“准备就绪和活跃度”探针失败:使用Helm Chart Kubernetes启动Varnish期间,HTTP探针失败,状态码:503”

时间:2020-03-11 14:08:15

标签: kubernetes kubernetes-helm varnish

我正在尝试为Helen创建一个Helm图表,以在Kubernetes集群上部署/运行。在运行包含来自Docker社区的清漆图像的helm软件包时,其抛出错误

Readiness probe failed: HTTP probe failed with statuscode: 503

Liveness probe failed: HTTP probe failed with statuscode: 503

共享了values.yamldeployment.yamlvarnish-config.yamlvarnish.vcl

欢迎采用任何解决方案。...

Values.yaml:

    # Default values for tt.
    # This is a YAML-formatted file.
    # Declare variables to be passed into your templates.

    replicaCount: 1


    #vcl 4.0;

    #import std;

    #backend default {
     # .host = "www.varnish-cache.org";
     # .port = "80";
     # .first_byte_timeout = 60s;
     # .connect_timeout = 300s;
    #}



    varnishBackendService: "www.varnish-cache.org"
    varnishBackendServicePort: "80"

    image:
      repository: varnish
      tag: 6.0.6
      pullPolicy: IfNotPresent

    nameOverride: ""
    fullnameOverride: ""

    service:
      type: ClusterIP
      port: 80



    #probes:
     # enabled: true

    ingress:
      enabled: false
      annotations: {}
        # kubernetes.io/ingress.class: nginx
        # kubernetes.io/tls-acme: "true"
      path: /
      hosts:
        - chart-example.local
      tls: []
      #  - secretName: chart-example-tls
      #    hosts:
      #      - chart-example.local

    resources:
      limits:
        memory: 128Mi
      requests:
        memory: 64Mi

    #resources: {}
      # We usually recommend not to specify default resources and to leave this as a conscious
      # choice for the user. This also increases chances charts run on environments with little
      # resources, such as Minikube. If you do want to specify resources, uncomment the following
      # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
      # limits:
      #  cpu: 100m
      #  memory: 128Mi
      # requests:
      #  cpu: 100m
      #  memory: 128Mi

    nodeSelector: {}

    tolerations: []

    affinity: {}

Deployment.yaml:

    apiVersion: apps/v1beta2
    kind: Deployment
    metadata:
      name: {{ include "varnish.fullname" . }}
      labels:
        app: {{ include "varnish.name" . }}
        chart: {{ include "varnish.chart" . }}
        release: {{ .Release.Name }}
        heritage: {{ .Release.Service }}
    spec:
      replicas: {{ .Values.replicaCount }}
      selector:
        matchLabels:
          app: {{ include "varnish.name" . }}
          release: {{ .Release.Name }}
      template:
        metadata:
          labels:
            app: {{ include "varnish.name" . }}
            release: {{ .Release.Name }}
    #      annotations:
     #       sidecar.istio.io/rewriteAppHTTPProbers: "true"
        spec:
          volumes: 
            - name: varnish-config
              configMap:
                 name: {{ include "varnish.fullname" . }}-varnish-config
                 items:
                   - key: default.vcl
                     path: default.vcl
          containers:
            - name: {{ .Chart.Name }}
              image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
              imagePullPolicy: {{ .Values.image.pullPolicy }}    
              env:
              - name: VARNISH_VCL
                value: /etc/varnish/default.vcl
              volumeMounts: 
                - name: varnish-config
                  mountPath : /etc/varnish/
              ports:
                - name: http
                  containerPort: 80
                  protocol: TCP
                  targetPort: 80
              livenessProbe: 
                httpGet:
                  path: /healthcheck
                  port: http
                  port: 80
                failureThreshold: 3
                initialDelaySeconds: 45
                timeoutSeconds: 10
                periodSeconds: 20
              readinessProbe:
                httpGet:
                  path: /healthcheck
                  port: http
                  port: 80
                initialDelaySeconds: 10
                timeoutSeconds: 15
                periodSeconds: 5
              restartPolicy: "Always"
              resources:
    {{ toYaml .Values.resources | indent 12 }}
        {{- with .Values.nodeSelector }}
          nodeSelector:
    {{ toYaml . | indent 8 }}
        {{- end }}
        {{- with .Values.affinity }}
          affinity:
    {{ toYaml . | indent 8 }}
        {{- end }}
        {{- with .Values.tolerations }}
          tolerations:
    {{ toYaml . | indent 8 }}
        {{- end }}

vanrnish-config.yaml:

    apiVersion: v1
    kind: ConfigMap
    metadata:
      name: {{ template "varnish.fullname" . }}-varnish-config
      labels:
        app: {{ template "varnish.fullname" . }}
        chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
        release: "{{ .Release.Name }}"
        heritage: "{{ .Release.Service }}"
    data:
      default.vcl: |-
    {{ $file := (.Files.Get "config/varnish.vcl") }}
    {{ tpl $file . | indent 4 }}

varnish.vcl:


    # VCL version 5.0 is not supported so it should be 4.0 or 4.1 even though actually used Varnish version is 6
    vcl 4.1;

    import std;
    # The minimal Varnish version is 5.0
    # For SSL offloading, pass the following header in your proxy server or load balancer: 'X-Forwarded-Proto: https'

    backend default {
      #.host = "{{ default "google.com" .Values.varnishBackendService }}";
      .host = "{{  .Values.varnishBackendService }}";
      .port = "{{  .Values.varnishBackendServicePort }}";
      #.port = "{{ default "80" .Values.varnishBackendServicePort }}";
      .first_byte_timeout = 60s;
      .connect_timeout = 300s ;
      .probe = {
            .url = "/";
            .timeout = 1s;
            .interval = 5s;
            .window = 5;
            .threshold = 3;
        }
    }



    backend server2 {
        .host = "74.125.24.105:80";
        .probe = {
            .url = "/";
            .timeout = 1s;
            .interval = 5s;
            .window = 5;
            .threshold = 3;
        }
    }

    import directors;

    sub vcl_init {
        new vdir = directors.round_robin();
        vdir.add_backend(default);
        vdir.add_backend(server2);
    }

    #sub vcl_recv {
     #   if (req.url ~ "/healthcheck"){
      #       error 200 "imok";
       #      set req.http.Connection = "close";
        # }
    #}

1 个答案:

答案 0 :(得分:2)

Kubernetes的就绪性和活动性探针均返回await getPromise()错误,这意味着与后端的连接可能存在问题。

有趣的是,这不是重点。那些探针无法对HTTP流执行端到端测试。探针仅用于验证其监视的服务是否响应。

这就是为什么在捕获指向HTTP 503的请求时只返回合成 HTTP响应的原因。

这是执行此操作的VCL代码:

/healthcheck

这并不能解释为什么您会收到sub vcl_recv { if(req.url == "/healthcheck") { return(synth(200,"OK")); } } 错误的事实,但至少可以进行这些探测。