Pod初始化容器之Init Container
Init 容器的介绍
Pod能够具有多个容器,应用运行在容器里面,但是它也可能有一个或多个先于应用容器启动的 Init容器
Init 容器与普通的容器非常像,除了如下两点:
c Init 容器总是运行到成功完成为止
2) 每个 Init 容器都必须在下一个 Init 容器启动之前成功完成
如果 Pod 的 Init 容器失败, Kubernetes 会不断地重启该 Pod ,直到 Init 容器成功为止。然而,如果 Pod 对应的 restartPolicy 为 Never。
Init 容器的作用
因为 Init 容器具有与应用程序容器分离的单独镜像,所以它们的启动相关代码具有如下优势:
1)它们可以包含并运行实用工具,但是出于安全考虑,是不建议在应用程序容器镜像中包含这些实用工具的
2) 它们可以包含使用工具和定制化代码来安装,但是不能出现在应用程序镜像中。例如,创建镜像没必要 FROM 另一个镜像,只需要在安装过程中使用类似 sed 、 awk 、 python 或 dig
这样的工具。
3) 应用程序镜像可以分离出创建和部署的角色,而没有必要联合它们构建一个单独的镜像。
4) Init 容器使用 Linux Namespace ,所以相对应用程序容器来说具有不同的文件系统视图。因此,它们能够具有访问 Secret 的权限,而应用程序容器则不能。
5) 它们必须在应用程序容器启动之前运行完成,而应用程序容器是并行运行的,所以 Init 容器能够提供了一种简单的阻塞或延迟应用容器的启动的方法,直到满足了一组先决条件。
测试
说明:主要是在启动Pod,有2个initc,一开始是没有准备的,所以现象会显示初始化0/2
init.yaml
kind: Pod
metadata:
name: myapp-pod
labels:
app: myapp
spec:
containers:
- name: myapp-container
image: busybox
command: ['sh', '-c', 'echo The app is running! && sleep 3600']
initContainers:
- name: init-myservice
image: busybox
command: ['sh', '-c', 'until nslookup myservice; do echo waiting for myservice; sleep 2; done;']
- name: init-mydb
image: busybox
command: ['sh', '-c', 'until nslookup mydb; do echo waiting for mydb; sleep 2; done;']
[root@k8s-master mnt]# kubectl create -f init.yaml
pod/myapp-pod created
[root@k8s-master mnt]# kubectl get pod
NAME READY STATUS RESTARTS AGE
myapp-pod 0/1 Init:0/2 0 8s
[root@k8s-master mnt]# kubectl describe myapp-pod
error: the server doesn't have a resource type "myapp-pod"
[root@k8s-master mnt]# kubectl describe pod myapp-pod
Name: myapp-pod
Namespace: default
Priority: 0
Node: k8s-node02/192.168.180.134
Start Time: Wed, 18 Dec 2019 22:02:57 +0800
Labels: app=myapp
Annotations: <none>
Status: Pending
IP: 10.244.1.9
IPs:
IP: 10.244.1.9
Init Containers:
init-myservice:
Container ID: docker://3c0e850042efab506f95737adfd3dc6ef2da9218ce51eb5eb4e94573a657fd2b
Image: busybox
Image ID: docker-pullable://busybox@sha256:1828edd60c5efd34b2bf5dd3282ec0cc04d47b2ff9caa0b6d4f07a21d1c08084
Port: <none>
Host Port: <none>
Command:
sh
-c
until nslookup myservice; do echo waiting for myservice; sleep 2; done;
State: Running
Started: Wed, 18 Dec 2019 22:03:03 +0800
Ready: False
Restart Count: 0
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from default-token-gx2h8 (ro)
init-mydb:
Container ID:
Image: busybox
Image ID:
Port: <none>
Host Port: <none>
Command:
sh
-c
until nslookup mydb; do echo waiting for mydb; sleep 2; done;
State: Waiting
Reason: PodInitializing
Ready: False
Restart Count: 0
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from default-token-gx2h8 (ro)
Containers:
myapp-container:
Container ID:
Image: busybox
Image ID:
Port: <none>
Host Port: <none>
Command:
sh
-c
echo The app is running! && sleep 3600
State: Waiting
Reason: PodInitializing
Ready: False
Restart Count: 0
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from default-token-gx2h8 (ro)
Conditions:
Type Status
Initialized False
Ready False
ContainersReady False
PodScheduled True
Volumes:
default-token-gx2h8:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-gx2h8
Optional: false
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s
node.kubernetes.io/unreachable:NoExecute for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled <unknown> default-scheduler Successfully assigned default/myapp-pod to k8s-node02
Normal Pulling 22s kubelet, k8s-node02 Pulling image "busybox"
Normal Pulled 18s kubelet, k8s-node02 Successfully pulled image "busybox"
Normal Created 18s kubelet, k8s-node02 Created container init-myservice
Normal Started 17s kubelet, k8s-node02 Started container init-myservice
查看myservice
[root@k8s-master mnt]# kubectl logs myapp-pod -c init-myservice
Server: 10.96.0.10
Address: 10.96.0.10:53 ** server can't find myservice.default.svc.cluster.local: NXDOMAIN *** Can't find myservice.svc.cluster.local: No answer
*** Can't find myservice.cluster.local: No answer
*** Can't find myservice.localdomain: No answer
*** Can't find myservice.default.svc.cluster.local: No answer
*** Can't find myservice.svc.cluster.local: No answer
*** Can't find myservice.cluster.local: No answer
*** Can't find myservice.localdomain: No answer waiting for myservice
Server: 10.96.0.10
Address: 10.96.0.10:53 ** server can't find myservice.default.svc.cluster.local: NXDOMAIN *** Can't find myservice.svc.cluster.local: No answer
*** Can't find myservice.cluster.local: No answer
*** Can't find myservice.localdomain: No answer
*** Can't find myservice.default.svc.cluster.local: No answer
*** Can't find myservice.svc.cluster.local: No answer
*** Can't find myservice.cluster.local: No answer
*** Can't find myservice.localdomain: No answer waiting for myservice
Server: 10.96.0.10
Address: 10.96.0.10:53 ** server can't find myservice.default.svc.cluster.local: NXDOMAIN *** Can't find myservice.svc.cluster.local: No answer
*** Can't find myservice.cluster.local: No answer
*** Can't find myservice.localdomain: No answer
*** Can't find myservice.default.svc.cluster.local: No answer
*** Can't find myservice.svc.cluster.local: No answer
*** Can't find myservice.cluster.local: No answer
*** Can't find myservice.localdomain: No answer waiting for myservice
Server: 10.96.0.10
Address: 10.96.0.10:53 ** server can't find myservice.default.svc.cluster.local: NXDOMAIN *** Can't find myservice.svc.cluster.local: No answer
*** Can't find myservice.cluster.local: No answer
*** Can't find myservice.localdomain: No answer
*** Can't find myservice.default.svc.cluster.local: No answer
*** Can't find myservice.svc.cluster.local: No answer
*** Can't find myservice.cluster.local: No answer
*** Can't find myservice.localdomain: No answer waiting for myservice
Server: 10.96.0.10
Address: 10.96.0.10:53 ** server can't find myservice.default.svc.cluster.local: NXDOMAIN *** Can't find myservice.svc.cluster.local: No answer
*** Can't find myservice.cluster.local: No answer
*** Can't find myservice.localdomain: No answer
*** Can't find myservice.default.svc.cluster.local: No answer
*** Can't find myservice.svc.cluster.local: No answer
*** Can't find myservice.cluster.local: No answer
*** Can't find myservice.localdomain: No answer waiting for myservice
Server: 10.96.0.10
Address: 10.96.0.10:53 ** server can't find myservice.default.svc.cluster.local: NXDOMAIN *** Can't find myservice.svc.cluster.local: No answer
*** Can't find myservice.cluster.local: No answer
*** Can't find myservice.localdomain: No answer
*** Can't find myservice.default.svc.cluster.local: No answer
*** Can't find myservice.svc.cluster.local: No answer
*** Can't find myservice.cluster.local: No answer
*** Can't find myservice.localdomain: No answer waiting for myservice
Server: 10.96.0.10
Address: 10.96.0.10:53 ** server can't find myservice.default.svc.cluster.local: NXDOMAIN *** Can't find myservice.svc.cluster.local: No answer
*** Can't find myservice.cluster.local: No answer
*** Can't find myservice.localdomain: No answer
*** Can't find myservice.default.svc.cluster.local: No answer
*** Can't find myservice.svc.cluster.local: No answer
*** Can't find myservice.cluster.local: No answer
*** Can't find myservice.localdomain: No answer waiting for myservice
Server: 10.96.0.10
Address: 10.96.0.10:53 ** server can't find myservice.default.svc.cluster.local: NXDOMAIN *** Can't find myservice.svc.cluster.local: No answer
*** Can't find myservice.cluster.local: No answer
*** Can't find myservice.localdomain: No answer
*** Can't find myservice.default.svc.cluster.local: No answer
*** Can't find myservice.svc.cluster.local: No answer
*** Can't find myservice.cluster.local: No answer
*** Can't find myservice.localdomain: No answer waiting for myservice
Server: 10.96.0.10
Address: 10.96.0.10:53 ** server can't find myservice.default.svc.cluster.local: NXDOMAIN *** Can't find myservice.svc.cluster.local: No answer
*** Can't find myservice.cluster.local: No answer
*** Can't find myservice.localdomain: No answer
*** Can't find myservice.default.svc.cluster.local: No answer
*** Can't find myservice.svc.cluster.local: No answer
*** Can't find myservice.cluster.local: No answer
*** Can't find myservice.localdomain: No answer waiting for myservice
Server: 10.96.0.10
Address: 10.96.0.10:53 ** server can't find myservice.default.svc.cluster.local: NXDOMAIN *** Can't find myservice.svc.cluster.local: No answer
*** Can't find myservice.cluster.local: No answer
*** Can't find myservice.localdomain: No answer
*** Can't find myservice.default.svc.cluster.local: No answer
*** Can't find myservice.svc.cluster.local: No answer
*** Can't find myservice.cluster.local: No answer
*** Can't find myservice.localdomain: No answer waiting for myservice
Server: 10.96.0.10
Address: 10.96.0.10:53 ** server can't find myservice.default.svc.cluster.local: NXDOMAIN *** Can't find myservice.svc.cluster.local: No answer
*** Can't find myservice.cluster.local: No answer
*** Can't find myservice.localdomain: No answer
*** Can't find myservice.default.svc.cluster.local: No answer
*** Can't find myservice.svc.cluster.local: No answer
*** Can't find myservice.cluster.local: No answer
*** Can't find myservice.localdomain: No answer waiting for myservice
Server: 10.96.0.10
Address: 10.96.0.10:53 ** server can't find myservice.default.svc.cluster.local: NXDOMAIN *** Can't find myservice.svc.cluster.local: No answer
*** Can't find myservice.cluster.local: No answer
*** Can't find myservice.localdomain: No answer
*** Can't find myservice.default.svc.cluster.local: No answer
*** Can't find myservice.svc.cluster.local: No answer
*** Can't find myservice.cluster.local: No answer
*** Can't find myservice.localdomain: No answer waiting for myservice
Server: 10.96.0.10
Address: 10.96.0.10:53 ** server can't find myservice.default.svc.cluster.local: NXDOMAIN *** Can't find myservice.svc.cluster.local: No answer
*** Can't find myservice.cluster.local: No answer
*** Can't find myservice.localdomain: No answer
*** Can't find myservice.default.svc.cluster.local: No answer
*** Can't find myservice.svc.cluster.local: No answer
*** Can't find myservice.cluster.local: No answer
*** Can't find myservice.localdomain: No answer waiting for myservice
Server: 10.96.0.10
Address: 10.96.0.10:53 ** server can't find myservice.default.svc.cluster.local: NXDOMAIN *** Can't find myservice.svc.cluster.local: No answer
*** Can't find myservice.cluster.local: No answer
*** Can't find myservice.localdomain: No answer
*** Can't find myservice.default.svc.cluster.local: No answer
*** Can't find myservice.svc.cluster.local: No answer
*** Can't find myservice.cluster.local: No answer
*** Can't find myservice.localdomain: No answer waiting for myservice
myservice.yaml
[root@k8s-master mnt]# cat myservice.yaml
kind: Service
apiVersion: v1
metadata:
name: myservice
spec:
ports:
- protocol: TCP
port: 80
targetPort: 9376
[root@k8s-master mnt]#
[root@k8s-master mnt]# vim myservice.yaml
[root@k8s-master mnt]# kubectl create -f myservice.yaml
service/myservice created
[root@k8s-master mnt]# kubectl get pod
NAME READY STATUS RESTARTS AGE
myapp-pod 0/1 Init:0/2 0 4m23s
[root@k8s-master mnt]# kubectl get pod
NAME READY STATUS RESTARTS AGE
myapp-pod 0/1 Init:0/2 0 4m25s
[root@k8s-master mnt]# kubectl get pod
NAME READY STATUS RESTARTS AGE
myapp-pod 0/1 Init:0/2 0 4m27s
[root@k8s-master mnt]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 10h
myservice ClusterIP 10.102.35.5 <none> 80/TCP 49s
[root@k8s-master mnt]# kubectl get pod -n kube-system
NAME READY STATUS RESTARTS AGE
coredns-58cc8c89f4-pzbrd 1/1 Running 23 10h
coredns-58cc8c89f4-vmhl2 1/1 Running 23 10h
etcd-k8s-master 1/1 Running 4 10h
kube-apiserver-k8s-master 1/1 Running 4 10h
kube-controller-manager-k8s-master 1/1 Running 21 10h
kube-flannel-ds-amd64-c4fs4 1/1 Running 2 9h
kube-flannel-ds-amd64-ct6mc 1/1 Running 2 9h
kube-flannel-ds-amd64-mtzz9 1/1 Running 5 9h
kube-proxy-9bdql 1/1 Running 2 9h
kube-proxy-cv8lk 1/1 Running 2 9h
kube-proxy-h8jk8 1/1 Running 4 10h
kube-scheduler-k8s-master 1/1 Running 21 10h
[root@k8s-master mnt]# kubectl get pod
NAME READY STATUS RESTARTS AGE
myapp-pod 0/1 Init:1/2 0 5m58s
[root@k8s-master mnt]# vim myservice.yaml
[root@k8s-master mnt]# kubectl create -f myservice.yaml
service/myservice created
[root@k8s-master mnt]# kubectl get pod
NAME READY STATUS RESTARTS AGE
myapp-pod 0/1 Init:0/2 0 4m23s
[root@k8s-master mnt]# kubectl get pod
NAME READY STATUS RESTARTS AGE
myapp-pod 0/1 Init:0/2 0 4m25s
[root@k8s-master mnt]# kubectl get pod
NAME READY STATUS RESTARTS AGE
myapp-pod 0/1 Init:0/2 0 4m27s
[root@k8s-master mnt]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 10h
myservice ClusterIP 10.102.35.5 <none> 80/TCP 49s
[root@k8s-master mnt]# kubectl get pod -n kube-system
NAME READY STATUS RESTARTS AGE
coredns-58cc8c89f4-pzbrd 1/1 Running 23 10h
coredns-58cc8c89f4-vmhl2 1/1 Running 23 10h
etcd-k8s-master 1/1 Running 4 10h
kube-apiserver-k8s-master 1/1 Running 4 10h
kube-controller-manager-k8s-master 1/1 Running 21 10h
kube-flannel-ds-amd64-c4fs4 1/1 Running 2 9h
kube-flannel-ds-amd64-ct6mc 1/1 Running 2 9h
kube-flannel-ds-amd64-mtzz9 1/1 Running 5 9h
kube-proxy-9bdql 1/1 Running 2 9h
kube-proxy-cv8lk 1/1 Running 2 9h
kube-proxy-h8jk8 1/1 Running 4 10h
kube-scheduler-k8s-master 1/1 Running 21 10h
[root@k8s-master mnt]# kubectl get pod
NAME READY STATUS RESTARTS AGE
myapp-pod 0/1 Init:1/2 0 5m58s
现象:发现变成1/2了
[root@k8s-master mnt]# cat mydb.yaml
kind: Service
apiVersion: v1
metadata:
name: mydb
spec:
ports:
- protocol: TCP
port: 80
targetPort: 9377
[root@k8s-master mnt]#
[root@k8s-master mnt]# vim mydb.yaml
[root@k8s-master mnt]# kubectl create -f mydb.yaml
service/mydb created
[root@k8s-master mnt]# kubectl get pod
NAME READY STATUS RESTARTS AGE
myapp-pod 0/1 Init:1/2 0 11m
[root@k8s-master mnt]# kubectl get pod
NAME READY STATUS RESTARTS AGE
myapp-pod 0/1 Init:1/2 0 11m
[root@k8s-master mnt]# kubectl get pod
NAME READY STATUS RESTARTS AGE
myapp-pod 1/1 Running 0 12m
[root@k8s-master mnt]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 10h
mydb ClusterIP 10.104.158.92 <none> 80/TCP 3m24s
myservice ClusterIP 10.102.35.5 <none> 80/TCP 10m
[root@k8s-master mnt]#
现象:myapp-pod起来了
说明
- 在 Pod 启动过程中, Init 容器会按顺序在网络和数据卷初始化之后启动。每个容器必须在下一个容器启动之前成功退出
- 如果由于运行时或失败退出,将导致容器启动失败,它会根据 Pod 的 restartPolicy 指定的策略进行重试。然而,如果 Pod 的 restartPolicy 设置为 Always , Init 容器失败时会使用RestartPolicy 策略
- 在所有的 Init 容器没有成功之前, Pod 将不会变成 Ready 状态。 Init 容器的端口将不会在Service 中进行聚集。 正在初始化中的 Pod 处于 Pending 状态,但应该会将 Initializing 状态设置为 true
- 如果 Pod 重启,所有 Init 容器必须重新执行
- 对 Init 容器 spec 的修改被限制在容器 image 字段,修改其他字段都不会生效。更改 Init容器的 image 字段,等价于重启该 Pod
- Init 容器具有应用容器的所有字段。除了 readinessProbe ,因为 Init 容器无法定义不同于完成( completion )的就绪( readiness )之外的其他状态。这会在验证过程中强制
- 在 Pod 中的每个 app 和 Init 容器的名称必须唯一;与任何其它容器共享同一个名称,会在验证时抛出错误
Pod初始化容器之Init Container的更多相关文章
- k8s中初始化容器(init container)的作用及其使用方法
概述 在容器的部署过程中,有的时候需要在容器运行之前进行一些预配置的工作,比如下载配置,判断某些服务是否启动,修改配置等一些准备的工作,想要实现这些功能,在k8s中可以使用初始化容器,在应用容器运行之 ...
- Init Container(初始化容器)
在很多应用场景中,应用在启动之前都需要进行如下初始化操作. ◎ 等待其他关联组件正确运行(例如数据库或某个后台服务). ◎ 基于环境变量或配置模板生成配置文件. ◎ 从远程数据库获取本地所需配置,或者 ...
- Kubernetes init container
目录 简介 配置 init container与应用容器的区别 简介 在很多应用场景中,应用在启动之前都需要进行如下初始化操作: 等待其他关联组件正确运行(例如数据库或某个后台服务) 基于环境变量或配 ...
- kubernetes之初始容器(init container)
系列目录 理解初始容器 一个pod里可以运行多个容器,它也可以运行一个或者多个初始容器,初始容器先于应用容器运行,除了以下两点外,初始容器和普通容器没有什么两样: 它们总是run to complet ...
- init container
init container与应用容器在本质上是一样的, 但它们是仅运行一次就结束的任务, 并且必须在成功执行完成后, 系统才能继续执行下一个容器, 可以用在例如应用容器启动前做一些初始化工作,当in ...
- Java并发编程:并发容器之CopyOnWriteArrayList(转载)
Java并发编程:并发容器之CopyOnWriteArrayList(转载) 原文链接: http://ifeve.com/java-copy-on-write/ Copy-On-Write简称COW ...
- Java并发编程:并发容器之ConcurrentHashMap(转载)
Java并发编程:并发容器之ConcurrentHashMap(转载) 下面这部分内容转载自: http://www.haogongju.net/art/2350374 JDK5中添加了新的concu ...
- Java并发编程:并发容器之ConcurrentHashMap
转载: Java并发编程:并发容器之ConcurrentHashMap JDK5中添加了新的concurrent包,相对同步容器而言,并发容器通过一些机制改进了并发性能.因为同步容器将所有对容器状态的 ...
- Java并发编程:并发容器之CopyOnWriteArrayList
转载: Java并发编程:并发容器之CopyOnWriteArrayList Copy-On-Write简称COW,是一种用于程序设计中的优化策略.其基本思路是,从一开始大家都在共享同一个内容,当某个 ...
随机推荐
- Storm本地启动拓扑报错:Exception in thread "main" java.lang.NoClassDefFoundError: org/apache/storm/topology/IRichSpout
问题描述: Exception in thread "main" java.lang.NoClassDefFoundError: org/apache/storm/topology ...
- Docker 镜像与容器管理
镜像与容器简介 Docker的大部分操作都围绕着它的三大核心概念:镜像.容器.仓库而展开.因此,准确把握这三大核心概念对于掌握Docker技术尤为重要,在docker中,我们重点关注的就是镜像和容器了 ...
- 使用openresty实现按照流量百分比控制的灰度分流控制
安装好以后直接就可以配置实践了,openresty将lua都集成好了,nginx配置文件无需特殊声明引入lua file. 1.nginx.conf 添加两个灰度发布的环境 #grey 灰度环境地址 ...
- 计算机网络--TCP三次握手和四次挥手
TCP(传输控制协议) TCP(Transmission Control Protocol 传输控制协议)是一种面向连接的.可靠的.基于字节流的传输层通信协议.通过三次握手建立连接,通讯完成时要拆除连 ...
- 关于redis的几件小事(九)redis的并发竞争问题
1.什么是并发竞争 就是多客户端同时并发写一个key,可能本来应该先到的数据后到了,导致数据版本错了.或者是多客户端同时获取一个key,修改值之后再写回去,只要顺序错了,数据就错了. 2.怎么解决 采 ...
- docker toolbox的redis 配置主从及哨兵模式保证高可用
redis 的缓存中间件安装方法,简单举例如下: 环境: docker toolbox 一 主从模式1 搜索redis镜像 docker search redis2 拉取镜像docker pul ...
- 05 Python网络爬虫的数据解析方式
一.爬虫数据解析的流程 1.指定url 2.基于requests模块发起请求 3.获取响应中的数据 4.数据解析 5.进行持久化存储 二.解析方法 (1)正则解析 (2)bs4解析 (3)xpath解 ...
- 大神的JS代码风格指南
js代码风格指南:1.缩进使用空格,不要用制表符2.必须用分号3.暂时不用ES6(modules)例如export和import命令4.不鼓励(不禁止)水平对齐5.少用var 都应该使用const或者 ...
- 第十三篇 JS 操作table表格
JS 操作table表格 这节课难度可能高一点,因为没有提前解释if判断.for循环.这节课是直接把这两样用上了,老师先简单介绍一下: if,判断语句,判断就很简单了嘛,假如说1=1(1等于1),当然 ...
- 模块之time与datetime
模块之time与datetime import time print (time.clock()) print(time.process_time()) #测量处理器运算时间 print(time.a ...