我正在尝试评估我的一个go服务器在pod中运行的性能。但是,收到一个错误,说打开的文件太多。有没有办法把ulimit设置在kubernetes?
ubuntu@ip-10-0-1-217:~/ppu$ kubectl exec -it go-ppu-7b4b679bf5-44rf7 -- /bin/sh -c 'ulimit -a'
core file size (blocks) (-c) unlimited
data seg size (kb) (-d) unlimited
scheduling priority (-e) 0
file size (blocks) (-f) unlimited
pending signals (-i) 15473
max locked memory (kb) (-l) 64
max memory size (kb) (-m) unlimited
open files (-n) 1048576
POSIX message queues (bytes) (-q) 819200
real-time priority (-r) 0
stack size (kb) (-s) 8192
cpu time (seconds) (-t) unlimited
max user processes (-u) unlimited
virtual memory (kb) (-v) unlimited
file locks (-x) unlimited
部署文件。
---
apiVersion: apps/v1
kind: Deployment # Type of Kubernetes resource
metadata:
name: go-ppu # Name of the Kubernetes resource
spec:
replicas: 1 # Number of pods to run at any given time
selector:
matchLabels:
app: go-ppu # This deployment applies to any Pods matching the specified label
template: # This deployment will create a set of pods using the configurations in this template
metadata:
labels: # The labels that will be applied to all of the pods in this deployment
app: go-ppu
spec: # Spec for the container which will run in the Pod
containers:
- name: go-ppu
image: ppu_test:latest
imagePullPolicy: Never
ports:
- containerPort: 8081 # Should match the port number that the Go application listens on
livenessProbe: # To check t$(minikube docker-env)he health of the Pod
httpGet:
path: /health
port: 8081
scheme: HTTP
initialDelaySeconds: 35
periodSeconds: 30
timeoutSeconds: 20
readinessProbe: # To check if the Pod is ready to serve traffic or not
httpGet:
path: /readiness
port: 8081
scheme: HTTP
initialDelaySeconds: 35
timeoutSeconds: 20
吊舱信息:
ubuntu@ip-10-0-1-217:~/ppu$ kubectl get pods
NAME READY STATUS RESTARTS AGE
go-ppu-7b4b679bf5-44rf7 1/1 Running 0 18h
ubuntu@ip-10-0-1-217:~/ppu$ kubectl get services
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 100.64.0.1 <none> 443/TCP 19h
ppu-service LoadBalancer 100.64.171.12 74d35bb2a5f30ca13877-1351038893.us-east-1.elb.amazonaws.com 8081:32623/TCP 18h
当我使用蝗虫测试服务器的性能时,收到以下错误。
# fails Method Name Type
3472 POST /supplyInkHistory ConnectionError(MaxRetryError("HTTPConnectionPool(host='74d35bb2a5f30ca13877-1351038893.us-east-1.elb.amazonaws.com', port=8081): Max retries exceeded with url: /supplyInkHistory (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x....>: Failed to establish a new connection: [Errno 24] Too many open files',))",),)
您可以看看吗https://kubernetes.io/docs/tasks/administer-cluster/sysctl-cluster/您需要启用一些功能才能使其正常工作。
securityContext:
sysctls:
- name: fs.file-max
value: "YOUR VALUE HERE"
有一些关于设置--ulimit参数的案例,您可以在这里找到或查看本文。此资源限制可以由Docker在容器启动期间设置。当您添加标签google-kubernetes-engine时,答案将与GKE环境相关,但在其他云上它也可以类似地工作。
如果要设置unlimit for open files,可以修改配置文件/etc/security/limits.conf。但是,请注意,它不会在重新启动时持续存在。
第二个选项是编辑/etc/init/docker.conf并重新启动docker服务。默认情况下,它有一些限制,如nofile或nproc,您可以在此处添加它。
另一种选择是使用实例模板。实例模板将包括一个设置所需限制的启动脚本。之后,您将需要为GKE中的实例组使用这个新的实例模板。更多信息请点击此处。
我通过在容器服务级别调整ulimits来解决这个问题,在我的情况下,这是像这样修复的容器:
# sed -i 's/LimitNOFILE=infinity/LimitNOFILE=65535/' /usr/lib/systemd/system/containerd.service
# systemctl daemon-reload
# systemctl restart containerd
# k delete deployment <asdf>