1. dockerfile example
FROM registry.access.redhat.com/ubi9/ubi-init
#关闭订阅管理器功能,便于使用dnf安装软件RUN sed -i 's/d=1/d=0/' /etc/yum/pluginconf.d/subscription-manager.conf
RUN curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-vault-8.5.2111.repo
#安装必要的软件
RUN dnf -y install wget tcpdump tzdata bind-utils;dnf clean all;dnf makecache
#将本地jdk压缩包上传至镜像内,它会自动解压
ADD ./jdk-8u212-linux-x64.tar.gz /usr/local/
ADD ./apache-tomcat-8.0.26.tar.gz /usr/local/
ADD ./node_exporter /usr/bin/
#设置时区和jdk的软链
RUN ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && echo 'Asia/Shanghai' >/etc/timezone;ln -sf /usr/local/jdk1.8.0_212/bin/java /usr/bin/java
RUN echo "sh /usr/local/apache-tomcat-8.0.26/bin/startup.sh" >> /etc/profile
WORKDIR /data
ADD ./run_tomcat_exporter.sh /data/run_tomcat_exporter.sh
EXPOSE 9100 8080
ENV JAVA_HOME /usr/local/jdk1.8.0_212
ENV CLASSPATH $JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
ENV CATALINA_HOME /usr/local/apache-tomcat-8.0.26
ENV CATALINA_BASH /usr/local/apache-tomcat-8.0.26
ENV PATH $PATH:$JAVA_HOME/bin:$CATALINA_HOME/lib:$CATALINA_HOME/bin
ENV girl="serena" EXPORTER_PORT=9100
#HEALTHCHECK --interval=5s --timeout=3s --retries=3 CMD curl --fail http://localhost:$EXPORTER_PORT || exit 1 #即使探测到端口是unhealthy也不会重启容器,仅在docker ps里标记这个docker进程为unhealthy
HEALTHCHECK --interval=5s --timeout=3s --retries=3 CMD curl --fail http://localhost:$EXPORTER_PORT || bash -c 'kill -s 15 -1 && (sleep 10; kill -s 9 -1)'
#运行exporter
CMD sh /data/run_tomcat_exporter.shNote: exporter 9100 and tomcat 8080 are run in this example. Use the script /data/run_tomcat_exporter.sh to start both applications at once.
2. Startup script
#!/usr/bin/env bash
sh /usr/local/apache-tomcat-8.0.26/bin/startup.sh
/usr/bin/node_exporter
sleep 360000003. Build a mirror image
docker build -t myubi:1.0 .4. Run the container
docker run -d --restart=always --name=myubi -p 19100:9100 -p 18080:8080 myubi:1.0Note: You can use the host to access container applications, such as http://host ip:18080/ and http://host ip:19100/metrics
5. Enter the container and try to kill the exporter process of the health check
[root@k8s-node2 ubi]# docker exec -it myubi sh
sh-5.1#
sh-5.1# ps -ef
UID PID PPID C STIME TTY TIME CMD
root 1 0 0 09:58 ? 00:00:00 sh /data/run_tomcat_exporter.sh
root 14 1 7 09:58 ? 00:00:01 /usr/local/jdk1.8.0_212/bin/java -Djava.util.logging.config.file=/usr/local/apache-tomcat-8.0.26/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.Cla
root 15 1 0 09:58 ? 00:00:00 /usr/bin/node_exporter
root 67 0 0 09:58 pts/0 00:00:00 sh
root 82 67 0 09:58 pts/0 00:00:00 ps -ef
sh-5.1#
sh-5.1# kill -9 15
sh-5.1# 此时容器自动退出重启了
6. Summary
6-1. Using exit 1 in the health check can only make the status of the container unhealthy
HEALTHCHECK --interval=5s --timeout=3s --retries=3 CMD curl --fail http://localhost:$EXPORTER_PORT || exit 1
6-2. Using bash -c 'kill -s 15 -1 && (sleep 10; kill -s 9 -1)' in the health check can restart the container
HEALTHCHECK --interval=5s --timeout=3s --retries=3 CMD curl --fail http://localhost:$EXPORTER_PORT || bash -c 'kill -s 15 -1 && (sleep 10; kill -s 9 -1)'
Because kill -s 9 -1 is to kill the main process 1 of the container. If the main process 1 does not exist, then the container will hang.
With the command to run the container --restart=always, the container detects that the main process 1 does not exist and restarts the container.