是否可以根据时间自动重启Pod?
例如,我想每天早上8:00 AM重新启动集群的容器。
答案 0 :(得分:4)
有一个特定的资源:CronJob
这里有个例子:
apiVersion: batch/v1beta1
kind: CronJob
metadata:
name: your-cron
spec:
schedule: "*/20 8-19 * * 1-5"
concurrencyPolicy: Forbid
jobTemplate:
spec:
template:
metadata:
labels:
app: your-periodic-batch-job
spec:
containers:
- name: my-image
image: your-image
imagePullPolicy: IfNotPresent
restartPolicy: OnFailure
答案 1 :(得分:4)
使用cronjob,但不运行您的Pod,而是安排一个Kubernetes API命令,该命令将每天重新启动部署(kubectl rollout restart
)。这样,如果出现问题,旧的吊舱将不会掉落或移除。
部署可以创建新的副本集,并等待它们启动,然后杀死旧的pod并重新路由流量。服务将继续不间断。
您必须设置RBAC,以便从集群内部运行的Kubernetes客户端有权执行对Kubernetes API的必要调用。
---
# Service account the client will use to reset the deployment,
# by default the pods running inside the cluster can do no such things.
kind: ServiceAccount
apiVersion: v1
metadata:
name: deployment-restart
namespace: <YOUR NAMESPACE>
---
# allow getting status and patching only the one deployment you want
# to restart
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: deployment-restart
namespace: <YOUR NAMESPACE>
rules:
- apiGroups: ["apps", "extensions"]
resources: ["deployments"]
resourceNames: ["<YOUR DEPLOYMENT NAME>"]
verbs: ["get", "patch", "list", "watch"] # "list" and "watch" are only needed
# if you want to use `rollout status`
---
# bind the role to the service account
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: deployment-restart
namespace: <YOUR NAMESPACE>
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: deployment-restart
subjects:
- kind: ServiceAccount
name: deployment-restart
namespace: <YOUR NAMESPACE>
cronjob规范本身:
apiVersion: batch/v1beta1
kind: CronJob
metadata:
name: deployment-restart
namespace: <YOUR NAMESPACE>
spec:
concurrencyPolicy: Forbid
schedule: '0 8 * * *' # cron spec of time, here, 8 o'clock
jobTemplate:
spec:
backoffLimit: 2 # this has very low chance of failing, as all this does
# is prompt kubernetes to schedule new replica set for
# the deployment
activeDeadlineSeconds: 600 # timeout, makes most sense with
# "waiting for rollout" variant specified below
template:
spec:
serviceAccountName: deployment-restart # name of the service
# account configured above
restartPolicy: Never
containers:
- name: kubectl
image: bitnami/kubectl # probably any kubectl image will do,
# optionaly specify version, but this
# should not be necessary, as long the
# version of kubectl is new enough to
# have `rollout restart`
command:
- 'kubectl'
- 'rollout'
- 'restart'
- 'deployment/<YOUR DEPLOYMENT NAME>'
(可选)如果希望cronjob等待部署开始,请将cronjob命令更改为:
command:
- bash
- -c
- >-
kubectl rollout restart deployment/<YOUR DEPLOYMENT NAME> &&
kubectl rollout status deployment/<YOUR DEPLOYMENT NAME>
答案 2 :(得分:3)
我从@ Ryan Lowe 借来了想法,但做了一些修改。它将在24小时之前重新启动Pod
livenessProbe:
exec:
command:
- bin/sh
- -c
- "end=$(date -u +%s);start=$(stat -c %Z /proc/1 | awk '{print int($1)}'); test $(($end-$start)) -lt 86400"
答案 3 :(得分:1)
根据cronjob-in-kubernetes-to-restart-delete-the-pod-in-a-deployment
您可以创建具有kind: CronJob
的{{1}}的{{1}}。因此,您的CronJob将以jobTemplate
为一天的启动这些容器(直到重新启动)。根据您的示例,此时将containers
分配给上午8:00
答案 4 :(得分:1)
对于另一个具有始终重新启动策略(该cron作业不应该处理-参见creating a cron job spec pod template)的Pod,另一个快速而肮脏的选项是一个livenessProbe,它只是测试时间然后按照指定的时间表重新启动广告连播
例如启动后,请等待一个小时,然后每分钟检查一次,如果小时是3(AM),则失败探测并重新启动,否则通过
livenessProbe:
exec:
command:
- exit $(test $(date +%H) -eq 3 && echo 1 || echo 0)
failureThreshold: 1
initialDelaySeconds: 3600
periodSeconds: 60
时间间隔取决于您返回日期并测试;)
当然,如果您已经将活动度探针用作实际活动度探针¯\ _(ツ)_ /¯
答案 5 :(得分:0)
从@Ryan Lowe答案中,如果已有的应用程序只想添加到配置中:
oc set probe dc/myapp --liveness --initial-delay-seconds=1800 --period-seconds=600 --failure-threshold=1 -- bash -c 'exit $(test $(date +%H) -eq 8 && echo 1 || echo 0)'