Determine the Reason for Pod Failure

This page shows how to write and read a Container termination message.

Termination messages provide a way for containers to write information about fatal events to a location where it can be easily retrieved and surfaced by tools like dashboards and monitoring software. In most cases, information that you put in a termination message should also be written to the general Kubernetes logs.

Before you begin

You need to have a Kubernetes cluster, and the kubectl command-line tool must be configured to communicate with your cluster. It is recommended to run this tutorial on a cluster with at least two nodes that are not acting as control plane hosts. If you do not already have a cluster, you can create one by using minikube or you can use one of these Kubernetes playgrounds:

To check the version, enter kubectl version.

Writing and reading a termination message

In this exercise, you create a Pod that runs one container. The configuration file specifies a command that runs when the container starts.

debug/termination.yaml

  1. apiVersion: v1
  2. kind: Pod
  3. metadata:
  4. name: termination-demo
  5. spec:
  6. containers:
  7. - name: termination-demo-container
  8. image: debian
  9. command: ["/bin/sh"]
  10. args: ["-c", "sleep 10 && echo Sleep expired > /dev/termination-log"]
  1. Create a Pod based on the YAML configuration file:

    1. kubectl apply -f https://k8s.io/examples/debug/termination.yaml

    In the YAML file, in the command and args fields, you can see that the container sleeps for 10 seconds and then writes “Sleep expired” to the /dev/termination-log file. After the container writes the “Sleep expired” message, it terminates.

  2. Display information about the Pod:

    1. kubectl get pod termination-demo

    Repeat the preceding command until the Pod is no longer running.

  3. Display detailed information about the Pod:

    1. kubectl get pod termination-demo --output=yaml

    The output includes the “Sleep expired” message:

    1. apiVersion: v1
    2. kind: Pod
    3. ...
    4. lastState:
    5. terminated:
    6. containerID: ...
    7. exitCode: 0
    8. finishedAt: ...
    9. message: |
    10. Sleep expired
    11. ...
  4. Use a Go template to filter the output so that it includes only the termination message:

    1. kubectl get pod termination-demo -o go-template="{{range .status.containerStatuses}}{{.lastState.terminated.message}}{{end}}"

If you are running a multi-container pod, you can use a Go template to include the container’s name. By doing so, you can discover which of the containers is failing:

  1. kubectl get pod multi-container-pod -o go-template='{{range .status.containerStatuses}}{{printf "%s:\n%s\n\n" .name .lastState.terminated.message}}{{end}}'

Customizing the termination message

Kubernetes retrieves termination messages from the termination message file specified in the terminationMessagePath field of a Container, which has a default value of /dev/termination-log. By customizing this field, you can tell Kubernetes to use a different file. Kubernetes use the contents from the specified file to populate the Container’s status message on both success and failure.

The termination message is intended to be brief final status, such as an assertion failure message. The kubelet truncates messages that are longer than 4096 bytes. The total message length across all containers will be limited to 12KiB. The default termination message path is /dev/termination-log. You cannot set the termination message path after a Pod is launched

In the following example, the container writes termination messages to /tmp/my-log for Kubernetes to retrieve:

  1. apiVersion: v1
  2. kind: Pod
  3. metadata:
  4. name: msg-path-demo
  5. spec:
  6. containers:
  7. - name: msg-path-demo-container
  8. image: debian
  9. terminationMessagePath: "/tmp/my-log"

Moreover, users can set the terminationMessagePolicy field of a Container for further customization. This field defaults to “File“ which means the termination messages are retrieved only from the termination message file. By setting the terminationMessagePolicy to “FallbackToLogsOnError“, you can tell Kubernetes to use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller.

What’s next

Last modified April 26, 2022 at 12:30 AM PST: Reorg the monitoring task section (#32823) (f26e8eff2)