• ​Kubernetes Healthcheck​

• ​​startupProbe​​

Kubernetes Healthcheck

對 Pod 的健康狀态檢查可以通過兩類探針來檢查：LivenessProbe 和 ReadinessProbe。

• LivenessProbe ：用于判斷容器是否存活，如果 LivenessProbe 探針探測到容器不健康，則 kubelet 将殺掉容器，并根據容器的啟動政策做相應的處理，如果一個容器不包括 LivenessProbe 探針，kubelet 認為該容器的 LivenessProbe 探針傳回的值永遠是 Success。
• ReadinessProbe：用于判斷容器是否啟動完成（ready 狀态），可以接受請求，如果 ReadinessProbe 探針檢測到失敗，則 Pod 的狀态則被更改。

1）ExecAction ：容器内不執行一個指令，如果該指令的傳回碼為 0 ，則表示容器健康,15秒探測一次，逾時1秒後會重新開機服務。

​ ​kind: ...​ ​ ​ ​spec:​ ​ ​ ​containers:​ ​ ​ ​- name: ..​ ​ ​ ​livenessProbe:​ ​ ​ ​exec​ ​​ ​:​ ​ ​ ​command​ ​​ ​:​ ​ ​ ​- ​ ​​ ​cat​ ​ ​ ​- ​ ​​ ​/tmp/health​ ​ ​ ​initialDelaySeconds: 15​ ​ ​ ​timeoutSeconds: 1 ​ ​

2）TCPSocketAction：通過容器的 IP 位址和端口号執行 TCP 檢查，如果能夠建立 TCP 連接配接，則表明容器健康。

​ ​...​ ​ ​ ​spec:​ ​ ​ ​containers:​ ​ ​ ​- name:​ ​ ​ ​...​ ​ ​ ​livenessProbe:​ ​ ​ ​tcpSocket:​ ​ ​ ​port: 80​ ​ ​ ​initialDelaySeconds: 30​ ​ ​ ​timeoutSeconds: 1​ ​

3）HTTPGETAction：通過容器的 IP 位址，端口及路徑調用 HTTP GET 方法，如果響應的狀态碼大于等于 200 且小于 400，則任務健康,通路的路徑是 localhost:80/_status/healthz

​ ​...​ ​ ​ ​spec:​ ​ ​ ​containers:​ ​ ​ ​- ports:​ ​ ​ ​...​ ​ ​ ​livenessProbe:​ ​ ​ ​httpGet:​ ​ ​ ​path: ​ ​​ ​/_status/healthz​ ​ ​ ​port: 80​ ​ ​ ​initialDelaySeconds: 30​ ​ ​ ​timeoutSeconds: 1​ ​

它們的含義分别如下：

• initialDelaySeconds：啟動容器後進行首次健康檢查的等待時間，機關為 s 。
• timeutSeconds：健康檢查發送請求後等待相應的逾時時間，機關為 s。當逾時發生時，kubeler 會認為容器已經無法提供服務，将會重新開機該容器。
• initialDelaySeconds：檢查開始執行的時間，以容器啟動完成為起點計算
• periodSeconds：檢查執行的周期，預設為10秒，最小為1秒
• timeoutSeconds：檢查逾時的時間，預設為1秒，最小為1秒
• successThreshold：從上次檢查失敗後重新認定檢查成功的檢查次數門檻值（必須是連續成功），預設為1
• failureThreshold：從上次檢查成功後認定檢查失敗的檢查次數門檻值（必須是連續失敗），預設為1
• httpGet的屬性

• host：主機名或IP
• scheme：連結類型，HTTP或HTTPS，預設為HTTP
• path：請求路徑
• httpHeaders：自定義請求頭
• port：請求端口

定義說明如下：

​ ​$ kubectl explain pod.spec.containers.livenessProbe​ ​ ​ ​KIND:     Pod​ ​ ​ ​VERSION:  v1​ ​ ​ ​RESOURCE: livenessProbe <Object>​ ​ ​ ​DESCRIPTION:​ ​ ​ ​Periodic probe of container liveness. Container will be restarted ​ ​​ ​if​ ​ ​ ​the​ ​ ​ ​probe fails. Cannot be updated. More info:​ ​ ​ ​https:​ ​​ ​//kubernetes​ ​​ ​.io​ ​​ ​/docs/concepts/workloads/pods/pod-lifecycle​ ​​ ​#container-probes​ ​ ​ ​Probe describes a health check to be performed against a container to​ ​ ​ ​determine whether it is alive or ready to receive traffic.​ ​ ​ ​FIELDS:​ ​ ​ ​exec​ ​ ​ ​<Object>​ ​ ​ ​One and only one of the following should be specified. Exec specifies the​ ​ ​ ​action to take.​ ​ ​ ​failureThreshold <integer>​ ​ ​ ​Minimum consecutive failures ​ ​​ ​for​ ​ ​ ​the probe to be considered failed after​ ​ ​ ​having succeeded. Defaults to 3. Minimum value is 1.​ ​ ​ ​httpGet  <Object>​ ​ ​ ​HTTPGet specifies the http request to perform.​ ​ ​ ​initialDelaySeconds  <integer>​ ​ ​ ​Number of seconds after the container has started before liveness probes​ ​ ​ ​are initiated. More info:​ ​ ​ ​https:​ ​​ ​//kubernetes​ ​​ ​.io​ ​​ ​/docs/concepts/workloads/pods/pod-lifecycle​ ​​ ​#container-probes​ ​ ​ ​periodSeconds    <integer>​ ​ ​ ​How often (​ ​​ ​in​ ​ ​ ​seconds) to perform the probe. Default to 10 seconds. Minimum​ ​ ​ ​value is 1.​ ​ ​ ​successThreshold <integer>​ ​ ​ ​Minimum consecutive successes ​ ​​ ​for​ ​ ​ ​the probe to be considered successful​ ​ ​ ​after having failed. Defaults to 1. Must be 1 ​ ​​ ​for​ ​ ​ ​liveness. Minimum value​ ​ ​ ​is 1.​ ​ ​ ​tcpSocket    <Object>​ ​ ​ ​TCPSocket specifies an action involving a TCP port. TCP hooks not yet​ ​ ​ ​supported​ ​ ​ ​timeoutSeconds   <integer>​ ​ ​ ​Number of seconds after ​ ​​ ​which​ ​ ​ ​the probe ​ ​​ ​times​ ​ ​ ​out. Defaults to 1 second.​ ​ ​ ​Minimum value is 1. More info:​ ​ ​ ​https:​ ​​ ​//kubernetes​ ​​ ​.io​ ​​ ​/docs/concepts/workloads/pods/pod-lifecycle​ ​​ ​#container-probes​ ​

startupProbe

新增 startupProbe, 主要解決 livenessProbe 啟動時，如果無法正常啟動或服務啟動時間較長引起的容器重新啟動的問題。

​ ​apiVersion: apps​ ​​ ​/v1​ ​ ​ ​kind: Deployment​ ​ ​ ​metadata:​ ​ ​ ​name: busybox-lifecycles-nginx-​ ​​ ​sleep​ ​ ​ ​spec:​ ​ ​ ​replicas: 2​ ​ ​ ​selector:​ ​ ​ ​matchLabels:​ ​ ​ ​app: busybox-lifecycles-nginx-​ ​​ ​sleep​ ​ ​ ​env​ ​​ ​-o: nginx-​ ​​ ​sleep​ ​ ​ ​template:​ ​ ​ ​metadata:​ ​ ​ ​labels:​ ​ ​ ​app: busybox-lifecycles-nginx-​ ​​ ​sleep​ ​ ​ ​env​ ​​ ​-o: nginx-​ ​​ ​sleep​ ​ ​ ​annotations:​ ​ ​ ​consul.hashicorp.com​ ​​ ​/connect-inject​ ​​ ​: ​ ​​ ​"true"​ ​ ​ ​spec:​ ​ ​ ​terminationGracePeriodSeconds: 120​ ​ ​ ​containers:​ ​ ​ ​- image: slzcc​ ​​ ​/terminal-ctl​ ​​ ​:ubuntu-20.04​ ​ ​ ​imagePullPolicy: Always​ ​ ​ ​command​ ​​ ​:​ ​ ​ ​- nginx​ ​ ​ ​- -g​ ​ ​ ​- daemon off;​ ​ ​ ​name: busybox​ ​ ​ ​livenessProbe:​ ​ ​ ​exec​ ​​ ​:​ ​ ​ ​command​ ​​ ​:​ ​ ​ ​- ​ ​​ ​/bin/bash​ ​ ​ ​- -c​ ​ ​ ​- nc -z -​ ​​ ​v​ ​ ​ ​-n 127.0.0.1 80​ ​ ​ ​failureThreshold: 10​ ​ ​ ​initialDelaySeconds: 5​ ​ ​ ​periodSeconds: 10​ ​ ​ ​successThreshold: 1​ ​ ​ ​timeoutSeconds: 5​ ​ ​ ​readinessProbe:​ ​ ​ ​exec​ ​​ ​:​ ​ ​ ​command​ ​​ ​:​ ​ ​ ​- ​ ​​ ​/bin/bash​ ​ ​ ​- -c​ ​ ​ ​- nc -z -​ ​​ ​v​ ​ ​ ​-n 127.0.0.1 80​ ​ ​ ​initialDelaySeconds: 5​ ​ ​ ​periodSeconds: 10​ ​ ​ ​startupProbe:​ ​ ​ ​httpGet:​ ​ ​ ​path: /​ ​ ​ ​port: 801​ ​ ​ ​failureThreshold: 3​ ​ ​ ​periodSeconds: 10​ ​ ​ ​restartPolicy: Always​ ​ ​ ​---​ ​ ​ ​apiVersion: v1​ ​ ​ ​kind: Service​ ​ ​ ​metadata:​ ​ ​ ​name: busybox-lifecycles-nginx-​ ​​ ​sleep​ ​ ​ ​labels:​ ​ ​ ​app: busybox-lifecycles-nginx-​ ​​ ​sleep​ ​ ​ ​spec:​ ​ ​ ​ports:​ ​ ​ ​- name: http​ ​ ​ ​port: 80​ ​ ​ ​targetPort: 80​ ​ ​ ​protocol: TCP​ ​ ​ ​selector:​ ​