​ Deepen understanding Pod

​

One 、 What is? Pod

​

• _Pod_ It's a group. （ One or more ） Containers （docker Containers ） Set （ Like in a pea pod ）; These containers share storage 、 The Internet 、 And how to run these container declarations .

• We don't usually create Pod, Instead, create some workloads for them to create Pod

• Pod In the form of

  • Pod Self recovery capability for containers （Pod Automatic restart of failed containers ）

  • Pod I can't recover myself ,Pod It's really gone when it's deleted （100,MySQL、Redis、Order） Or hope k8s The cluster can restart this itself elsewhere Pod

  • Single container Pod

  • Multi container collaboration Pod. We can call another container **SideCar（ Enabling applications ）**

  • Pod Naturally, there are two kinds of shared resources for its member containers ： Network and storage

• One Pod By a Pause Containers Set up the whole Pod The network of all containers inside 、 Namespace and other information

• systemctl status It can be observed that .Pod Relationship with container process

  • kubelet Start a Pod, Prepare two containers , One is Pod Declared application container （nginx）, The other is Pause.Pause Set up all kinds of in cyberspace for the current application container .

Two 、Pod Use

• You can write deploy And so on yaml file , Finally create pod, You can also create

• Pod The template is as follows

    #  Here is  Pod  Template 
    apiVersion: v1
    kind: Pod
    metadata:
      name: my-pod
    spec:
      containers:
      - name: hello
        image: busybox
        command: ['sh', '-c', 'echo "Hello, Kubernetes!" && sleep 3600']
      restartPolicy: OnFailure
    #  The above is  Pod  Template 

​

3、 ... and 、Pod Life cycle

• Pod start-up , Will first successively Execute all initialization containers , There is a failure , be Pod Cannot start

• Next Start all application containers （ Every application container must be able to run all the time ）,Pod Start formal work , A startup failure will Try to restart Pod This container inside ,Pod As long as it is NotReady,Pod We will not provide external services

To write yaml Test life cycle

• Apply container lifecycle hooks

• Initialize container （ There can also be hooks ）

​

Temporary container ： Online troubleshooting .

Some container base images . There is no way to troubleshoot online . Use temporary containers to enter this Pod. Temporary containers share Pod All of the . Temporary containers are Debug Some orders of , After troubleshooting , as long as exit Exit the container , Temporary containers are automatically deleted

for example ：

Java：dump, jre 50mb.jdk 150mb

jre 50mb: jdk As a temporary container

Temporary containers need to be opened for feature gating --feature-gates="EphemeralContainers=true" In all components ,api-server、kubelet、scheduler、controller-manager All have to be configured

To use a temporary container ：

1、 Declare a temporary container . Get ready json file

{
    "apiVersion": "v1",
    "kind": "EphemeralContainers",
    "metadata": {
            "name": "my-nginx666" // Appoint Pod Name 
    },
    "ephemeralContainers": [{
        "command": [
            "sh"
        ],
        "image": "busybox",  //jre The need for jdk To debug 
        "imagePullPolicy": "IfNotPresent",
        "name": "debugger",
        "stdin": true,
        "tty": true,
        "terminationMessagePolicy": "File"
    }]
}

​

2、 Use temporary containers , Just apply it

kubectl replace --raw /api/v1/namespaces/default/pods/my-nginx666【pod name 】/ephemeralcontainers -f ec.json

Four 、 static state Pod

stay /etc/kubernetes/manifests All the places put Pod.yaml file , Machine start up kubelet Start it yourself .

static state Pod Always guarding this machine

5、 ... and 、Probe Probe mechanism （ Health examination mechanism ）

Three probes per container （Probe）

• Start the probe （ It was added later ） One time successful probe . As long as the startup is successful

  • kubelet Use the start probe , To detect whether the application has started . If it is started, subsequent detection and inspection can be carried out . The slow container must specify the start probe .

  • Start the probe After success, you don't have to , The remaining survival probe and ready probe continue to operate

• Survival probe

  • kubelet Using survival probes , To check whether the container is alive properly .（ Some containers may deadlock 【 The application is running , But you can't continue with the next steps 】）, If the detection fails, the container will be restarted

  • initialDelaySeconds： 3600（ The application may not be available for a long time ） 5（ Short, fall into an infinite start cycle ）

• Ready probe

  • kubelet Use the ready probe , To check if the container is ready Well, you can receive traffic . When one Pod All the containers inside are ready , To put this Pod I'm ready . That's what it's for ：Service Back end load balancing multiple Pod, If a Pod Not ready yet , It will start from service Load balancing

• Who uses these probes to detect

  • kubelet Will actively follow the configuration to Pod All containers inside send response probe requests

Probe Configuration item

• initialDelaySeconds： How many seconds does the container have to wait after it starts to survive and be ready before the detector is initialized , The default is 0 second , The minimum is 0. This is for people who have not

• periodSeconds： The interval between probes （ The unit is seconds ）. The default is 10 second . The minimum is 1.

• successThreshold： After the detector failed , The minimum number of consecutive successes considered successful . The default value is 1.

  • This value for the survival and start probe must be 1. The minimum is 1.

• failureThreshold： When the probe fails ,Kubernetes Number of retries . Abandoning in the case of survival detection means restarting the container . Abandonment in case of ready detection Pod Will be labeled as not ready . The default value is 3. The minimum is 1.

• timeoutSeconds： How many seconds to wait after the timeout of detection . The default value is 1 second . The minimum is 1.

Official references ： Configuration survives 、 Ready and start detector | Kubernetes

To write yaml Test probe mechanism

apiVersion: v1
kind: Pod
metadata:
  name: "nginx-start-probe02"
  namespace: default
  labels:
    app: "nginx-start-probe02"
spec:
  volumes:
  - name: nginx-vol
    hostPath: 
      path: /app
  - name: nginx-html
    hostPath: 
      path: /html
  containers:
  - name: nginx
    image: "nginx"
    ports:
    - containerPort: 80
    startupProbe:
      exec:
        command:  ["/bin/sh","-c","cat /app/abc"]  ##  Return no 0, That's detection failure 
      # initialDelaySeconds: 20 ##  The probe will not be executed until the specified second 
      periodSeconds: 5  ##  Run this every few seconds 
      timeoutSeconds: 5  ## Probe timeout , When the timeout is reached, the probe has not returned the result, indicating that it failed 
      successThreshold: 1 ##  Success threshold , Success is success after several successive successes 
      failureThreshold: 3 ##  Failure threshold , It's a real failure to fail several times in a row 
    volumeMounts:
    - name: nginx-vol
      mountPath: /app
    - name: nginx-html
      mountPath: /usr/share/nginx/html
    livenessProbe:   ## nginx Is there a container  /abc.html, Ready probe 
      # httpGet:
      #   host: 127.0.0.1
      #   path: /abc.html
      #   port: 80
      #   scheme: HTTP
      # periodSeconds: 5  ##  Run this every few seconds 
      # successThreshold: 1 ##  Success threshold , Success is success after several successive successes 
      # failureThreshold: 5 ##  Failure threshold , It's a real failure to fail several times in a row 
      exec:
        command:  ["/bin/sh","-c","cat /usr/share/nginx/html/abc.html"]  ##  Return no 0, That's detection failure 
      # initialDelaySeconds: 20 ##  The probe will not be executed until the specified second 
      periodSeconds: 5  ##  Run this every few seconds 
      timeoutSeconds: 5  ## Probe timeout , When the timeout is reached, the probe has not returned the result, indicating that it failed 
      successThreshold: 1 ##  Success threshold , Success is success after several successive successes 
      failureThreshold: 3 ##  Failure threshold , It's a real failure to fail several times in a row 
    readinessProbe: ## Readiness test , All are http
      httpGet:  
        # host: 127.0.0.1  ### no way 
        path: /abc.html  ##  Send a request to the container 
        port: 80
        scheme: HTTP ##  Return no 0, That's detection failure 
      initialDelaySeconds: 2 ##  The probe will not be executed until the specified second 
      periodSeconds: 5  ##  Run this every few seconds 
      timeoutSeconds: 5  ## Probe timeout , When the timeout is reached, the probe has not returned the result, indicating that it failed 
      successThreshold: 3 ##  Success threshold , Success is success after several successive successes 
      failureThreshold: 5 ##  Failure threshold , It's a real failure to fail several times in a row 
        
    # livenessProbe:
    #   exec: ["/bin/sh","-c","sleep 30;abc "]  ##  Return no 0, That's detection failure 
    #   initialDelaySeconds: 20 ##  The probe will not be executed until the specified second 
    #   periodSeconds: 5  ##  Run this every few seconds 
    #   timeoutSeconds: 5  ## Probe timeout , When the timeout is reached, the probe has not returned the result, indicating that it failed 
    #   successThreshold: 5 ##  Success threshold , Success is success after several successive successes 
    #   failureThreshold: 5 ##  Failure threshold , It's a real failure to fail several times in a row