Lui*_*ado 5 demo kubernetes rancher kubernetes-pod
我需要设置一个 kubernetes pod 来为我的 Web 应用程序的客户端创建演示环境,试用期为 20 天。20天后,pod应该会自动删除,如何让pod在20天后自毁?我使用 Rancher 来部署我的 Pod。
您可以使用两种方式实现此目的,编写自己的代码并在 K8s 上运行以检查状态,这将在 20 天后删除部署 (POD)
参考github: https: //github.com/dignajar/clean-pods
您的 Pod 无法自动删除。
您可以以20天的间隔运行cronjob,这将删除特定的部署,但在这种情况下,您必须传递部署或 pod名称,以便 cronjob 具有该变量。
示例:1
from kubernetes import client, config
from kubernetes.client.rest import ApiException
config.load_incluster_config() # if running inside k8s cluster config.load_kube_config()
configuration = client.Configuration()
with client.ApiClient(configuration) as api_client:
api_instance = client.CoreV1Api(api_client)
namespace = '<Namespace name>'
name = '<POD name>'
api_instance.list_namespaced_pod(namespace)
try:
api_response = api_instance.delete_namespaced_pod(name, namespace)
print(api_response)
except ApiException as e:
print("Exception when calling CoreV1Api->delete_namespaced_pod: %s\n" % e)
示例:2
定时任务
apiVersion: batch/v1beta1
kind: CronJob
metadata:
name: cleanup
spec:
schedule: "30 1 1,20 * *"
jobTemplate:
spec:
template:
spec:
containers:
- name: kubectl-container
image: bitnami/kubectl:latest
command: ["sh", "-c", "kubectl delete pod <POD name or add variable here>"]
restartPolicy: Never
额外的
您还可以编写shell 脚本,每天运行几个命令来检查POD的AGE,如果等于20天则删除
kubectl get pods --field-selector=status.phase=Pending --sort-by=.metadata.creationTimestamp | awk 'match($5,/[20-9]d|[0-9][0-9]d|[0-9][0-9][0-9]d/) {print $0}'
更新
如果您遇到任何禁止错误,请创建服务帐户并将其与 cronjob 一起使用
apiVersion: v1
kind: ServiceAccount
metadata:
name: sa-name
namespace: default
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
namespace: default
name: sa-role
rules:
- apiGroups: ["*"]
resources: ["*"]
verbs: ["list", "delete"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: sa-rolebinding
namespace: default
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: sa-role
subjects:
- kind: ServiceAccount
name: sa-name
namespace: default
---
apiVersion: batch/v1beta1
kind: CronJob
metadata:
name: jobs
spec:
schedule: "*/30 * * * *"
jobTemplate:
spec:
template:
spec:
serviceAccountName: sa-role
| 归档时间: |
|
| 查看次数: |
2827 次 |
| 最近记录: |