tencent cloud

Tencent Kubernetes Engine

お知らせ・リリースノート
製品アップデート情報
製品リリース記録
製品の説明
製品の優位性
製品アーキテクチャ
ユースケース
製品機能
リージョンとアベイラビリティーゾーン
クイックスタート
初心者ガイド
標準クラスターのクイック作成
ビギナー向け事例
コンテナアプリケーションのクラウドへのデプロイ Check List
TKE標準クラスターガイド
テンセントクバネティスエンジン
クラスター管理
ネットワーク管理
ストレージ管理
Worker ノードの概要
Kubernetes Object Management
ワークロード
クラウドネイティブサービスガイド
Prometheus監視サービス
TKE Serverlessクラスターガイド
TKE登録クラスターガイド
実践チュートリアル
Serverlessクラスター
ネットワーク
ログ
監視
運用・保守
DevOps
オートスケーリング
よくあるご質問
クラスター類
TKE Serverlessクラスター
運用保守系
サービス類
イメージリポジトリ類
リモート端末類
DokumentasiTencent Kubernetes Engine

Smooth Workload Upgrade

Mode fokus
Ukuran font
Terakhir diperbarui: 2024-12-19 21:49:45
After the problem of decreased availability caused during a Service's single point of failure or node draining is solved, still another scenario that may cause availability decrease needs to be considered, that is, rolling update. A normal rolling update of a Service may affect the Service availability due to the following causes:

Lossy rolling update of the business

If there is a call between Services in the cluster:

When a rolling update is performed on the server:

Either of the following cases may occur:
Case 1. The old replica is immediately terminated, but kube-proxy on the client node hasn't updated all the forwarding rules and still schedules the new connection to the old replica. This will result in a connection exception, and the error "connection refused" (the process is being stopped and no longer receives new requests) or "no route to host" (the container is completely terminated, and its ENI and IP no longer exist) may be reported.
Case 2. The new replica starts, and kube-proxy on the client node immediately watches the new replica, updates the forwarding rules, and schedules the new connection to the new replica. However, a process, such as a Java process like Tomcat, starts slowly in the container, the port is not listened on, and thus the connection cannot be processed during startup, which also results in a connection exception, and the error "connection refused" will be reported generally.

Best practices

For case 1, you can add preStop to the container to make the Pod sleep for a while before being truly terminated, during which kube-proxy on the client node will update all the forwarding rules, and then the container will be terminated. In this case, the Pod can still run for a while after being terminated, during which it can still process requests normally if new requests are forwarded to it as forwarding rules are not updated promptly on the client, so as to avoid connection exceptions. This method sounds ungraceful but has a good effect. There is no silver bullet in a distributed architecture, and you can only try to find and implement the best solution under the current design.
For case 2, you can add ReadinessProbe to the container to make the Service Endpoint be updated only after all processes in the container are truly started. Then, kube-proxy on the client node will update the forwarding rules to forward the incoming traffic. This ensures that the traffic will be forwarded only after the Pod is completely ready and thus avoids connection exceptions. Sample YAML configuration:
      readinessProbe:
        httpGet:
          path: /healthz
          port: 80
          httpHeaders:
          - name: X-Custom-Header
            value: Awesome
        initialDelaySeconds: 10
        timeoutSeconds: 1
      lifecycle:
        preStop:
          exec:
            command: ["/bin/bash", "-c", "sleep 10"]
Topik selanjutnya: TKE Serverlessダイナミッククラスター(2023年)

Bantuan dan Dukungan

Apakah halaman ini membantu?

masukan