网上很多文档都说deployment 配置readiness就可以实现无损rolling update,事实真的是这样吗?
最近我们在生产环境发现一个现象,当deployment 定义的 replicas 实例数只有1个的时候,执行rollingupdate 会有坑
按照官方文档的说明,deployment 执行rollingupdate 在启动时会先拉起新版本pod再干掉旧版本的pod,逐步将所有pod 升级成新版本
但实际测试过程中发现,执行rollingupdate 时,旧replicas 中的pod 立马会被干掉一个,如所示:
rollingupdate 前:
root@ubuntu:~ # kubectl get rs
NAME DESIRED CURRENT READY AGE
webtest-static-test-com-56678f6856 1 1 1 50m
rollingupdate 中:
root@ubuntu:~ # kubectl get rs
NAME DESIRED CURRENT READY AGE
webtest-static-test-com-56678f6856 0 0 0 50m
webtest-static-test-com-7d785c987 1 1 0 25m
执行rollingupdate 时,deployment 会创建一个新的rs,随即将旧rs 中的pod 干掉
可以看到这里不管新旧pod READY 的字段都是0,这里会有问题,执行rollingupdate 如果新版本服务启动比较慢(例如tomcat),那这段时间服务都不可用
rollingupdate 后:
root@ubuntu:~ # kubectl get rs
NAME DESIRED CURRENT READY AGE
webtest-static-test-com-56678f6856 1 1 1 50m
webtest-static-test-com-7d785c987 0 0 0 25m
从另外一个终端每隔1s 发起一次curl 请求,可以看到升级期间服务中断:
root@ubuntu: ~ # for i in {0..99};do curl http://webtest-static.test.com/index.html ;echo;sleep 1;done
This is server01 - Version - 2
This is server01 - Version - 2
<html>
<head><title>503 Service Temporarily Unavailable</title></head>
<body>
<center><h2>503 Service Temporarily Unavailable</h2></center>
<hr><center>nginx/1.15.8</center>
</body>
</html>
<html>
<head><title>503 Service Temporarily Unavailable</title></head>
<body>
<center><h2>503 Service Temporarily Unavailable</h2></center>
<hr><center>nginx/1.15.8</center>
</body>
</html>
... ...
This is server01 - Version - 3
This is server01 - Version - 3
当实例数(replicas 数) > 1 时,rollingupdate 过程中服务不会中断
附:deployment yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: webtest-static-test-com
spec:
strategy:
type: RollingUpdate
rollingUpdate:
maxSurge: 1
maxUnavailable: 1
replicas: 1
template:
metadata:
labels:
app: webtest-static-test-com
domain: webtest-static.test.com
version: v1
spec:
imagePullSecrets:
- name: registry.cn-hangzhou.aliyuncs.com
containers:
- name: webtest-static-sysop-duowan-com
image: registry.cn-hangzhou.aliyuncs.com/test/webtest_static:2.6
command: ["/bin/bash","/data/scripts/run.sh"]
- name: DLC-WEBTEST--WEBTEST1
value: "true"
ports:
- containerPort: 80
readinessProbe:
exec:
command:
- curl
- http://webtest-static.test.com/index.html
- -x
- "127.0.0.1:80"
initialDelaySeconds: 20
periodSeconds: 5
successThreshold: 1
---
apiVersion: v1
kind: Service
metadata:
name: webtest1-svc
labels:
app: webtest-static-test-com
test: test1
spec:
ports:
- port: 80
targetPort: 80
protocol: TCP
name: http
selector:
app: webtest-static-test-com