kubernetes探针
LivenessProbe:周期性检测,检测未通过时,kubelet会根据restartPolicy的定义来决定是否会重启该容器;未定义时,kubelet认为容器未终止,即为健康;
ReadnessProbe:周期性检测,检测未通过时,与该Pod关联的Service,会将该Pod从Service的后段可用端点列表中删除;直到再次就绪再重新添加回来,未定义时,只要容器未终止,即为就绪;
StartupProbe:便于用户使用同livenessProbe不同参数或阈值;
三种探针:
ExecAction:直接执行命令,命令成功返回表示探测成功;
TCPSocketAction:端口正常打开,即成功;
HTTPGetAction:向指定的path发送HTTP请求,2xx,3xx的响应码表示成功;
命令探测
[root@master probe]# kubectl apply -f liveness-exec-demo.yaml
[root@master probe]# cat liveness-exec-demo.yaml
apiVersion: v1
kind: Pod
metadata:
name: liveness-exec-demo
namespace: default
spec:
containers:
- name: demo
image: ikubernetes/demoapp:v1.0
imagePullPolicy: IfNotPresent
livenessProbe:
exec:
command: ['/bin/sh', '-c', '[ "$(curl -s 127.0.0.1/livez)" == "OK" ]']
initialDelaySeconds: 5 #5秒后探测
timeoutSeconds: 1 #延迟时间1秒
periodSeconds: 5 #间隔时间5秒进入到Pod将livez改成FAIL,容器会自动重启
[root@master probe]# kubectl exec -it liveness-exec-demo /bin/sh
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead.
[root@liveness-exec-demo /]# curl 10.244.166.154/livez
OK
[root@liveness-exec-demo /]# curl -XPOST -d 'livez=FAIL' 10.244.166.154/livez
[root@liveness-exec-demo /]# curl 10.244.166.154/livez
TCP探测
[root@master probe]# kubectl apply -f liveness-tcpsocket-demo.yaml
[root@master probe]# cat liveness-tcpsocket-demo.yaml
apiVersion: v1
kind: Pod
metadata:
name: liveness-tcpsocket-demo
namespace: default
spec:
containers:
- name: demo
image: ikubernetes/demoapp:v1.0
imagePullPolicy: IfNotPresent
ports:
- name: http
containerPort: 80
securityContext:
capabilities:
add:
- NET_ADMIN
livenessProbe:
tcpSocket:
port: http
periodSeconds: 5
initialDelaySeconds: 5[root@master probe]# kubectl get pods
NAME READY STATUS RESTARTS AGE
liveness-exec-demo 1/1 Running 1 (143m ago) 62m
liveness-tcpsocket-demo 1/1 Running 0 3s在容器内把80端口拒绝掉就会探测失败
[root@master probe]# kubectl exec liveness-tcpsocket-demo -- iptables -A INPUT -p tcp --dport 80 -j REJECT
http探测
[root@master probe]# kubectl apply -f liveness-httpget-demo.yaml
[root@master probe]# cat liveness-httpget-demo.yaml
apiVersion: v1
kind: Pod
metadata:
name: liveness-httpget-demo
namespace: default
spec:
containers:
- name: demo
image: ikubernetes/demoapp:v1.0
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:
path: '/livez'
port: 80
scheme: HTTP
initialDelaySeconds: 5[root@master probe]# kubectl get pods
NAME READY STATUS RESTARTS AGE
liveness-exec-demo 1/1 Running 1 (152m ago) 71m
liveness-httpget-demo 1/1 Running 0 3m42s
liveness-tcpsocket-demo 0/1 CrashLoopBackOff 6 (57s ago) 8m33s
[root@master probe]# kubectl exec -it liveness-httpget-demo -- /bin/sh
[root@liveness-httpget-demo /]#
[root@liveness-httpget-demo /]# curl 127.0.0.1/livez
OK[root@liveness-httpget-demo /]#
[root@liveness-httpget-demo /]# curl -XPOST -d 'livez=FAIL' 127.0.0.1/livez
[root@liveness-httpget-demo /]# curl -I 127.0.0.1/livez
HTTP/1.0 506 VARIANT ALSO NEGOTIATES
Content-Type: text/html; charset=utf-8
Content-Length: 4
Server: Werkzeug/1.0.0 Python/3.8.2
Date: Thu, 09 Feb 2023 09:07:16 GMT 
Readnessprobe http探针
[root@master probe]# kubectl apply -f readiness-httpget-demo.yaml
[root@master probe]# cat readiness-httpget-demo.yaml
apiVersion: v1
kind: Pod
metadata:
name: readiness-httpget-demo
namespace: default
spec:
containers:
- name: demo
image: ikubernetes/demoapp:v1.0
imagePullPolicy: IfNotPresent
readinessProbe:
httpGet:
path: 'readyz'
port: 80
scheme: HTTP
initialDelaySeconds: 15
timeoutSeconds: 2
periodSeconds: 5
failureThreshold: 3
restartPolicy: Always[root@readiness-httpget-demo /]# curl http://10.244.166.155:80/readyz
OK
[root@readiness-httpget-demo /]# curl -XPOST -d 'readyz=FAIL' 10.244.166.155:80/readyz
[root@readiness-httpget-demo /]# curl -I 10.244.166.155:80/readyz
HTTP/1.0 507 INSUFFICIENT STORAGE
Content-Type: text/html; charset=utf-8
Content-Length: 4
Server: Werkzeug/1.0.0 Python/3.8.2
Date: Thu, 09 Feb 2023 07:35:16 GMT
