k8s的三种探针
启动探针
因为k8s中采用大量的异步机制、以及多种对象关系设计上的解耦,当应用实例数 增加/删除、或者应用版本发生变化触发滚动升级时,系统并不能保证应用相关的service、ingress配置总是及时能完成刷新。在一些情况下,往往只是新的Pod完成自身初始化,系统尚未完成EndPoint、负载均衡器等外部可达的访问信息刷新,老得Pod就立即被删除,最终造成服务短暂的额不可用,这对于生产来说是不可接受的,所以k8s就加入了一些存活性探针:startupProbe、livenessProbe、readinessProbe。
startupProbe是在k8s v1.16加入了alpha版,官方对其作用的解释是:
Indicates whether the application within the Container is started. All other probes are disabled if a startup probe is provided, until it succeeds. If the startup probe fails, the kubelet kills the Container, and the Container is subjected to its restart policy. If a Container does not provide a startup probe, the default state is Success
大概是意思是:判断容器内的应用程序是否已启动。如果提供了启动探测,则禁用所有其他探测,直到它成功为止。如果启动探测失败,kubelet将杀死容器,容器将服从其重启策略。如果容器没有提供启动探测,则默认状态为成功。
kubelet 使用启动探针,来检测应用是否已经启动。如果启动就可以进行后续的探测检查。慢容器一定指定启动探针。一直在等待启动 ,启动探针 成功以后就不用了,剩下存活探针和就绪探针持续运行 。
下面为启动探针的例子
apiVersion: v1
kind: Pod
metadata:
name: post-test
spec:
containers:
- name: post-test
image: nginx
lifecycle:
postStart:
exec:
command: ["/bin/sh", "-c", "mkdir -p /app;echo test > /app/test"]
startupProbe:
exec:
command: ["/bin/sh","-c","cat /app/test2"] ## 返回不是0,那就是探测失败
initialDelaySeconds: 20 ## 指定的这个秒以后才执行探测
periodSeconds: 5 ## 每隔几秒来运行这个
timeoutSeconds: 5 ##探测超时,到了超时时间探测还没返回结果说明失败
successThreshold: 1 ## 成功阈值,连续几次成才算成功
failureThreshold: 3 ## 失败阈值,连续几次失败才算真失败
在容器启动之前,先通过postStart,创建/app/test文件,但是启动探针读取的确实/app/test2文件,这样导致启动探针运行一直失败,并且不断重启,具体如下:
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 87s default-scheduler Successfully assigned default/post-test to k8s-02
Normal Pulled 67s kubelet Successfully pulled image "nginx" in 18.521463086s
Normal Pulling 37s (x2 over 86s) kubelet Pulling image "nginx"
Warning Unhealthy 37s (x3 over 47s) kubelet Startup probe failed: cat: /app/test2: No such file or directory
Normal Killing 37s kubelet Container post-test failed startup probe, will be restarted
Normal Created 18s (x2 over 67s) kubelet Created container post-test
Normal Started 18s (x2 over 67s) kubelet Started container post-test
Normal Pulled 18s kubelet Successfully pulled image "nginx" in 18.734387365s
[root@k8s-01 ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
counter 1/1 Running 0 40h
nfs-client-provisioner-69b76b8dc6-ms4xg 1/1 Running 1 (6d23h ago) 18d
nginx-5759cb8dcc-t4sdn 1/1 Running 0 4h55m
post-test 0/1 Running 1 (54s ago) 104s
[root@k8s-01 ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
counter 1/1 Running 0 40h
nfs-client-provisioner-69b76b8dc6-ms4xg 1/1 Running 1 (6d23h ago) 18d
nginx-5759cb8dcc-t4sdn 1/1 Running 0 4h55m
post-test 0/1 Running 2 (54s ago) 2m34s
[root@k8s-01 ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
counter 1/1 Running 0 40h
nfs-client-provisioner-69b76b8dc6-ms4xg 1/1 Running 1 (6d23h ago) 18d
nginx-5759cb8dcc-t4sdn 1/1 Running 0 4h59m
post-test 0/1 CrashLoopBackOff 5 (31s ago) 5m46s
[root@k8s-01 ~]#
这个时候把test2文件改成test,则容器可以直接跑起来。
[root@k8s-01 ~]# cat post.yaml
apiVersion: v1
kind: Pod
metadata:
name: post-test
spec:
containers:
- name: post-test
image: nginx
lifecycle:
postStart:
exec:
command: ["/bin/sh", "-c", "mkdir -p /app;echo test > /app/test"]
startupProbe:
exec:
command: ["/bin/sh","-c","cat /app/test"] ## 返回不是0,那就是探测失败
initialDelaySeconds: 20 ## 指定的这个秒以后才执行探测
periodSeconds: 5 ## 每隔几秒来运行这个
timeoutSeconds: 5 ##探测超时,到了超时时间探测还没返回结果说明失败
successThreshold: 1 ## 成功阈值,连续几次成才算成功
failureThreshold: 3 ## 失败阈值,连续几次失败才算真失败
[root@k8s-01 ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
counter 1/1 Running 0 2d23h
nfs-client-provisioner-69b76b8dc6-ms4xg 1/1 Running 1 (8d ago) 20d
nginx-5759cb8dcc-t4sdn 1/1 Running 0 36h
nginx-start-probe02 1/1 Running 5 (20m ago) 23m
post-test 0/1 Running 0 32s
[root@k8s-01 ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
counter 1/1 Running 0 2d23h
nfs-client-provisioner-69b76b8dc6-ms4xg 1/1 Running 1 (8d ago) 20d
nginx-5759cb8dcc-t4sdn 1/1 Running 0 36h
nginx-start-probe02 1/1 Running 5 (21m ago) 23m
post-test 1/1 Running 0 53s
[root@k8s-01 ~]#
存活探针
存活状态(liveness)检测用于定期检测容器是否正常运行,就绪状态(readiness)检测用于定期检测容器是否可以接收流量,它们能够通过减少运维问题和提高服务质量来使服务更健壮和更具弹性。Kubernetes在Pod内部的容器资源上提供了livenessProbe和readinessProbe两个字段,分别让用户自定义容器应用的存活状态和就绪状态检测。对于合格的云原生应用,它们可调用容器应用自身定义的相应API完成,而对于不具该类API的传统应用程序,用户也可精心设置一个更能反映其相应状态的系统命令或服务请求完成该功能。
存活状态检测:用于判定容器是否处于“运行”状态;若此类检测未通过,kubelet将杀死容器并根据其restartPolicy决定是否将其重启;未定义存活性检测的容器的默认状态为Success。
查看官方说明:
[root@k8s-01 ~]# kubectl explain pod.spec.containers.livenessProbe
KIND: Pod
VERSION: v1
RESOURCE: livenessProbe <Object>
DESCRIPTION:
Periodic probe of container liveness. Container will be restarted if the
probe fails. Cannot be updated. More info:
https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
Probe describes a health check to be performed against a container to
determine whether it is alive or ready to receive traffic.
FIELDS:
exec <Object>
One and only one of the following should be specified. Exec specifies the
action to take.
failureThreshold <integer>
Minimum consecutive failures for the probe to be considered failed after
having succeeded. Defaults to 3. Minimum value is 1.
httpGet <Object>
HTTPGet specifies the http request to perform.
initialDelaySeconds <integer>
Number of seconds after the container has started before liveness probes
are initiated. More info:
https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
periodSeconds <integer>
How often (in seconds) to perform the probe. Default to 10 seconds. Minimum
value is 1.
successThreshold <integer>
Minimum consecutive successes for the probe to be considered successful
after having failed. Defaults to 1. Must be 1 for liveness and startup.
Minimum value is 1.
tcpSocket <Object>
TCPSocket specifies an action involving a TCP port. TCP hooks not yet
supported
terminationGracePeriodSeconds <integer>
Optional duration in seconds the pod needs to terminate gracefully upon
probe failure. The grace period is the duration in seconds after the
processes running in the pod are sent a termination signal and the time
when the processes are forcibly halted with a kill signal. Set this value
longer than the expected cleanup time for your process. If this value is
nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
value overrides the value provided by the pod spec. Value must be
non-negative integer. The value zero indicates stop immediately via the
kill signal (no opportunity to shut down). This is a beta field and
requires enabling ProbeTerminationGracePeriod feature gate. Minimum value
is 1. spec.terminationGracePeriodSeconds is used if unset.
timeoutSeconds <integer>
Number of seconds after which the probe times out. Defaults to 1 second.
Minimum value is 1. More info:
https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
[root@k8s-01 ~]#
- exec:exec字段只有一个可用属性command,用于指定要执行的命令。
- httpGet:HTTP探针是基于HTTP协议的探测(HTTPGetAction),通过向目标容器发起一个GET请求,并根据其响应码进行结果判定,2xx或3xx类的响应码表示检测通过。
- tcpSocket:TCP探针是基于TCP协议进行存活性探测(TCPSocketAction),通过向容器的特定端口发起TCP请求并尝试建立连接进行结果判定,连接建立成功即为通过检测。相比较来说,它比基于HTTP协议的探测要更高效、更节约资源,但精准度略低,毕竟连接建立成功未必意味着页面资源可用。
- initialDelaySeconds :首次发出存活探测请求的延迟时长,即容器启动多久之后开始第一次探测操作,显示为delay属性;默认为0秒,即容器启动后便立刻进行探测;该参数值应该大于容器的最大初始化时长,以避免程序永远无法启动。
- timeoutSeconds:存活探测的超时时长,显示为timeout属性,默认为1秒,最小值也为1秒;应该为此参数设置一个合理值,以避免因应用负载较大时的响应延迟导致Pod被重启。
- periodSeconds :存活探测的频度,显示为period属性,默认为10秒,最小值为1秒;需要注意的是,过高的频率会给Pod对象带来较大的额外开销,而过低的频率又会使得对错误反应不及时。
- successThreshold :处于失败状态时,探测操作至少连续多少次的成功才被认为通过检测,显示为#success属性,仅可取值为1。
- failureThreshold:处于成功状态时,探测操作至少连续多少次的失败才被视为检测不通过,显示为#failure属性,默认值为3,最小值为1;尽量设置宽容一些的失败计数,能有效避免一些场景中的服务级联失败。
下面为测试用例:
apiVersion: v1
kind: Pod
metadata:
name: "nginx-liveness"
namespace: default
labels:
app: "nginx-liveness"
spec:
volumes:
- name: nginx-html
hostPath:
path: /html
containers:
- name: nginx
image: "nginx"
ports:
- containerPort: 80
volumeMounts:
- name: nginx-html
mountPath: /usr/share/nginx/html
livenessProbe: ## nginx容器有没有 /abc.html,就绪探针
# httpGet:
# host: 127.0.0.1
# path: /abc.html
# port: 80
# scheme: HTTP
# periodSeconds: 5 ## 每隔几秒来运行这个
# successThreshold: 1 ## 成功阈值,连续几次成才算成功
# failureThreshold: 5 ## 失败阈值,连续几次失败才算真失败
exec:
command: ["/bin/sh","-c","cat /usr/share/nginx/html/abc.html"] ## 返回不是0,那就是探测失败
# initialDelaySeconds: 20 ## 指定的这个秒以后才执行探测
periodSeconds: 5 ## 每隔几秒来运行这个
timeoutSeconds: 5 ##探测超时,到了超时时间探测还没返回结果说明失败
successThreshold: 1 ## 成功阈值,连续几次成才算成功
failureThreshold: 3 ## 失败阈值,连续几次失败才算真失败
[root@k8s-01 ~]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
counter 1/1 Running 0 3d 10.244.165.198 k8s-03 <none> <none>
nfs-client-provisioner-69b76b8dc6-ms4xg 1/1 Running 1 (8d ago) 20d 10.244.179.21 k8s-02 <none> <none>
nginx-5759cb8dcc-t4sdn 1/1 Running 0 36h 10.244.179.50 k8s-02 <none> <none>
nginx-liveness 1/1 Running 0 28s 10.244.61.218 k8s-01 <none> <none>
post-test 1/1 Running 0 20m 10.244.179.62 k8s-02 <none> <none>
[root@k8s-01 ~]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
counter 1/1 Running 0 3d 10.244.165.198 k8s-03 <none> <none>
nfs-client-provisioner-69b76b8dc6-ms4xg 1/1 Running 1 (8d ago) 20d 10.244.179.21 k8s-02 <none> <none>
nginx-5759cb8dcc-t4sdn 1/1 Running 0 36h 10.244.179.50 k8s-02 <none> <none>
nginx-liveness 1/1 Running 1 (30s ago) 60s 10.244.61.218 k8s-01 <none> <none>
post-test 1/1 Running 0 21m 10.244.179.62 k8s-02 <none> <none>
此时的pod运行在01节点,虽然状态为running,但是研究开始重启,此时去01节点创建abc.html,pod停止尝试重启
[root@k8s-01 html]# echo 123 > abc.html
[root@k8s-01 html]#
[root@k8s-01 ~]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
counter 1/1 Running 0 3d 10.244.165.198 k8s-03 <none> <none>
nfs-client-provisioner-69b76b8dc6-ms4xg 1/1 Running 1 (8d ago) 20d 10.244.179.21 k8s-02 <none> <none>
nginx-5759cb8dcc-t4sdn 1/1 Running 0 36h 10.244.179.50 k8s-02 <none> <none>
nginx-liveness 1/1 Running 2 (2m23s ago) 3m23s 10.244.61.218 k8s-01 <none> <none>
post-test 1/1 Running 0 23m 10.244.179.62 k8s-02 <none> <none>
就绪探针
kubelet 使用 readiness probe 来确定容器是否已经就绪可以接收流量过来了。这个探针通俗点讲就是说是否准备好了,现在可以开始工作了。只有当 Pod 中的容器都处于就绪状态的时候 kubelet 才会认定该 Pod 处于就绪状态,因为一个 Pod 下面可能会有多个容器。当然 Pod 如果处于非就绪状态,那么我们就会将他从 Service 的 Endpoints 列表中移除出来,这样我们的流量就不会被路由到这个 Pod 里面来了。
[root@k8s-01 ~]# kubectl explain pod.spec.containers.readinessProbe
KIND: Pod
VERSION: v1
RESOURCE: readinessProbe <Object>
DESCRIPTION:
Periodic probe of container service readiness. Container will be removed
from service endpoints if the probe fails. Cannot be updated. More info:
https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
Probe describes a health check to be performed against a container to
determine whether it is alive or ready to receive traffic.
FIELDS:
exec <Object>
One and only one of the following should be specified. Exec specifies the
action to take.
failureThreshold <integer>
Minimum consecutive failures for the probe to be considered failed after
having succeeded. Defaults to 3. Minimum value is 1.
httpGet <Object>
HTTPGet specifies the http request to perform.
initialDelaySeconds <integer>
Number of seconds after the container has started before liveness probes
are initiated. More info:
https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
periodSeconds <integer>
How often (in seconds) to perform the probe. Default to 10 seconds. Minimum
value is 1.
successThreshold <integer>
Minimum consecutive successes for the probe to be considered successful
after having failed. Defaults to 1. Must be 1 for liveness and startup.
Minimum value is 1.
tcpSocket <Object>
TCPSocket specifies an action involving a TCP port. TCP hooks not yet
supported
terminationGracePeriodSeconds <integer>
Optional duration in seconds the pod needs to terminate gracefully upon
probe failure. The grace period is the duration in seconds after the
processes running in the pod are sent a termination signal and the time
when the processes are forcibly halted with a kill signal. Set this value
longer than the expected cleanup time for your process. If this value is
nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
value overrides the value provided by the pod spec. Value must be
non-negative integer. The value zero indicates stop immediately via the
kill signal (no opportunity to shut down). This is a beta field and
requires enabling ProbeTerminationGracePeriod feature gate. Minimum value
is 1. spec.terminationGracePeriodSeconds is used if unset.
timeoutSeconds <integer>
Number of seconds after which the probe times out. Defaults to 1 second.
Minimum value is 1. More info:
https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
[root@k8s-01 ~]#
就绪状态的选项和存活探针一致,此处不再描述。
下面为测试的yaml,先准备一个nginx和svc
echo "
apiVersion: v1
kind: Pod
metadata:
name: "nginx-nginx"
namespace: default
labels:
app: nginx-readiness
spec:
containers:
- name: nginx
image: "nginx"
" | kubectl apply -f -
echo "
apiVersion: v1
kind: Service
metadata:
name: my-nginx-svc
namespace: default
spec:
selector:
app: nginx-readiness
type: ClusterIP
ports:
- name: http
port: 80
targetPort: 80
protocol: TCP
" | kubectl apply -f -
直接在请求svc的ip,可以正常访问:
[root@k8s-01 ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 20d
my-nginx-svc ClusterIP 10.102.188.54 <none> 80/TCP 35s
nginx NodePort 10.99.93.122 <none> 80:31151/TCP 20d
[root@k8s-01 ~]# curl 10.102.188.54
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
下面开始准备就绪探针的yaml
echo "
apiVersion: v1
kind: Pod
metadata:
name: "nginx-readiness"
namespace: default
labels:
app: "nginx-readiness"
spec:
volumes:
- name: nginx-html
hostPath:
path: /html
containers:
- name: nginx
image: "nginx"
ports:
- containerPort: 80
volumeMounts:
- name: nginx-html
mountPath: /usr/share/nginx/html
readinessProbe: ##就绪检测,都是http
httpGet:
path: /test.html ## 给容器发请求
port: 80
scheme: HTTP ## 返回不是0,那就是探测失败
initialDelaySeconds: 2 ## 指定的这个秒以后才执行探测
periodSeconds: 5 ## 每隔几秒来运行这个
timeoutSeconds: 5 ##探测超时,到了超时时间探测还没返回结果说明失败
successThreshold: 3 ## 成功阈值,连续几次成才算成功
failureThreshold: 5 ## 失败阈值,连续几次失败才算真失败
" | kubectl apply -f -
查找pod的ip和描述,发现pod是可以正常访问的,但是描述里面一致在报错,接口404
[root@k8s-01 ~]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
counter 1/1 Running 0 3d 10.244.165.198 k8s-03 <none> <none>
nfs-client-provisioner-69b76b8dc6-ms4xg 1/1 Running 1 (8d ago) 20d 10.244.179.21 k8s-02 <none> <none>
nginx-5759cb8dcc-t4sdn 1/1 Running 0 37h 10.244.179.50 k8s-02 <none> <none>
nginx-liveness 1/1 Running 2 (28m ago) 29m 10.244.61.218 k8s-01 <none> <none>
nginx-nginx 1/1 Running 0 21m 10.244.179.3 k8s-02 <none> <none>
nginx-readiness 0/1 Running 0 26s 10.244.61.219 k8s-01 <none> <none>
post-test 1/1 Running 0 49m 10.244.179.62 k8s-02 <none> <none>
[root@k8s-01 html]# curl 10.244.61.219/abc.html
123
[root@k8s-01 html]#
继续请求svc的地址,发现还是访问一开始的nginx,流量并没有进入nginx-readiness这个pod中
[root@k8s-01 html]# curl 10.102.188.54
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
[root@k8s-01 html]# curl 10.102.188.54
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
[root@k8s-01 html]#
先创建test.html,在进行访问,发现pod准备就绪,继续访问svc的地址,已经出现403,因为挂载了html目录,里面没有index.html,说明流量研究负载均衡到这个pod里了。
[root@k8s-01 html]# echo test > test.html
[root@k8s-01 html]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
counter 1/1 Running 0 3d 10.244.165.198 k8s-03 <none> <none>
nfs-client-provisioner-69b76b8dc6-ms4xg 1/1 Running 1 (8d ago) 20d 10.244.179.21 k8s-02 <none> <none>
nginx-5759cb8dcc-t4sdn 1/1 Running 0 37h 10.244.179.50 k8s-02 <none> <none>
nginx-liveness 1/1 Running 2 (30m ago) 31m 10.244.61.218 k8s-01 <none> <none>
nginx-nginx 1/1 Running 0 23m 10.244.179.3 k8s-02 <none> <none>
nginx-readiness 1/1 Running 0 2m30s 10.244.61.219 k8s-01 <none> <none>
post-test 1/1 Running 0 51m 10.244.179.62 k8s-02 <none> <none>
[root@k8s-01 html]# curl 10.102.188.54
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
[root@k8s-01 html]# curl 10.102.188.54
<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
<hr><center>nginx/1.21.5</center>
</body>
</html>
在创建index.html后,会与一开始的nginx轮流访问
[root@k8s-01 html]# echo index > index.html
[root@k8s-01 html]# curl 10.102.188.54
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
[root@k8s-01 html]# curl 10.102.188.54
index
[root@k8s-01 html]#
实际应用
下面是kong官网的yaml,里面也用到了存活探针和就绪探针,对pod进行检测。
livenessProbe:
failureThreshold: 3
httpGet:
path: /healthz
port: 10254
scheme: HTTP
initialDelaySeconds: 5
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
name: ingress-controller
ports:
- containerPort: 8080
name: webhook
protocol: TCP
- containerPort: 10255
name: cmetrics
protocol: TCP
readinessProbe:
failureThreshold: 3
httpGet:
path: /readyz
port: 10254
scheme: HTTP
initialDelaySeconds: 5
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1