方法1:滚动重启

从1.15版开始,Kubernetes允许您滚动重启部署。作为Kubernetes的新增功能,这是最快的重启方法。

kubectl rollout restart deployment [deployment_name]

上面提到的命令将逐步执行关闭操作,并重新启动deployment中的每个pod容器。在重启过程中应用仍然可用,因为大多数容器仍在运行。

方法2:使用环境变量

另一种方法是设置或更改环境变量,以强制Pod重新启动并与您所做的更改同步。

例如,可以更改容器部署日期:

kubectl set env deployment [deployment_name] DEPLOY_DATE="$(date)"

在上面的示例中,该命令**set env设置环境变量的更改,deployment [deployment_name]选择您的部署,并DEPLOY_DATE="$(date)"**更改部署日期。

方法3:缩放副本数

我们可以使用该**scale**命令来更改deployment的副本数。将此数量设置为0实际上会关闭容器:

kubectl scale deployment [deployment_name] --replicas=0

要重新启动Pod,请使用相同的命令将副本数设置为大于零的任何值:

kubectl scale deployment [deployment_name] --replicas=1

将副本数设置为0时,Kubernetes会销毁副本。

将数字设置为大于0后,Kubernetes将创建新副本。新副本的名称将与旧副本的名称不同。您可以使用该命令**kubectl get pods**检查pod的状态,并查看新名称。

上面我们是通过(kubectl rollout重新启动) ,部署创建新的副本,并等待它们启动,然后删除旧的pods,并重新路由流量。服务将不间断地继续。接下来使用cronjob命令配合rollout restart每天定时重启动pod。

方法4:使用cronjob命令配合rollout restart每天定时重启动pod

在开始之前必须先设置RBAC,以便从集群内部运行的Kubernetes client具有对Kubernetes API执行所需调用的权限。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
#Service account the client will use to reset the deployment,
#by default the pods running inside the cluster can do no such things.
kind: ServiceAccount
apiVersion: v1
metadata:
  name: deployment-restart
  namespace: <YOUR NAMESPACE>
---
# allow getting status and patching only the one deployment you want
# to restart
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  name: deployment-restart
  namespace: <YOUR NAMESPACE>
rules:
	# if you wanna watch pod resources,add "metrics.k8s.io"
  - apiGroups: ["", "apps", "extensions", "metrics.k8s.io"]
  	# if you wanna execute pod,add "pod/exec"
    resources: ["deployments", "pods", "pods/exec"]
    # ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed.
    resourceNames: ["<YOUR DEPLOYMENT NAME>"]
    verbs: ["get", "patch", "list", "watch"] # "list" and "watch" are only needed
                                             # if you want to use `rollout status`
---
# bind the role to the service account
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: deployment-restart
  namespace: <YOUR NAMESPACE>
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: deployment-restart
subjects:
  - kind: ServiceAccount
    name: deployment-restart
    namespace: <YOUR NAMESPACE>
---
# cronjob配置:
apiVersion: batch/v1
kind: CronJob
metadata:
  name: deployment-restart
  namespace: <YOUR NAMESPACE>
spec:
  concurrencyPolicy: Forbid
  schedule: '0 8 * * *' # cron spec of time, here, 8 o'clock
  jobTemplate:
    spec:
      backoffLimit: 2 # this has very low chance of failing, as all this does
                      # is prompt kubernetes to schedule new replica set for
                      # the deployment
      activeDeadlineSeconds: 600 # timeout, makes most sense with 
                                 # "waiting for rollout" variant specified below
      template:
        spec:
          serviceAccountName: deployment-restart # name of the service
                                                 # account configured above
          restartPolicy: Never
          containers:
            - name: kubectl
              image: bitnami/kubectl # probably any kubectl image will do,
                                     # optionaly specify version, but this
                                     # should not be necessary, as long the
                                     # version of kubectl is new enough to
                                     # have `rollout restart`
              command:
                - 'kubectl'
                - 'rollout'
                - 'restart'
                - 'deployment/<YOUR DEPLOYMENT NAME>'

如果希望cronjob等待部署完成,可以将cronjob命令更改为:

1
2
3
4
5
6
command:
 - bash
 - -c
 - |-
   kubectl rollout restart deployment/<YOUR DEPLOYMENT NAME> &&
   kubectl rollout status deployment/<YOUR DEPLOYMENT NAME>

以下是一个判断对应服务内存是否超过1500Mi并且加以重启的样例

1
2
3
4
5
6
7
8
9
10
11
command:
  - bash
  - '-c'
  - |-
    MAX_RESOURCE=1500
    NAME_SPACE=?;
    DEPLOY_NAME=?;
    if [[ $(kubectl top pods -n $NAME_SPACE --selector app=$DEPLOY_NAME | awk 'NR>1 {mem=$3; sub(/Mi/, "", mem); if (mem > $MAX_RESOURCE) {over=1}} END {if (over) {print "WARN"}}') == 'WARN' ]] ; then
      echo "WARN: memory usage over $MAX_RESOURCE"
      kubectl rollout restart deployment -n $NAME_SPACE $DEPLOY_NAME
    fi

补充一个定期删除某deploy下以upload开头的文件的指令

1
2
3
4
5
6
7
8
9
command:
  - bash
  - '-c'
  - |-
    NAME_SPACE=?;
    DEPLOY_NAME=?;
    for pod in $(kubectl get pod -n $NAME_SPACE --selector "app=$DEPLOY_NAME" -o  jsonpath='{.items[*].metadata.name}'); do
      kubectl exec $pod -n $NAME_SPACE -- find /tmp -mtime +1 -name 'upload_*' -type f -print -exec rm -f {} \;
    done