问题描述
我想清除Kubernetes命名空间中所有Pod中的缓存.我想向端点发送一个请求,然后该端点将向命名空间中的所有Pod发送HTTP调用以清除缓存.目前,我只能使用Kubernetes击中一个吊舱,我无法控制哪个吊舱会被击中.
I want to clear cache in all the pods in my Kubernetes namespace. I want to send one request to the end-point which will then send a HTTP call to all the pods in the namespace to clear cache. Currently, I can hit only one pod using Kubernetes and I do not have control over which pod would get hit.
即使负载均衡器设置为RR,连续击中Pod(n次,其中n是Pod的总数)也无济于事,因为其他一些请求可能会蔓延.
Even though the load-balancer is set to RR, continuously hitting the pods(n number of times, where n is the total number of pods) doesn't help as some other requests can creep in.
这里讨论了相同的问题,但是我找不到实现的解决方案: https://github.com/kubernetes/kubernetes/issues/18755
The same issue was discussed here, but I couldn't find a solution for the implementation:https://github.com/kubernetes/kubernetes/issues/18755
我正在尝试使用Hazelcast实现清除缓存部分,其中将存储所有缓存,并且Hazelcast会自动处理缓存更新.
I'm trying to implement the clearing cache part using Hazelcast, wherein I will store all the cache and Hazelcast automatically takes care of the cache update.
如果有解决此问题的替代方法,或将kubernetes配置为针对某些特定请求命中所有端点的方法,则在此处共享将是很大的帮助.
If there is an alternative approach for this problem, or a way to configure kubernetes to hit all end-points for some specific requests, sharing here would be a great help.
推荐答案
如果您在吊舱中安装了kubectl并可以访问api服务器,则可以获取所有端点地址并将它们传递给curl:
Provided you got kubectl in your pod and have access to the api-server, you can get all endpoint adressess and pass them to curl:
kubectl get endpoints <servicename> \
-o jsonpath="{.subsets[*].addresses[*].ip}" | xargs curl
在pod中没有kubectl的替代项:
从Pod访问api服务器的推荐方法是使用kubectl代理: https://kubernetes.io/docs/tasks/access-application-cluster/access-cluster/#accessing-the-api-from-a-pod 当然,这至少会增加相同的开销.或者,您可以直接调用REST api,则必须手动提供令牌.
the recommended way to access the api server from a pod is by using kubectl proxy: https://kubernetes.io/docs/tasks/access-application-cluster/access-cluster/#accessing-the-api-from-a-pod this would of course add at least the same overhead. alternatively you could directly call the REST api, you'd have to provide the token manually.
APISERVER=$(kubectl config view --minify | grep server | cut -f 2- -d ":" | tr -d " ")
TOKEN=$(kubectl describe secret $(kubectl get secrets \
| grep ^default | cut -f1 -d ' ') | grep -E '^token' | cut -f2 -d':' | tr -d " ")
如果提供APISERVER和TOKEN变量,则在pod中不需要kubectl,这样,您只需要curl即可访问api服务器,并只需"jq"即可解析json输出:
if you provide the APISERVER and TOKEN variables, you don't need kubectl in your pod, this way you only need curl to access the api server and "jq" to parse the json output:
curl $APISERVER/api/v1/namespaces/default/endpoints --silent \
--header "Authorization: Bearer $TOKEN" --insecure \
| jq -rM ".items[].subsets[].addresses[].ip" | xargs curl
更新(最终版本)
APISERVER通常可以设置为kubernetes.default.svc,并且令牌应该位于pod的/var/run/secrets/kubernetes.io/serviceaccount/token中,因此无需手动提供任何内容:
APISERVER usually can be set to kubernetes.default.svc and the token should be available at /var/run/secrets/kubernetes.io/serviceaccount/token in the pod, so no need to provide anything manually:
TOKEN=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token); \
curl https://kubernetes.default.svc/api/v1/namespaces/default/endpoints --silent \
--header "Authorization: Bearer $TOKEN" --insecure \
| jq -rM ".items[].subsets[].addresses[].ip" | xargs curl
jq在此处可用: https://stedolan.github.io/jq/download/(< 4 MiB,但值得轻松解析JSON)
jq is available here: https://stedolan.github.io/jq/download/ (< 4 MiB, but worth it for easily parsing JSON)
这篇关于Kubenetes:在Kubernetes集群中是否可以通过单个请求击中多个Pod的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!