​ Deepen understanding Pod

One 、 What is? Pod

• Pod It's a group. （ One or more ） Containers （docker Containers ） Set （ Like in a pea pod ）; These containers share storage 、 The Internet 、 And how to run these container declarations .
• We don't usually create Pod, Instead, create some workloads for them to create Pod
• Pod In the form of
  • Pod Self recovery capability for containers （Pod Automatic restart of failed containers ）
  • Pod I can't recover myself ,Pod It's really gone when it's deleted （100,MySQL、Redis、Order） Or hope k8s The cluster can restart this itself elsewhere Pod
  • Single container Pod
  • Multi container collaboration Pod. We can call another container SideCar（ Enabling applications ）
  • Pod Naturally, there are two kinds of shared resources for its member containers ： Network and storage
• One Pod By a Pause Containers Set up the whole Pod The network of all containers inside 、 Namespace and other information
• systemctl status It can be observed that .Pod Relationship with container process
  • kubelet Start a Pod, Prepare two containers , One is Pod Declared application container （nginx）, The other is Pause.Pause Set up all kinds of in cyberspace for the current application container .

Two 、Pod Use

• You can write deploy And so on yaml file , Finally create pod, You can also create
• Pod The template is as follows

    #  Here is  Pod  Template     apiVersion: v1    kind: Pod    metadata:      name: my-pod    spec:      containers:      - name: hello        image: busybox        command: ['sh', '-c', 'echo "Hello, Kubernetes!" && sleep 3600']      restartPolicy: OnFailure    #  The above is  Pod  Template 

3、 ... and 、Pod Life cycle

• Pod start-up , Will first successively Execute all initialization containers , There is a failure , be Pod Cannot start
• Next Start all application containers （ Every application container must be able to run all the time ）,Pod Start formal work , A startup failure will Try to restart Pod This container inside ,Pod As long as it is NotReady,Pod We will not provide external services

To write yaml Test life cycle

• Apply container lifecycle hooks
• Initialize container （ There can also be hooks ）

Temporary container ： Online troubleshooting .

Some container base images . There is no way to troubleshoot online . Use temporary containers to enter this Pod. Temporary containers share Pod All of the . Temporary containers are Debug Some orders of , After troubleshooting , as long as exit Exit the container , Temporary containers are automatically deleted

for example ：

Java：dump, jre 50mb.jdk 150mb

jre 50mb: jdk As a temporary container

Temporary containers need to be opened for feature gating --feature-gates="EphemeralContainers=true" In all components ,api-server、kubelet、scheduler、controller-manager All have to be configured

To use a temporary container ：

1、 Declare a temporary container . Get ready json file

{    "apiVersion": "v1",    "kind": "EphemeralContainers",    "metadata": {            "name": "my-nginx666" // Appoint Pod Name     },    "ephemeralContainers": [{        "command": [            "sh"        ],        "image": "busybox",  //jre The need for jdk To debug         "imagePullPolicy": "IfNotPresent",        "name": "debugger",        "stdin": true,        "tty": true,        "terminationMessagePolicy": "File"    }]}

2、 Use temporary containers , Just apply it

kubectl replace --raw /api/v1/namespaces/default/pods/my-nginx666【pod name 】/ephemeralcontainers -f ec.json

Four 、 static state Pod

stay /etc/kubernetes/manifests All the places put Pod.yaml file , Machine start up kubelet Start it yourself .

static state Pod Always guarding this machine

5、 ... and 、Probe Probe mechanism （ Health examination mechanism ）

Three probes per container （Probe）

• Start the probe （ It was added later ） One time successful probe . As long as the startup is successful
  • kubelet Use the start probe , To detect whether the application has started . If it is started, subsequent detection and inspection can be carried out . The slow container must specify the start probe .
  • Start the probe After success, you don't have to , The remaining survival probe and ready probe continue to operate
• Survival probe
  • kubelet Using survival probes , To check whether the container is alive properly .（ Some containers may deadlock 【 The application is running , But you can't continue with the next steps 】）, If the detection fails, the container will be restarted
  • initialDelaySeconds： 3600（ The application may not be available for a long time ） 5（ Short, fall into an infinite start cycle ）
• Ready probe
  • kubelet Use the ready probe , To check if the container is ready Well, you can receive traffic . When one Pod All the containers inside are ready , To put this Pod I'm ready . That's what it's for ：Service Back end load balancing multiple Pod, If a Pod Not ready yet , It will start from service Load balancing
• Who uses these probes to detect
  • kubelet Will actively follow the configuration to Pod All containers inside send response probe requests

Probe Configuration item

• initialDelaySeconds： How many seconds does the container have to wait after it starts to survive and be ready before the detector is initialized , The default is 0 second , The minimum is 0. This is for people who have not
• periodSeconds： The interval between probes （ The unit is seconds ）. The default is 10 second . The minimum is 1.
• successThreshold： After the detector failed , The minimum number of consecutive successes considered successful . The default value is 1.
  • This value for the survival and start probe must be 1. The minimum is 1.
• failureThreshold： When the probe fails ,Kubernetes Number of retries . Abandoning in the case of survival detection means restarting the container . Abandonment in case of ready detection Pod Will be labeled as not ready . The default value is 3. The minimum is 1.
• timeoutSeconds： How many seconds to wait after the timeout of detection . The default value is 1 second . The minimum is 1.

Official references ： Configuration survives 、 Ready and start detector | Kubernetes

To write yaml Test probe mechanism

apiVersion: v1kind: Podmetadata:  name: "nginx-start-probe02"  namespace: default  labels:    app: "nginx-start-probe02"spec:  volumes:  - name: nginx-vol    hostPath:       path: /app  - name: nginx-html    hostPath:       path: /html  containers:  - name: nginx    image: "nginx"    ports:    - containerPort: 80    startupProbe:      exec:        command:  ["/bin/sh","-c","cat /app/abc"]  ##  Return no 0, That's detection failure       # initialDelaySeconds: 20 ##  The probe will not be executed until the specified second       periodSeconds: 5  ##  Run this every few seconds       timeoutSeconds: 5  ## Probe timeout , When the timeout is reached, the probe has not returned the result, indicating that it failed       successThreshold: 1 ##  Success threshold , Success is success after several successive successes       failureThreshold: 3 ##  Failure threshold , It's a real failure to fail several times in a row     volumeMounts:    - name: nginx-vol      mountPath: /app    - name: nginx-html      mountPath: /usr/share/nginx/html    livenessProbe:   ## nginx Is there a container  /abc.html, Ready probe       # httpGet:      #   host: 127.0.0.1      #   path: /abc.html      #   port: 80      #   scheme: HTTP      # periodSeconds: 5  ##  Run this every few seconds       # successThreshold: 1 ##  Success threshold , Success is success after several successive successes       # failureThreshold: 5 ##  Failure threshold , It's a real failure to fail several times in a row       exec:        command:  ["/bin/sh","-c","cat /usr/share/nginx/html/abc.html"]  ##  Return no 0, That's detection failure       # initialDelaySeconds: 20 ##  The probe will not be executed until the specified second       periodSeconds: 5  ##  Run this every few seconds       timeoutSeconds: 5  ## Probe timeout , When the timeout is reached, the probe has not returned the result, indicating that it failed       successThreshold: 1 ##  Success threshold , Success is success after several successive successes       failureThreshold: 3 ##  Failure threshold , It's a real failure to fail several times in a row     readinessProbe: ## Readiness test , All are http      httpGet:          # host: 127.0.0.1  ### no way         path: /abc.html  ##  Send a request to the container         port: 80        scheme: HTTP ##  Return no 0, That's detection failure       initialDelaySeconds: 2 ##  The probe will not be executed until the specified second       periodSeconds: 5  ##  Run this every few seconds       timeoutSeconds: 5  ## Probe timeout , When the timeout is reached, the probe has not returned the result, indicating that it failed       successThreshold: 3 ##  Success threshold , Success is success after several successive successes       failureThreshold: 5 ##  Failure threshold , It's a real failure to fail several times in a row             # livenessProbe:    #   exec: ["/bin/sh","-c","sleep 30;abc "]  ##  Return no 0, That's detection failure     #   initialDelaySeconds: 20 ##  The probe will not be executed until the specified second     #   periodSeconds: 5  ##  Run this every few seconds     #   timeoutSeconds: 5  ## Probe timeout , When the timeout is reached, the probe has not returned the result, indicating that it failed     #   successThreshold: 5 ##  Success threshold , Success is success after several successive successes     #   failureThreshold: 5 ##  Failure threshold , It's a real failure to fail several times in a row