MindIE Probes
MindIE Motor provides a probe script to enable Kubernetes probe detection, supporting three types of probes: startup, liveness, and readiness.
The script applies to the following scenarios:
- Deployment scenario where Controller, Coordinator, and Server are integrated
- Prefill-decode hybrid deployment scenario where Server is integrated
You can find the probe entry script $MIES_INSTALL_PATH/scripts/http_client_ctl/probe.sh in the MindIE Motor installation path.
Table 1 describes commands for probe usage.
Command |
Type |
Description |
|---|---|---|
bash probe.sh startup |
Startup probe |
Checks whether the program is started. After the probe is triggered, the timeout interval is set to 60 seconds. |
bash probe.sh liveness |
Liveness probe |
Checks whether the program process status is healthy. After the probe is triggered, the request timeout interval is set to 60 seconds. |
bash probe.sh readiness |
Readiness probe |
Checks whether the program is ready to receive traffic. After the probe is triggered, the timeout interval is set to 60 seconds. |
Table 2 describes required environment variables.
Environment Variable |
Description |
|---|---|
POD_IP |
Pod IP address of the container. |
MIES_INSTALL_PATH |
MindIE Motor installation path. |
MINDIE_SERVER_PROBE_ONLY |
Whether to detect the status of Server. This variable is valid only when it is set to 1. This variable applies to the prefill-decode hybrid scenario where only Server is integrated. |
GLOBAL_RANK_TABLE_FILE_PATH |
Global ranktable file path, which applies to the scenario where Controller, Coordinator, and Server are integrated. |
MINDIE_UTILS_HTTP_CLIENT_CTL_CONFIG_FILE_PATH |
Read path of the probe configuration file. |
MINDIE_USE_HTTPS |
Whether to enable secure HTTPS communication. The value can be true or false. After this variable is set, this configuration is preferentially used to replace http_client_ctl.json. You are advised to enable this function to ensure communication security. If this function is disabled, high network security risks exist. |
MINDIE_CHECK_INPUTFILES_PERMISSION |
You can set whether to check external mounted files, including http_client_ctl.json and certificate-related files. The default value is empty, indicating that permission verification is required.
NOTE:
When you use MINDIE_UTILS_HTTP_CLIENT_CTL_CONFIG_FILE_PATH to set the configuration file path, http_client_ctl.json is used as an external mounted file. |
Note: For details about log-related environment variables, see Log Configuration. |
|
The probe.sh script depends on http_client_ctl to send HTTP requests. For details about the request commands, see Table 3.
Command |
Description |
|---|---|
./http_client_ctl [ip] [port] [url] [timeout] [retrytime] |
|
./http_client_ctl -h/--help |
Help information. |
In addition, the http_client_ctl.json file needs to be configured for http_client_ctl. For details about the fields, see Table 4.
{
"tls_enable" : true,
"cert": {
"ca_cert" : "./security/http_client/ca/ca.pem",
"tls_cert": "./security/http_client/certs/cert.pem",
"tls_key": "./security/http_client/keys/cert.key.pem",
"tls_passwd": "./security/http_client/pass/key_pwd.txt",
"kmc_ksf_master": "./tools/pmt/master/ksfa",
"kmc_ksf_standby": "./tools/pmt/standby/ksfb",
"tls_crl": ""
},
"log_info": {
"log_level": "INFO",
"to_file": false,
"run_log_path": "/var/log/mindie-ms/run/log.txt",
"operation_log_path": "/var/log/mindie-ms/operation/log.txt"
}
}
Type |
Item |
Description |
|---|---|---|
Certificate |
tls_enable |
Mandatory. Whether to enable HTTPS communication. The default value is true.
You are advised to enable this function to ensure communication security. If this function is disabled, high network security risks exist. If the environment variable MINDIE_USE_HTTPS is set, the value of the environment variable is read first. |
ca_cert |
Mandatory. Path of the CA root certificate file of the client, which must exist and be readable. |
|
tls_cert |
Mandatory. Path of the TLS certificate file of the client, which must exist and be readable. |
|
tls_key |
Mandatory. Path of the TLS private key file of the client, which must exist and be readable. |
|
tls_passwd |
Mandatory. Path of the private key password encrypted by KMC. |
|
kmc_ksf_master |
Mandatory. KMC keystore file of the encrypted password. |
|
kmc_ksf_standby |
Mandatory. Standby KMC keystore file of the encrypted password. |
|
tls_crl |
Mandatory. Path of the CRL file, which must exist and be readable. If the value is empty, revocation verification is not performed. |
|
Log |
log_level |
Optional. Log level. The default value is INFO.
If the environment variable MINDIEMS_LOG_LEVEL or MINDIE_LOG_LEVEL is set, the value of the environment variable is read first. For details, see Log Configuration. |
to_file |
Optional. Whether to write logs to a file. The default value is false.
If the environment variable MINDIE_LOG_TO_FILE is set, the value of the environment variable is read first. For details, see Log Configuration. |
|
run_log_path |
Path of run logs. You are advised to use environment variables to configure logs. For details, see Log Configuration. |
|
operation_log_path |
Path of operation logs. You are advised to use environment variables to configure logs. For details, see Log Configuration. |
To enable secure HTTPS communication, set tls_enable to true and prepare related certificates (CA certificate, client certificate, and private key file). Use the certificate management tool to import the certificates to generate a KMC-encrypted password file. For details, see config_mindie_server_tls_cert.py.
Import the certificates (including the security and tools directories) to the container in either of the following ways:
- Method 1: Copy related certificates and KMC files to the container during image creation.
- Method 2: Import related files by mounting them to the host when starting the container.
Then, set the related file paths under the cert field in the conf/http_client_ctl.json file in the MindIE Motor installation path to absolute paths after the files are imported to the container.