nginx pod hook钩子优雅关闭示例详解

一.系统环境

服务器版本docker软件版本Kubernetes(k8s)集群版本CPU架构
CentOS Linux release 7.4.1708 (Core)Docker version 20.10.12v1.21.9x86_64

Kubernetes集群架构:k8scloude1作为master节点,k8scloude2,k8scloude3作为worker节点

服务器操作系统版本CPU架构进程功能描述
k8scloude1/192.168.110.130CentOS Linux release 7.4.1708 (Core)x86_64docker,kube-apiserver,etcd,kube-scheduler,kube-controller-manager,kubelet,kube-proxy,coredns,calicok8s master节点
k8scloude2/192.168.110.129CentOS Linux release 7.4.1708 (Core)x86_64docker,kubelet,kube-proxy,calicok8s worker节点
k8scloude3/192.168.110.128CentOS Linux release 7.4.1708 (Core)x86_64docker,kubelet,kube-proxy,calicok8s worker节点

二.前言

本文介绍pod hook(pod钩子)和如何优雅的关闭nginx pod。

三.pod hook(pod钩子)

为容器的生命周期事件设置处理函数,Kubernetes 支持 postStart 和 preStop 事件。 当一个容器启动后,Kubernetes 将立即发送 postStart 事件;在容器被终结之前, Kubernetes 将发送一个 preStop 事件。容器可以为每个事件指定一个处理程序。

pod hook:目前pod3容器里运行的是nginx进程,在启动容器的时候,除了主进程,还想启动一个进程,怎么办?这时候就需要使用pod hook(pod 钩子),pod hook有两个选项:

  • postStart:容器启动之后执行XXXX,和主进程是同时运行起来的,并没有先后顺序;
  • preStop:在容器关闭之前执行XXXX

postStart例子:容器启动之后执行"/bin/sh","-c","date >> /tmp/bb.txt",打印日期到/tmp/bb.txt文件

[root@k8scloude1 pod]# vim pod3.yaml 
[root@k8scloude1 pod]# cat pod3.yaml 
apiVersion: v1
kind: Pod
metadata:
 creationTimestamp: null
 labels:
 run: pod3
 name: pod3
spec:
 terminationGracePeriodSeconds: 0
 containers:
 - image: nginx
 command: ["sh","-c","date > /tmp/aa.txt ; sleep 10000"]
 imagePullPolicy: IfNotPresent
 name: n1
 resources: {}
 lifecycle:
 postStart:
 exec:
 command: ["/bin/sh","-c","date >> /tmp/bb.txt"]
 dnsPolicy: ClusterFirst
 restartPolicy: Always
status: {}
[root@k8scloude1 pod]# kubectl apply -f pod3.yaml 
pod/pod3 created
[root@k8scloude1 pod]# kubectl get pods
NAME READY STATUS RESTARTS AGE
pod3 1/1 Running 0 8s

查看文件可以发现,/tmp/aa.txt /tmp/bb.txt 时间是一致的,就说明两个命令是同时运行的,证明了postStart:容器启动之后执行XXXX,和主进程是同时运行起来的,并没有先后顺序。

[root@k8scloude1 pod]# kubectl exec -it pod3 -- bash
root@pod3:/# cat /tmp/aa.txt /tmp/bb.txt 
Thu Jan 13 07:40:24 UTC 2022
Thu Jan 13 07:40:24 UTC 2022
root@pod3:/# exit
exit
#删除pod
[root@k8scloude1 pod]# kubectl delete -f pod3.yaml 
pod "pod3" deleted

现在添加preStop处理函数:在容器关闭之前执行"/bin/sh","-c","date >> /tmp/bb.txt ; sleep 100",打印日期到/tmp/bb.txt文件,并休眠100秒。

[root@k8scloude1 pod]# vim pod4.yaml 
[root@k8scloude1 pod]# cat pod4.yaml 
apiVersion: v1
kind: Pod
metadata:
 creationTimestamp: null
 labels:
 run: pod3
 name: pod3
spec:
 terminationGracePeriodSeconds: 600
 containers:
 - image: nginx
 command: ["sh","-c","date > /tmp/aa.txt ; sleep 10000"]
 imagePullPolicy: IfNotPresent
 name: n1
 resources: {}
 lifecycle:
 postStart:
 exec:
 command: ["/bin/sh","-c","date >> /tmp/bb.txt"]
 preStop:
 exec:
 command: ["/bin/sh","-c","date >> /tmp/bb.txt ; sleep 100"]
 dnsPolicy: ClusterFirst
 restartPolicy: Always
status: {}
[root@k8scloude1 pod]# kubectl apply -f pod4.yaml 
pod/pod3 created
[root@k8scloude1 pod]# kubectl get pod
NAME READY STATUS RESTARTS AGE
pod3 1/1 Running 0 7s

运行一段时间后,删除pod,在容器关闭之前执行preStop的命令,preStop执行完成之后,主程序还要运行10000秒,但是宽限期terminationGracePeriodSeconds只有600s,所以600秒之后pod被删除

[root@k8scloude1 pod]# kubectl delete pod pod3 
pod "pod3" deleted
^C
#强制删除pod
[root@k8scloude1 pod]# kubectl delete pod pod3 --force
warning: Immediate deletion does not wait for confirmation that the running resource has been terminated. The resource may continue to run on the cluster indefinitely.
pod "pod3" force deleted

四.如何优雅的关闭nginx pod

说明: 当一个 Pod 被删除时,执行kubectl get pod 命令会展示这个 Pod 的状态为 Terminating(终止)。 这个 Terminating 状态并不是 Pod 阶段之一。 Pod 被赋予一个可以体面终止的期限,默认为 30 秒。 你可以使用 --force 参数来强制终止 Pod。

由于nginx默认是fast shutdown,关闭的时间一般小于30秒,如果想优雅的关闭nginx,可以在关闭容器之前运行nginx -s quit ,达到优雅的关闭nginx的效果

[root@k8scloude1 pod]# vim pod5.yaml 
#preStop处理函数指定在容器关闭之前执行"/bin/sh","-c","/usr/sbin/nginx -s quit"
[root@k8scloude1 pod]# cat pod5.yaml 
apiVersion: v1
kind: Pod
metadata:
 creationTimestamp: null
 labels:
 run: pod5
 name: pod5
spec:
 terminationGracePeriodSeconds: 600
 containers:
 - image: nginx
 command: ["sh","-c","date > /tmp/aa.txt ; sleep 10000"]
 imagePullPolicy: IfNotPresent
 name: n1
 resources: {}
 lifecycle:
 postStart:
 exec:
 command: ["/bin/sh","-c","date >> /tmp/bb.txt"]
 preStop:
 exec:
 command: ["/bin/sh","-c","/usr/sbin/nginx -s quit"]
 dnsPolicy: ClusterFirst
 restartPolicy: Always
status: {}
[root@k8scloude1 pod]# kubectl apply -f pod5.yaml 
pod/pod5 created
[root@k8scloude1 pod]# kubectl get pod
NAME READY STATUS RESTARTS AGE
pod5 1/1 Running 0 5s
[root@k8scloude1 pod]# kubectl delete pod pod5 
pod "pod5" deleted
^C
[root@k8scloude1 pod]# kubectl delete pod pod5 --force
warning: Immediate deletion does not wait for confirmation that the running resource has been terminated. The resource may continue to run on the cluster indefinitely.
pod "pod5" force deleted
作者:人生的哲理原文地址:https://www.cnblogs.com/renshengdezheli/p/16850563.html

%s 个评论

要回复文章请先登录注册