쿠버1탄-8. 쿠버네티스- 프루브(증명)
다음은 쿠버네티스 스터디 자료를 참고해 정리한 내용입니다.
<1> 프루브 개요
<2> completed.yaml - sleep 5초후 종료코드0(정상) 반환후 종료함
<3> onfailure.yaml - sleep 5초후 종료코드 1(Error) 반환후 종료함
<4> onfailure.yaml : restartPolicy: OnFailure , sleep 5초 후 종료 코드 0 (정상) 반환 후 종료
<5> livenessprobe.yaml
<6> ReadinessProbe
<7> 정리
<1> 프루브 개요
1
liveness Probe
컨테이너 내부 애플리케이션이 살아있는지 검사
실패할 경우 해당 컨테이너는 restartPolicy 에 따라서 재시작
2
readiness Probe
컨테이너 내부의 애플리케이션이 사용자 요청을 처리할 준비가 됐는지 검사
검사에 실패할 경우 컨테이너는 서비스의 라우팅 대상에서 제외
로드 밸런서 = 서비스 개념이다.
<2> completed.yaml - sleep 5초후 종료코드0(정상) 반환후 종료함
master node의 api 서버 접속
ssh -i ~/.ssh/id_rsa ubuntu@api.k8s.serverchk.com
kubectl delete pod --all
completed.yaml
1
ubuntu@ip-172-20-41-255:~$ more completed.yaml
cat << EOF > completed.yaml
apiVersion: v1
kind: Pod
metadata:
name: completed-pod
spec:
containers:
- name: completed-pod
image: busybox
command: ["sh"]
args: ["-c", "sleep 5 && exit 0"]
EOF
// 5초후 정상 종료라고 알려주고 끝나는 pod
2
별도 터미널에서 확인?
watch -d "kubectl describe pod completed-pod | grep Events -A 12"
// completed 상태 모니터링
NAME READY STATUS RESTARTS AGE
completed-pod 0/1 ContainerCreating 0 0s
deployment-nginx-78bc6dfdf7-8mrs4 1/1 Running 0 11m
deployment-nginx-78bc6dfdf7-mr4w2 1/1 Running 0 11m
deployment-nginx-78bc6dfdf7-tvv44 1/1 Running 0 11m
completed-pod 0/1 ContainerCreating 0 1s
completed-pod 1/1 Running 0 3s
completed-pod 0/1 Completed 0 8s
completed-pod 1/1 Running 1 10s
completed-pod 0/1 Completed 1 15s
completed-pod 0/1 CrashLoopBackOff 1 26s
completed-pod 1/1 Running 2 27s
completed-pod 0/1 Completed 2 33s
completed-pod 0/1 CrashLoopBackOff 2 48s
// Completed 완료 상태가 나옴. 무한 반복중
3
kubectl apply -f completed.yaml && kubectl get pod -w
4
정책 확인
kubectl get pod completed-pod -o yaml | grep restartPolicy
f:restartPolicy: {}
restartPolicy: Always
// restartPolicy 재시작 정책이 Always 라 다시 Running 상태로 가서 무한 반복 하는것이다.
// Completed (0) 반환
5
과정
Running > Completed > restartPolicy 가 Always (재시작) 되면 > CrashLoopBackOff >
Running > Completed > restartPolicy 가 Always (재시작) 되면 > CrashLoopBackOff >
Running > Completed > restartPolicy 가 Always (재시작) 되면 > CrashLoopBackOff >
6
kubectl delete pod --all
<3> onfailure.yaml - sleep 5초후 종료코드 1(Error) 반환후 종료함
onfailure.yaml
정상 종료 코드는 0이다.
sleep 5초 후 종료 코드 1 반환 후 종료하는것을 해보자
비정상적으로 종료(1)가 되었다고 가정한다.
1
cat << EOF > onfailure.yaml
apiVersion: v1
kind: Pod
metadata:
name: completed-pod
spec:
restartPolicy: OnFailure
containers:
- name: completed-pod
image: busybox
command: ["sh"]
args: ["-c", "sleep 5 && exit 1"]
EOF
2
kubectl apply -f onfailure.yaml && kubectl get pod -w
error 발생
// 무한 반복중
과정
Running > Error (비정상 종료1) > restartPolicy: OnFailure
Running > Error (비정상 종료1) > restartPolicy: OnFailure
Running > Error (비정상 종료1) > restartPolicy: OnFailure
3
kubectl get pod completed-pod -o yaml | grep restartPolicy
{"apiVersion":"v1","kind":"Pod","metadata":{"annotations":{},"name":"completed-pod","namespace":"default"},"spec":{"containers":[{"args":["-c","sleep 5 \u0026\u0026 exit 1"],"command":["sh"],"image":"busybox","name":"completed-pod"}],"restartPolicy":"OnFailure"}}
f:restartPolicy: {}
restartPolicy: OnFailure
// Runninng -> Error (1)로 감. 무한 반복
4
다른 터미널에서
watch -d "kubectl describe pod completed-pod | grep Events -A 12"
5
kubectl delete pod --all
<4> onfailure.yaml : restartPolicy: OnFailure , sleep 5초 후 종료 코드 0 (정상) 반환 후 종료
1
cat << EOF > onfailure.yaml
apiVersion: v1
kind: Pod
metadata:
name: completed-pod
spec:
restartPolicy: OnFailure
containers:
- name: completed-pod
image: busybox
command: ["sh"]
args: ["-c", "sleep 5 && exit 0"]
EOF
2
ubuntu@ip-172-20-41-255:~$ kubectl apply -f onfailure.yaml && kubectl get pod -w
pod/completed-pod created
NAME READY STATUS RESTARTS AGE
completed-pod 0/1 ContainerCreating 0 0s
completed-pod 0/1 ContainerCreating 0 0s
completed-pod 1/1 Running 0 3s
completed-pod 0/1 Completed 0 8s
completed-pod 0/1 Completed 0 8s
// 정상 종료라 완료 됨.
restartPolicy: OnFailure 라 완료.
OnFailure는 비정상일때만 재시작 하라는 것이다.
0 = 정상종료라 재시작하지 않는다.
3
watch -d "kubectl describe pod completed-pod | grep Events -A 12"
4
kubectl delete pod --all
pod "completed-pod" deleted
<5> livenessprobe.yaml
liveness Probe ?
컨테이너 내부 애플리케이션이 살아있는지 검사
실패할 경우 해당 컨테이너는 restartPolicy 에 따라서 재시작
1
cat << EOF > livenessprobe.yaml
apiVersion: v1
kind: Pod
metadata:
name: livenessprobe
spec:
containers:
- name: livenessprobe
image: nginx
livenessProbe:
httpGet:
port: 80
path: /index.html
EOF
2
kubectl apply -f livenessprobe.yaml && kubectl get events --sort-by=.metadata.creationTimestamp -w
3
확인
kubectl describe pod livenessprobe | grep Liveness
Liveness: http-get http://:80/index.html delay=0s timeout=1s period=10s #success=1 #failure=3
4
kubectl logs livenessprobe -f
/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
:6
2021/06/29 08:28:07 [notice] 1#1: start worker processes
2021/06/29 08:28:07 [notice] 1#1: start worker process 31
2021/06/29 08:28:07 [notice] 1#1: start worker process 32
172.20.38.144 - - [29/Jun/2021:08:28:10 +0000] "GET /index.html HTTP/1.1" 200 612 "-" "kube-probe/1.20" "-"
172.20.38.144 - - [29/Jun/2021:08:28:20 +0000] "GET /index.html HTTP/1.1" 200 612 "-" "kube-probe/1.20" "-"
172.20.38.144 - - [29/Jun/2021:08:28:30 +0000] "GET /index.html HTTP/1.1" 200 612 "-" "kube-probe/1.20" "-"
// probe가 index.html을 10초 간격으로 체크하고 있다.
5
테스트 ?
index.html 삭제후 실행
kubectl exec livenessprobe -- rm /usr/share/nginx/html/index.html && kubectl logs livenessprobe -f
/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
:
/docker-entrypoint.sh: Configuration complete; ready for start up
2021/06/29 08:28:07 [notice] 1#1: using the "epoll" event method
2021/06/29 08:28:07 [notice] 1#1: nginx/1.21.0
2021/06/29 08:28:07 [notice] 1#1: built by gcc 8.3.0 (Debian 8.3.0-6)
2021/06/29 08:28:07 [notice] 1#1: OS: Linux 5.4.0-1047-aws
:
2021/06/29 08:29:20 [error] 32#32: *8 open() "/usr/share/nginx/html/index.html" failed (2: No such file or directory), client: 172.20.38.144, server: localhost, request: "GET /index.html :
2021/06/29 08:29:31 [notice] 31#31: exit
2021/06/29 08:29:31 [notice] 1#1: signal 17 (SIGCHLD) received from 32
2021/06/29 08:29:31 [notice] 1#1: worker process 31 exited with code 0
2021/06/29 08:29:31 [notice] 1#1: worker process 32 exited with code 0
2021/06/29 08:29:31 [notice] 1#1: exit
// index.html 3번 실패하면 재시작.
이미지를 다시 가져와 재시작함
6
다시 생성되면 정상 됨.
다시 생성되어 index.html 가 생겨서 정상이 됨
kubectl logs livenessprobe -f
/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
:
2021/06/29 08:29:33 [notice] 1#1: start worker processes
2021/06/29 08:29:33 [notice] 1#1: start worker process 32
2021/06/29 08:29:33 [notice] 1#1: start worker process 33
172.20.38.144 - - [29/Jun/2021:08:29:40 +0000] "GET /index.html HTTP/1.1" 200 612 "-" "kube-probe/1.20" "-"
172.20.38.144 - - [29/Jun/2021:08:29:50 +0000] "GET /index.html HTTP/1.1" 200 612 "-" "kube-probe/1.20" "-"
172.20.38.144 - - [29/Jun/2021:08:30:00 +0000] "GET /index.html HTTP/1.1" 200 612 "-" "kube-probe/1.20" "-"
172.20.38.144 - - [29/Jun/2021:08:30:10 +0000] "GET /index.html HTTP/1.1" 200 612 "-" "kube-probe/1.20" "-"
172.20.38.144 - - [29/Jun/2021:08:30:20 +0000] "GET /index.html HTTP/1.1" 200 612 "-" "kube-probe/1.20" "-"
172.20.38.144 - - [29/Jun/2021:08:30:30 +0000] "GET /index.html HTTP/1.1" 200 612 "-" "kube-probe/1.20" "-"
172.20.38.144 - - [29/Jun/2021:08:30:40 +0000] "GET /index.html HTTP/1.1" 200 612 "-" "kube-probe/1.20" "-"
7
kubectl get events --sort-by=.metadata.creationTimestamp -w
8
파드 삭제
kubectl delete pod --all
// 과제 log 캡춰 제출!!
<6> ReadinessProbe
컨테이너 내부의 애플리케이션이 사용자 요청을 처리할 준비가 됐는지 검사
검사에 실패할 경우 컨테이너는 서비스의 라우팅 대상에서 제외
로드 밸런서 = 서비스 개념이다.
1
cat << EOF > readinessprobe-service.yaml
apiVersion: v1
kind: Pod
metadata:
name: readinessprobe
labels:
readinessprobe: first
spec:
containers:
- name: readinessprobe
image: nginx
readinessProbe:
httpGet:
port: 80
path: /
---
apiVersion: v1
kind: Service
metadata:
name: readinessprobe-service
spec:
ports:
- name: nginx
port: 80
targetPort: 80
selector:
readinessprobe: first
type: ClusterIP
EOF
2
kubectl apply -f readinessprobe-service.yaml && kubectl get events --sort-by=.metadata.creationTimestamp -w
3
kubectl describe pod readinessprobe | grep Readiness
4
kubectl logs readinessprobe -f
5
kubectl get service readinessprobe-service -o wide
ubuntu@ip-172-20-41-255:~$ kubectl get service readinessprobe-service -o wide
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
readinessprobe-service ClusterIP 100.71.183.52 <none> 80/TCP 44s readinessprobe=first
6
kubectl get endpoints readinessprobe-service
ubuntu@ip-172-20-41-255:~$ kubectl get endpoints readinessprobe-service
NAME ENDPOINTS AGE
readinessprobe-service 100.98.158.137:80 49s
7
curl <CLUSTER-IP>
ubuntu@ip-172-20-41-255:~$ curl 100.98.158.137
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
8
L4가 실패하도록 index.html 삭제후 재확인
kubectl exec readinessprobe -- rm /usr/share/nginx/html/index.html && kubectl logs readinessprobe -f
9
kubectl get pod
NAME READY STATUS RESTARTS AGE
readinessprobe 0/1 Running 0 12m
//READY 상태가 0이 됨
10
실패하면 EXTERNAL-IP 가 없어진다.
kubectl get service readinessprobe-service -o wide
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
readinessprobe-service ClusterIP 100.71.183.52 <none> 80/TCP 3m37s readinessprobe=first
11
index.html 실패하면 ENDPOINTS 가 없어진다.
kubectl get endpoints readinessprobe-service
NAME ENDPOINTS AGE
readinessprobe-service 3m42s
pod가 서비스에서 제외 된다.
<7> 정리
1
Pod 상태 확인
2
liveness Probe
컨테이너 내부 애플리케이션이 살아있는지 검사
실패할 경우 해당 컨테이너는 restartPolicy 에 따라서 재시작
3
readiness Probe
컨테이너 내부의 애플리케이션이 사용자 요청을 처리할 준비가 됐는지 검사
검사에 실패할 경우 컨테이너는 서비스의 라우팅 대상에서 제외
다음과정
https://brunch.co.kr/@topasvga/1673
감사합니다.
