Kubernetes相当于docker run --init [英] Kubernetes equivalent of `docker run --init`
问题描述
建议最佳实践是不要将dockerized的Node.JS应用程序作为PID 1运行(请参见
It is a recommended best practice to not run dockerized Node.JS applications as PID 1 (see https://github.com/nodejs/docker-node/blob/master/docs/BestPractices.md#handling-kernel-signals) in order to correctly capture signals.
docker run命令提供了--init标志,用于将应用程序入口点包装在一个小型的初始化系统中,该系统可以正确转发信号.
The docker run command provides the --init flag to wrap the application entry point with a small init system that forwards signals correctly.
Kubernetes中是否有与--init标志相同的内置符号?
Is there a built-in equivalent of the --init flag in Kubernetes?
我已经研究了Kubernetes 1.10的Pod和Container对象规范,但是没有看到与指定图像开始方式有关的任何内容.
I've explored the Pod and Container object specifications for Kubernetes 1.10 but have not seen anything related to specifying how the image gets started.
另一种方法是在每个容器中明确包含并使用 Tini ,但我真的很喜欢透明地做到--init标志的行为方式.
An alternative would be to explicitly include and use Tini in every container, but I would really like some way that does it transparently the way the --init flag behaves.
还有其他选择吗?
推荐答案
如果为pod启用了进程(PID)命名空间共享,则初始化进程(pause)将来自Kubernetes.如果您的容器具有单独的进程名称空间,则它们需要自己包含tini或其他init进程.
If you enable process (PID) namespace sharing for your pods, the init process (pause) will come from Kubernetes. If you have a separate process namespace for your containers, they need to include tini or another init process themselves.
根据 https://www.ianlewis.org/en/almighty-pause-容器,默认情况下,Kubernetes 1.7具有共享的进程名称空间,并具有禁用它的kubelet标志;默认情况下,它具有1.8的kubelet标志以及启用它的kubelet标志. Kubernetes 1.11具有Alpha功能以启用共享的进程名称空间: https://kubernetes.io/docs/tasks/configure- pod-container/share-process-namespace/
According to https://www.ianlewis.org/en/almighty-pause-container, Kubernetes 1.7 had a shared process namespace by default and a kubelet flag to disable it, 1.8 had it off by default and a kubelet flag to enable it. Kubernetes 1.11 has an alpha feature to enable a shared process namespace: https://kubernetes.io/docs/tasks/configure-pod-container/share-process-namespace/
这篇关于Kubernetes相当于docker run --init的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
