Linux性能优化实战eBPF 核心技术与实战SDN指南个人博客

Kubernetes 201

扩展应用

通过修改 Deployment 中副本的数量(replicas),可以动态扩展或收缩应用:

scale

这些自动扩展的容器会自动加入到 service 中,而收缩回收的容器也会自动从 service 中删除。

$ kubectl scale --replicas=3 deployment/nginx-app
$ kubectl get deploy
NAME        DESIRED   CURRENT   UP-TO-DATE   AVAILABLE   AGE
nginx-app   3         3         3            3           10m

滚动升级

滚动升级(Rolling Update)通过逐个容器替代升级的方式来实现无中断的服务升级:

kubectl rolling-update frontend-v1 frontend-v2 --image=image:v2
update1
update2
update3
update4

在滚动升级的过程中,如果发现了失败或者配置错误,还可以随时回滚:

kubectl rolling-update frontend-v1 frontend-v2 --rollback

需要注意的是,kubectl rolling-update 只针对 ReplicationController。对于更新策略是 RollingUpdate 的 Deployment(Deployment 可以在 spec 中设置更新策略为 RollingUpdate,默认就是 RollingUpdate),更新应用后会自动滚动升级:

  spec:
    replicas: 3
    selector:
      matchLabels:
        run: nginx-app
    strategy:
      rollingUpdate:
        maxSurge: 1
        maxUnavailable: 1
      type: RollingUpdate

而更新应用的话,就可以直接用 kubectl set 命令:

kubectl set image deployment/nginx-app nginx-app=nginx:1.9.1

滚动升级的过程可以用 rollout 命令查看:

$ kubectl rollout status deployment/nginx-app
Waiting for rollout to finish: 2 out of 3 new replicas have been updated...
Waiting for rollout to finish: 2 of 3 updated replicas are available...
Waiting for rollout to finish: 2 of 3 updated replicas are available...
Waiting for rollout to finish: 2 of 3 updated replicas are available...
Waiting for rollout to finish: 2 of 3 updated replicas are available...
Waiting for rollout to finish: 2 of 3 updated replicas are available...
deployment "nginx-app" successfully rolled out

Deployment 也支持回滚:

$ kubectl rollout history deployment/nginx-app
deployments "nginx-app"
REVISION    CHANGE-CAUSE
1        <none>
2        <none>

$ kubectl rollout undo deployment/nginx-app
deployment "nginx-app" rolled back

资源限制

Kubernetes 通过 cgroups 提供容器资源管理的功能,可以限制每个容器的 CPU 和内存使用,比如对于刚才创建的 deployment,可以通过下面的命令限制 nginx 容器最多只用 50% 的 CPU 和 128MB 的内存:

$ kubectl set resources deployment nginx-app -c=nginx --limits=cpu=500m,memory=128Mi
deployment "nginx" resource requirements updated

这等同于在每个 Pod 中设置 resources limits:

apiVersion: v1
kind: Pod
metadata:
  labels:
    app: nginx
  name: nginx
spec:
  containers:
    - image: nginx
      name: nginx
      resources:
        limits:
          cpu: "500m"
          memory: "128Mi"

健康检查

Kubernetes 作为一个面向应用的集群管理工具,需要确保容器在部署后确实处在正常的运行状态。Kubernetes 提供了两种探针(Probe,支持 exec、tcpSocket 和 http 方式)来探测容器的状态:

  • LivenessProbe:探测应用是否处于健康状态,如果不健康则删除并重新创建容器

  • ReadinessProbe:探测应用是否启动完成并且处于正常服务状态,如果不正常则不会接收来自 Kubernetes Service 的流量

对于已经部署的 deployment,可以通过 kubectl edit deployment/nginx-app 来更新 manifest,增加健康检查部分:

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  labels:
    app: nginx
  name: nginx-default
spec:
  replicas: 3
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - image: nginx
        imagePullPolicy: Always
        name: http
        resources: {}
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
        resources:
          limits:
            cpu: "500m"
            memory: "128Mi"
        livenessProbe:
          httpGet:
            path: /
            port: 80
          initialDelaySeconds: 15
          timeoutSeconds: 1
        readinessProbe:
          httpGet:
            path: /
            port: 80
          initialDelaySeconds: 5
          timeoutSeconds: 1
上一页Kubernetes 101下一页Kubernetes 集群

最后更新于