本文主要是介绍kubernetes Sandbox删除详解,希望对大家解决编程问题提供一定的参考价值,需要的开发者们随着小编来一起学习吧!
上一篇blog讲解了一下gc的整个流程。后面介绍了删除sandbox。但sandbox怎么删除还是没有讲清楚,在此详细展开说一下,通过sandbox id去删除sandbox代码在pkg/kubelet/kuberuntime/kuberuntime_gc.go。
func (cgc *containerGC) removeSandbox(sandboxID string) {glog.V(4).Infof("Removing sandbox %q", sandboxID)// In normal cases, kubelet should've already called StopPodSandbox before// GC kicks in. To guard against the rare cases where this is not true, try// stopping the sandbox before removing it.if err := cgc.client.StopPodSandbox(sandboxID); err != nil {glog.Errorf("Failed to stop sandbox %q before removing: %v", sandboxID, err)return}if err := cgc.client.RemovePodSandbox(sandboxID); err != nil {glog.Errorf("Failed to remove sandbox %q: %v", sandboxID, err)}
}
上面的代码分为两步,第一步是停止sandbox,第二步是删除sandbox。
先看停止pkg/kubelet/dockershim/docker_sandbox.go。
func (ds *dockerService) StopPodSandbox(podSandboxID string) error {
...errList := []error{}if needNetworkTearDown {cID := kubecontainer.BuildContainerID(runtimeName, podSandboxID)err := ds.network.TearDownPod(namespace, name, cID)if err == nil {ds.setNetworkReady(podSandboxID, false)} else {errList = append(errList, err)}}if err := ds.client.StopContainer(podSandboxID, defaultSandboxGracePeriod); err != nil {glog.Errorf("Failed to stop sandbox %q: %v", podSandboxID, err)// Do not return error if the container does not existif !libdocker.IsContainerNotFoundError(err) {errList = append(errList, err)}}
...先调用cni去删除网络,然后采集是停止容器。
先看删除网络调用cni的过程
err := ds.network.TearDownPod(namespace, name, cID)具体实现在pkg/kubelet/network/cni/cni.go
func (plugin *cniNetworkPlugin) TearDownPod(namespace string, name string, id kubecontainer.ContainerID) error {if err := plugin.checkInitialized(); err != nil {return err}// Lack of namespace should not be fatal on teardownnetnsPath, err := plugin.host.GetNetNS(id.ID)if err != nil {glog.Warningf("CNI failed to retrieve network namespace path: %v", err)}return plugin.deleteFromNetwork(plugin.getDefaultNetwork(), name, namespace, id, netnsPath)
}再深入看看上面删除网络方法deleteFromNetwork
func (plugin *cniNetworkPlugin) deleteFromNetwork(network *cniNetwork, podName string, podNamespace string, podInfraContainerID kubecontainer.ContainerID, podNetnsPath string) error {rt, err := plugin.buildCNIRuntimeConf(podName, podNamespace, podInfraContainerID, podNetnsPath)if err != nil {glog.Errorf("Error deleting network when building cni runtime conf: %v", err)return err}netConf, cniNet := network.NetworkConfig, network.CNIConfigglog.V(4).Infof("About to del CNI network %v (type=%v)", netConf.Name, netConf.Plugins[0].Network.Type)err = cniNet.DelNetworkList(netConf, rt)if err != nil {glog.Errorf("Error deleting network: %v", err)return err}return nil
}先是装配参数netConf和rt,然后是通过DelNetworkList是删除,
继续看代码DelNetworkList
func (c *CNIConfig) DelNetworkList(list *NetworkConfigList, rt *RuntimeConf) error {for i := len(list.Plugins) - 1; i >= 0; i-- {net := list.Plugins[i]pluginPath, err := invoke.FindInPath(net.Network.Type, c.Path)if err != nil {return err}newConf, err := buildOneConfig(list, net, nil, rt)if err != nil {return err}if err := invoke.ExecPluginWithoutResult(pluginPath, newConf.Bytes, c.args("DEL", rt)); err != nil {return err}}return nil
}好了这里开始调用正在的/opt/cni/bin下面cni的二进制文件的地方,上面的pluginPath默认就是/opt/cni/bin,上面执行的DEL方法,这个如果大家感兴趣可以看看我之前CNI解析的blog。
如果大家对怎么执行二进制cni感兴趣,我再多说一句怎么执行cni的
vendor/github.com/containernetworking/cni/pkg/invoke/raw_exec.go
func (e *RawExec) ExecPlugin(pluginPath string, stdinData []byte, environ []string) ([]byte, error) {stdout := &bytes.Buffer{}c := exec.Cmd{Env: environ,Path: pluginPath,Args: []string{pluginPath},Stdin: bytes.NewBuffer(stdinData),Stdout: stdout,Stderr: e.Stderr,}if err := c.Run(); err != nil {return nil, pluginErr(err, stdout.Bytes())}return stdout.Bytes(), nil
}通过golang 的os/exec去执行。
这篇关于kubernetes Sandbox删除详解的文章就介绍到这儿,希望我们推荐的文章对编程师们有所帮助!
