Kubernetes - 打开的文件太多
Kubernetes - Too many open files
我正在尝试评估 pod 中我的一个 go 服务器 运行 的性能。但是,收到一条错误消息,指出打开的文件太多。有什么方法可以在 kubernetes 中设置 ulimit 吗?
ubuntu@ip-10-0-1-217:~/ppu$ kubectl exec -it go-ppu-7b4b679bf5-44rf7 -- /bin/sh -c 'ulimit -a'
core file size (blocks) (-c) unlimited
data seg size (kb) (-d) unlimited
scheduling priority (-e) 0
file size (blocks) (-f) unlimited
pending signals (-i) 15473
max locked memory (kb) (-l) 64
max memory size (kb) (-m) unlimited
open files (-n) 1048576
POSIX message queues (bytes) (-q) 819200
real-time priority (-r) 0
stack size (kb) (-s) 8192
cpu time (seconds) (-t) unlimited
max user processes (-u) unlimited
virtual memory (kb) (-v) unlimited
file locks (-x) unlimited
部署文件。
---
apiVersion: apps/v1
kind: Deployment # Type of Kubernetes resource
metadata:
name: go-ppu # Name of the Kubernetes resource
spec:
replicas: 1 # Number of pods to run at any given time
selector:
matchLabels:
app: go-ppu # This deployment applies to any Pods matching the specified label
template: # This deployment will create a set of pods using the configurations in this template
metadata:
labels: # The labels that will be applied to all of the pods in this deployment
app: go-ppu
spec: # Spec for the container which will run in the Pod
containers:
- name: go-ppu
image: ppu_test:latest
imagePullPolicy: Never
ports:
- containerPort: 8081 # Should match the port number that the Go application listens on
livenessProbe: # To check t$(minikube docker-env)he health of the Pod
httpGet:
path: /health
port: 8081
scheme: HTTP
initialDelaySeconds: 35
periodSeconds: 30
timeoutSeconds: 20
readinessProbe: # To check if the Pod is ready to serve traffic or not
httpGet:
path: /readiness
port: 8081
scheme: HTTP
initialDelaySeconds: 35
timeoutSeconds: 20
Pods 信息:
ubuntu@ip-10-0-1-217:~/ppu$ kubectl get pods
NAME READY STATUS RESTARTS AGE
go-ppu-7b4b679bf5-44rf7 1/1 Running 0 18h
ubuntu@ip-10-0-1-217:~/ppu$ kubectl get services
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 100.64.0.1 <none> 443/TCP 19h
ppu-service LoadBalancer 100.64.171.12 74d35bb2a5f30ca13877-1351038893.us-east-1.elb.amazonaws.com 8081:32623/TCP 18h
当我使用 locust 测试服务器的性能时收到以下错误。
# fails Method Name Type
3472 POST /supplyInkHistory ConnectionError(MaxRetryError("HTTPConnectionPool(host='74d35bb2a5f30ca13877-1351038893.us-east-1.elb.amazonaws.com', port=8081): Max retries exceeded with url: /supplyInkHistory (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x....>: Failed to establish a new connection: [Errno 24] Too many open files',))",),)
可以看看吗https://kubernetes.io/docs/tasks/administer-cluster/sysctl-cluster/
但是您需要启用一些功能才能使其正常工作。
securityContext:
sysctls:
- name: fs.file-max
value: "YOUR VALUE HERE"
有几个关于设置--ulimit参数的案例,你可以找到它们 or check this article。此资源限制可以在容器启动期间由 Docker 设置。当您添加标签时 google-kubernetes-engine 答案将与 GKE 环境相关,但在其他云上它可能会类似。
如果你想设置unlimit for open files你可以修改配置文件/etc/security/limits.conf。但是,请注意它不会在重新启动后持续存在。
第二个选项是编辑 /etc/init/docker.conf 并重新启动 docker 服务。默认情况下它有一些限制,例如 nofile 或 nproc,您可以在此处添加它。
另一种选择是使用 instance template。实例模板将包含设置所需限制的 start-up 脚本。
之后,您需要将这个新的实例模板用于 GKE 中的实例组。更多信息 here and here.
我正在尝试评估 pod 中我的一个 go 服务器 运行 的性能。但是,收到一条错误消息,指出打开的文件太多。有什么方法可以在 kubernetes 中设置 ulimit 吗?
ubuntu@ip-10-0-1-217:~/ppu$ kubectl exec -it go-ppu-7b4b679bf5-44rf7 -- /bin/sh -c 'ulimit -a'
core file size (blocks) (-c) unlimited
data seg size (kb) (-d) unlimited
scheduling priority (-e) 0
file size (blocks) (-f) unlimited
pending signals (-i) 15473
max locked memory (kb) (-l) 64
max memory size (kb) (-m) unlimited
open files (-n) 1048576
POSIX message queues (bytes) (-q) 819200
real-time priority (-r) 0
stack size (kb) (-s) 8192
cpu time (seconds) (-t) unlimited
max user processes (-u) unlimited
virtual memory (kb) (-v) unlimited
file locks (-x) unlimited
部署文件。
---
apiVersion: apps/v1
kind: Deployment # Type of Kubernetes resource
metadata:
name: go-ppu # Name of the Kubernetes resource
spec:
replicas: 1 # Number of pods to run at any given time
selector:
matchLabels:
app: go-ppu # This deployment applies to any Pods matching the specified label
template: # This deployment will create a set of pods using the configurations in this template
metadata:
labels: # The labels that will be applied to all of the pods in this deployment
app: go-ppu
spec: # Spec for the container which will run in the Pod
containers:
- name: go-ppu
image: ppu_test:latest
imagePullPolicy: Never
ports:
- containerPort: 8081 # Should match the port number that the Go application listens on
livenessProbe: # To check t$(minikube docker-env)he health of the Pod
httpGet:
path: /health
port: 8081
scheme: HTTP
initialDelaySeconds: 35
periodSeconds: 30
timeoutSeconds: 20
readinessProbe: # To check if the Pod is ready to serve traffic or not
httpGet:
path: /readiness
port: 8081
scheme: HTTP
initialDelaySeconds: 35
timeoutSeconds: 20
Pods 信息:
ubuntu@ip-10-0-1-217:~/ppu$ kubectl get pods
NAME READY STATUS RESTARTS AGE
go-ppu-7b4b679bf5-44rf7 1/1 Running 0 18h
ubuntu@ip-10-0-1-217:~/ppu$ kubectl get services
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 100.64.0.1 <none> 443/TCP 19h
ppu-service LoadBalancer 100.64.171.12 74d35bb2a5f30ca13877-1351038893.us-east-1.elb.amazonaws.com 8081:32623/TCP 18h
当我使用 locust 测试服务器的性能时收到以下错误。
# fails Method Name Type
3472 POST /supplyInkHistory ConnectionError(MaxRetryError("HTTPConnectionPool(host='74d35bb2a5f30ca13877-1351038893.us-east-1.elb.amazonaws.com', port=8081): Max retries exceeded with url: /supplyInkHistory (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x....>: Failed to establish a new connection: [Errno 24] Too many open files',))",),)
可以看看吗https://kubernetes.io/docs/tasks/administer-cluster/sysctl-cluster/ 但是您需要启用一些功能才能使其正常工作。
securityContext:
sysctls:
- name: fs.file-max
value: "YOUR VALUE HERE"
有几个关于设置--ulimit参数的案例,你可以找到它们Docker 设置。当您添加标签时 google-kubernetes-engine 答案将与 GKE 环境相关,但在其他云上它可能会类似。
如果你想设置unlimit for open files你可以修改配置文件/etc/security/limits.conf。但是,请注意它不会在重新启动后持续存在。
第二个选项是编辑 /etc/init/docker.conf 并重新启动 docker 服务。默认情况下它有一些限制,例如 nofile 或 nproc,您可以在此处添加它。
另一种选择是使用 instance template。实例模板将包含设置所需限制的 start-up 脚本。 之后,您需要将这个新的实例模板用于 GKE 中的实例组。更多信息 here and here.