1:service详解
1、每次访问pod的时候,ip地址都不是固定的
2、service有一个虚拟ip和端口,可以使用这个来进行访问
3、kube-proxy,api server将service的信息存入到etcd中,kube-proxy将其转换为一个访问规则,这个就是本质
4、表象,就是标签,本质就是规则,通过标签,来进行要管理哪些pod,
5、访问pod里面的容器的时候,是根据轮询的状态,可以设置session亲和性来进行设置,将多个请求转发到一个pod里面的容器上
环境准备
apiVersion: apps/v1
kind: Deployment
metadata:
name: pc-deployment
namespace: dev
spec:
replicas: 3
selector:
matchLabels:
app: nginx-pod
template:
metadata:
labels:
app: nginx-pod
spec:
containers:
- name: nginx
image: nginx:1.17.1
ports:
- containerPort: 80
#将网页内容进行更改
root@pc-deployment-5cb65f68db-fxlpt:/usr/share/nginx/html# ls
50x.html index.html
root@pc-deployment-5cb65f68db-fxlpt:/usr/share/nginx/html# echo 10.244.2.48 > index.html
1、ClusterIP
集群内部进行访问pod,虚拟端口和虚拟ip
[root@master service]# cat clusterip.yaml
apiVersion: v1
kind: Service
metadata:
name: svc1
namespace: dev
spec:
selector:
app: nginx-pod
clusterIP: 10.96.0.100 #不写的话默认生成一个ip,可以为None,只能通过域名来进行访问
type: ClusterIP
ports:
- port: 8080 #svc的端口
targetPort: 80
[root@master service]# kubectl describe svc -n dev svc1
Name: svc1
Namespace: dev
Labels: <none>
Annotations: <none>
Selector: app=nginx-pod
Type: ClusterIP
IP Family Policy: SingleStack
IP Families: IPv4
IP: 10.96.0.100
IPs: 10.96.0.100
Port: <unset> 8080/TCP
TargetPort: 80/TCP
Endpoints: 10.244.1.67:80,10.244.1.68:80,10.244.2.48:80 #这个便是建立的联系
Session Affinity: None
Events: <none>
#查看ipvsadm的信息
CP 10.96.0.100:8080 rr
-> 10.244.1.67:80 Masq 1 0 0
-> 10.244.1.68:80 Masq 1 0 0
-> 10.244.2.48:80 Masq 1 0 0
2、headliness
clusterip 默认是随机的负载均衡分发策略,这个类型的不会分发clusterip,只能通过域名来进行控制访问
3、NodePort
就是将svc的port映射到node节点上面,通过nodeip+端口来实现访问,占用了主机的一个端口
apiVersion: v1
kind: Service
metadata:
name: svc2
namespace: dev
spec:
selector:
app: nginx-pod
type: NodePort
ports:
- port: 80
targetPort: 80
nodePort: 30002
#查看svc信息
[root@master service]# kubectl get svc -n dev
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
nginx NodePort 10.96.20.47 <none> 80:30528/TCP 89m
svc1 ClusterIP 10.96.0.100 <none> 8080/TCP 34m
svc2 NodePort 10.96.139.188 <none> 80:30002/TCP 2m4s
#访问服务
[root@master service]# curl 10.104.43.43:30002
10.244.1.67
[root@master service]# curl 10.104.43.43:30002
10.244.2.48
4、LoadBalancer
5、ExternalName
6、Ingress
1、因为nodeport会占用主机上面的一个端口,因此的话很多服务的话,1就浪费了大量的端口
2、使用ingress服务
就是通过域名来进行转发到对应的service上面,实现访问
环境准备
#下载ingress软件
wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.8.2/deploy/static/provider/cloud/deploy.yaml
#更换第一个源的地址
registry.cn-hangzhou.aliyuncs.com/google_containers/nginx-ingress-controller:v1.1.0
#后面2哥源的地址
registry.cn-hangzhou.aliyuncs.com/google_containers/kube-webhook-certgen:v1.1.1
#查看ingress
[root@master service]# kubectl get pod -n ingress-nginx
NAME READY STATUS RESTARTS AGE
ingress-nginx-admission-create-q984g 0/1 Completed 0 49m
ingress-nginx-admission-patch-twmqm 0/1 Completed 1 49m
ingress-nginx-controller-6f4d47c657-bv8qx 1/1 Running 0 49m
[root@master service]# kubectl get svc -n ingress-nginx
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
ingress-nginx-controller NodePort 10.96.70.212 <none> 80:30906/TCP,443:30339/TCP 49m
ingress-nginx-controller-admission ClusterIP 10.107.42.140 <none> 443/TCP 49m
#安装6个pod,2个服务
[root@master service]# cat exampl.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: pc-deployment
namespace: dev
spec:
replicas: 3
selector:
matchLabels:
app: nginx-pod
template:
metadata:
labels:
app: nginx-pod
spec:
containers:
- name: nginx
image: nginx:1.17.1
ports:
- containerPort: 80
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: tomcat-deployment
namespace: dev
spec:
replicas: 3
selector:
matchLabels:
app: t1
template:
metadata:
labels:
app: t1
spec:
containers:
- name: tomcat
image: tomcat:8.5-jre10-slim
ports:
- containerPort: 8080
---
apiVersion: v1
kind: Service
metadata:
name: nginx-service
namespace: dev
spec:
selector:
app: nginx-pod
clusterIP: None
type: ClusterIP
ports:
- port: 80
targetPort: 80
---
apiVersion: v1
kind: Service
metadata:
name: tomcat-service
namespace: dev
spec:
selector:
app: t1
type: ClusterIP
clusterIP: None
ports:
- port: 8080
targetPort: 8080
[root@master service]# cat i.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ingress-http
namespace: dev
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
ingressClassName: nginx #这个ingress由nginx来进行处理
rules: #定义一组的规则
- host: nginx.com
http:
paths:
- pathType: Prefix #表示路径匹配是基于前缀的
path: /app #表示匹配所有以/开头的路径
backend: #指定了请求转发到后端服务
service:
name: nginx-service
port:
number: 80 #后端服务监听的端口
- host: tomcat.com
http:
paths:
- pathType: Prefix
path: /
backend:
service:
name: tomcat-service
port:
number: 8080
#域名解析
[root@master service]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
10.104.43.43 master
10.104.43.93 node1
10.104.43.126 node2
10.104.43.43 nginx.com
10.104.43.43 tomcat.com
#进行访问
[root@master service]# kubectl get svc -n ingress-nginx
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
ingress-nginx-controller NodePort 10.96.70.212 <none> 80:30906/TCP,443:30339/TCP 51m
ingress-nginx-controller-admission ClusterIP 10.107.42.140 <none> 443/TCP 51m
[root@master service]# curl nginx.com:30906/app
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
[root@master service]# curl tomcat.com:30906
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8" />
<title>Apache Tomcat/8.5.35</title>
<link href="favicon.ico" rel="icon" type="image/x-icon" />
<link href="favicon.ico" rel="shortcut icon" type="image/x-icon" />
<link href="tomcat.css" rel="stylesheet" type="text/css" />
</head>