方法1:滚动重启

从1.15版开始,Kubernetes允许您滚动重启部署。作为Kubernetes的新增功能,这是最快的重启方法。

kubectl rollout restart deployment [deployment_name]

上面提到的命令将逐步执行关闭操作,并重新启动deployment中的每个pod容器。在重启过程中应用仍然可用,因为大多数容器仍在运行。

方法2:使用环境变量

另一种方法是设置或更改环境变量,以强制Pod重新启动并与您所做的更改同步。

例如,可以更改容器部署日期:

kubectl set env deployment [deployment_name] DEPLOY_DATE="$(date)"

在上面的示例中,该命令**set env设置环境变量的更改,deployment [deployment_name]选择您的部署,并DEPLOY_DATE="$(date)"**更改部署日期。

方法3:缩放副本数

我们可以使用该**scale**命令来更改deployment的副本数。将此数量设置为0实际上会关闭容器:

kubectl scale deployment [deployment_name] --replicas=0

要重新启动Pod,请使用相同的命令将副本数设置为大于零的任何值:

kubectl scale deployment [deployment_name] --replicas=1

将副本数设置为0时,Kubernetes会销毁副本。

将数字设置为大于0后,Kubernetes将创建新副本。新副本的名称将与旧副本的名称不同。您可以使用该命令**kubectl get pods**检查pod的状态,并查看新名称。

上面我们是通过(kubectl rollout重新启动) ,部署创建新的副本,并等待它们启动,然后删除旧的pods,并重新路由流量。服务将不间断地继续。接下来使用cronjob命令配合rollout restart每天定时重启动pod。

方法4:使用cronjob命令配合rollout restart每天定时重启动pod

在开始之前必须先设置RBAC,以便从集群内部运行的Kubernetes client具有对Kubernetes API执行所需调用的权限。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
#Service account the client will use to reset the deployment,
#by default the pods running inside the cluster can do no such things.
kind: ServiceAccount
apiVersion: v1
metadata:
name: deployment-restart
namespace: <YOUR NAMESPACE>
---
# allow getting status and patching only the one deployment you want
# to restart
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: deployment-restart
namespace: <YOUR NAMESPACE>
rules:
# if you wanna watch pod resources,add "metrics.k8s.io"
- apiGroups: ["", "apps", "extensions", "metrics.k8s.io"]
# if you wanna execute pod,add "pod/exec"
resources: ["deployments", "pods", "pods/exec"]
# ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed.
resourceNames: ["<YOUR DEPLOYMENT NAME>"]
verbs: ["get", "patch", "list", "watch"] # "list" and "watch" are only needed
# if you want to use `rollout status`
---
# bind the role to the service account
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: deployment-restart
namespace: <YOUR NAMESPACE>
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: deployment-restart
subjects:
- kind: ServiceAccount
name: deployment-restart
namespace: <YOUR NAMESPACE>
---
# cronjob配置:
apiVersion: batch/v1
kind: CronJob
metadata:
name: deployment-restart
namespace: <YOUR NAMESPACE>
spec:
concurrencyPolicy: Forbid
schedule: '0 8 * * *' # cron spec of time, here, 8 o'clock
jobTemplate:
spec:
backoffLimit: 2 # this has very low chance of failing, as all this does
# is prompt kubernetes to schedule new replica set for
# the deployment
activeDeadlineSeconds: 600 # timeout, makes most sense with
# "waiting for rollout" variant specified below
template:
spec:
serviceAccountName: deployment-restart # name of the service
# account configured above
restartPolicy: Never
containers:
- name: kubectl
image: bitnami/kubectl # probably any kubectl image will do,
# optionaly specify version, but this
# should not be necessary, as long the
# version of kubectl is new enough to
# have `rollout restart`
command:
- 'kubectl'
- 'rollout'
- 'restart'
- 'deployment/<YOUR DEPLOYMENT NAME>'

如果希望cronjob等待部署完成,可以将cronjob命令更改为:

1
2
3
4
5
6
command:
- bash
- -c
- |-
kubectl rollout restart deployment/<YOUR DEPLOYMENT NAME> &&
kubectl rollout status deployment/<YOUR DEPLOYMENT NAME>

以下是一个判断对应服务内存是否超过1500Mi并且加以重启的样例

1
2
3
4
5
6
7
8
9
10
11
command:
- bash
- '-c'
- |-
MAX_RESOURCE=1500
NAME_SPACE=?;
DEPLOY_NAME=?;
if [[ $(kubectl top pods -n $NAME_SPACE --selector app=$DEPLOY_NAME | awk 'NR>1 {mem=$3; sub(/Mi/, "", mem); if (mem > $MAX_RESOURCE) {over=1}} END {if (over) {print "WARN"}}') == 'WARN' ]] ; then
echo "WARN: memory usage over $MAX_RESOURCE"
kubectl rollout restart deployment -n $NAME_SPACE $DEPLOY_NAME
fi

补充一个定期删除某deploy下以upload开头的文件的指令

1
2
3
4
5
6
7
8
9
command:
- bash
- '-c'
- |-
NAME_SPACE=?;
DEPLOY_NAME=?;
for pod in $(kubectl get pod -n $NAME_SPACE --selector "app=$DEPLOY_NAME" -o jsonpath='{.items[*].metadata.name}'); do
kubectl exec $pod -n $NAME_SPACE -- find /tmp -mtime +1 -name 'upload_*' -type f -print -exec rm -f {} \;
done