Shulou(Shulou.com)06/01 Report--

Today, I would like to share with you how kubernetes K8s defines a Pod. The content is detailed and the logic is clear. I believe most people still know too much about this knowledge, so share this article for your reference. I hope you can get something after reading this article. Let's take a look at it.

What is Pod?

Pod is the smallest unit in kubernetes, consisting of a set of containers, one or more containers, and each pod contains a pause container.

Pause container is the parent container of pod, which is mainly responsible for the collection and management of zombie processes. Through pause container, multiple containers in the same pod can share storage, network, PID, IPC, and so on. Access between multiple containers in the same Pod can communicate only through localhost.

Why introduce Pod?

Put containers with strong dependencies in the same Pod, such as low latency, file connection between container An and container B, etc. The introduction of the concept of Pod can improve performance and facilitate management.

From a k8s perspective, docker is a container, but a container is not just docker, and the introduction of pod can make containers work more harmoniously.

Define a Pod:pod.yaml

The following yaml file may have problems with copying, or you can use the following command to generate a yaml file as a template to modify it:

Kubectl create deployment nginx-- image=nginx-o yaml-- dry-run=client > nginx.yamlapiVersion: v1 # required, API version number kind: Pod # required, type Podmetadata: # required, metadata name: nginx # required, Pod name in accordance with RFC 1035 specification # namespace: default # optional, the namespace where Pod is located, do not specify default by default, use-n to specify namespace labels: # optional, tag selector Generally used to filter and distinguish Pod app: nginx role: frontend # can write multiple annotations: # optional, comment list, can write multiple app: nginxspec: # required, used to define container details # initContainers: # initialize the container Some initialization operations performed before container startup #-command:#-sh#-- c #-echo "I am InitContainer for init some configuration" # image: busybox# imagePullPolicy: IfNotPresent# name: init-container containers: # required, container list-name: nginx # required, container name that conforms to RFC 1035 specification image: nginx:1.15.2 # required The address of the image used by the container is imagePullPolicy: IfNotPresent # optional. Image pull policy. IfNotPresent: if the host has this image, it does not need to be pulled. Always: always pull, Never: command: # optional, container launches the command ENTRYPOINT, arg-> cmd-nginx-- g-"daemon off "workingDir: / usr/share/nginx/html # optional, container working directory # volumeMounts: # optional, storage volume configuration, multiple #-name: webroot # storage volume name # mountPath: / usr/share/nginx/html # mount directory # readOnly: true # read-only ports: # optional List of port numbers to be exposed by the container-name: http # port name containerPort: 80 # port number protocol: TCP # port protocol, default TCP env: # optional, environment variable configuration list-name: TZ # variable name value: Asia/Shanghai # value of the variable-name: LANG value: en_US.utf8# resources: # optional Resource limit and resource request limit # limits: # maximum limit setting # cpu: 1000m# memory: 1024Mi# requests: # Resources required for startup # cpu: 100m# memory: 512Mi# startupProbe: # optional to detect whether the process in the container has completed startup. Note that only one of the three inspection methods can be used at the same time. # httpGet: # httpGet detection method. It is recommended to use httpGet for interface-level health check in production environment, which is provided by the application. # path: / api/successStart # check path # port: 8 check readinessProbe: # optional, health check. Note that only one of the three inspection methods can be used at the same time. # httpGet: # httpGet detection method. It is recommended to use httpGet for interface-level health check in production environment, which is provided by the application. # path: / # check path # port: 80 # Monitoring Port # livenessProbe: # optional Health check # exec: # execute container command detection method # command: #-cat #-/ health # httpGet: # httpGet detection method # path: / _ health # check path # port: 8080 # httpHeaders: # request header for check #-name: end-user # value: Jason # tcpSocket: # Port Detection method # port: 8 percent initialDelaySeconds: 60 # initialization time # timeoutSeconds: 2 # timeout # periodSeconds: 5 # Detection interval # successThreshold: 1 # check success indicates ready # failureThreshold: 2 # Detection failure indicates not Ready # lifecycle:# postStart: # instructions executed after container creation is completed It can be exec httpGet TCPSocket# exec:# command:#-sh#-- c #-'mkdir / data/' # preStop:# httpGet: # path: / # port: 80 # exec:# command:#-sh #-c #-sleep 9 restartPolicy: Always # optional Default is Always. If the container fails or does not start successfully, the container is automatically restarted. Onfailure: the container is terminated in a state not equal to 0, and the container is automatically restarted. Never: no matter what the state, it will not restart # nodeSelector: # optional. Specify the Node node # region: subnet7# imagePullSecrets: # optional, and pull the secret used by the image. You can configure multiple #-name: default-dockercfg-86258# hostNetwork: false # optional, whether it is in host mode, if so, it will occupy the host port # volumes: # shared storage volume list #-name: webroot # name, corresponding to the above # emptyDir: {} # mount directory # hostPath: # mount native directory # path: / etc/hosts

Apiserver: defines the version number of the API

Kind: create resource types, such as pod, deployment, etc.

Metadata: basic information about metadata, such as pod

Spec: used to define container details

Execute the yaml file to create the Pod:

Kubectl create-f pod.yaml

Check the Pod when you are finished:

Kubectl get pod

Note: pod is rarely deployed directly in production, but yaml files are more or less the same. You need to be familiar with the format and configuration items of yaml files.

Pod probe:

The probe method added after the StartupProbe:1.16 version is used to determine whether the application in the container has been started. If StartupProbe is configured, other probes will be disabled until successful, and will not be detected in the process after success.

LivenessProbe: used to detect whether the container is running. If the probe fails, kubelet will handle it accordingly according to the configured restart policy. If the probe is not configured, the default is success.

ReadinessProbe: it is generally used to detect whether the program in the container is healthy. If the return value is success, it means that the container has been started successfully and the program is already in a state that can accept traffic.

Pod probe detection method:

The above probes can be configured in the following ways:

ExecAction: execute a command in the container, and if the return value is 0, the container is considered healthy (similar to executing echo $? after executing a command. A return value of 0 means the success is the same)

LivenessProbe: exec: command:-cat-/ tmp/health

TCPSocketAction: check whether the port in the container is open through TCP connection. If so, the container is considered healthy (similar to telnet 127.0.0.1 3306. If the execution is successful, the container is judged to be healthy)

LivenessProbe: tcpSocket: port: 80

HTTPGetAction: check whether the program is normal by the API address exposed by the application. If the status code is between 200 and 400, the container is considered healthy. (most used in production)

LivenessProbe: httpGet: path: / status/health port: 80

Several parameters of probe check:

InitialDelaySeconds: initialization time (for example, the program starts slowly, how many seconds will it take me to check)

TimeoutSeconds: timeout (1-2 seconds)

PeriodSeconds: test interval, how often is the test (5 seconds)

SuccessThreshold: the number of successful tests. For example, several successful tests indicate readiness (1-2 times)

FailureThreshold: the number of failed tests. For example, several failed tests indicate not ready (2 times)

Restart policy: timeoutSecondsperiodSecondsfailureThreshold

We can look at the probe configuration of the following coredns:

# View the pod name [root@k8s-master01 ~] # kubectl get deployment-n kube-systemcoredns 1Universe 11 5d18h# online compiled yaml file of coredns [root@k8s-master01 ~] # kubectl edit deployment coredns-n kube-system livenessProbe: failureThreshold: 5 httpGet: path: / health port: 8080 Scheme: HTTP initialDelaySeconds: 60 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 # above represents the / health interface of request 8080 If the access is successful, the container will not be killed. ReadinessProbe: failureThreshold: 3 httpGet: path: / ready port: 8181 scheme: HTTP periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 # the / ready interface configured above represents request 8181 is successful, indicating that the container can start working normally. The Pod exit process

Prestop: first request the eureka interface, take your IP address and port number offline, and eureka the IP address of the application from the registry. Then the container performs the sleep 90 skill kill 'process'; (note that 90 is not a definite value, but varies according to the actual situation)

These are all the contents of the article "how kubernetes K8s defines a Pod". Thank you for reading! I believe you will gain a lot after reading this article. The editor will update different knowledge for you every day. If you want to learn more knowledge, please pay attention to the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.