-6d477877db-jcm8q   1/1     Running   0             4d
tomcat-debug                  2/2     Running   1 (17m ago)   18m
tomcat-test                   1/1     Running   0             5h11m
[root@mm1 linshi]# kubectl exec -it tomcat-debug   -- /bin/bash
Defaulted container "tomcat-java" out of: tomcat-java, debugger-l4ppw
复制代码

 

posted @   netma  阅读(220)  评论(0编辑  收藏  举报
相关博文:
· k8s1.26+ingress-nginx+keepalive+lvs实现ingress-controller高可用
· kubernetes新版本1.26安装metrics-server:0.6.3
· 临时容器ephermeral(20)
· |NO.Z.00226|——————————|CloudNative|——|KuberNetes&细粒度权限控制.V10|——|RBAC.v02|临时容器配置|
· k8s使用临时容器排查故障
阅读排行:
· 分享4款.NET开源、免费、实用的商城系统
· 全程不用写代码,我用AI程序员写了一个飞机大战
· MongoDB 8.0这个新功能碉堡了,比商业数据库还牛
· 白话解读 Dapr 1.15:你的「微服务管家」又秀新绝活了
· 记一次.NET内存居高不下排查解决与启示
点击右上角即可分享
微信分享提示