kubernetes通过service访问pod
service访问pod
每个pod都会有自己的ip地址,当controller用新的pod代替发生故障的pod时,新的pod会分配到新的IP地址
service有自己的ip,而且这个ip是不变的。客户端只需要访问service的ip kubernetes则负责建立和维护service与pod的映射关系,无论后端pod如何变化,对客户端不会有任何影响,因为service没有变
案例:
[root@master myservice]# cat service.yml apiVersion: apps/v1 kind: Deployment metadata: name: httpd-deploy labels: run: apache spec: replicas: 3 selector: matchLabels: run: apache template: metadata: labels: run: apache spec: containers: - name: httpd image: httpd ports: - containerPort: 80
[root@master myservice]# kubectl get pod -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES httpd-57c7d78848-k8wnm 1/1 Running 0 25s 10.244.1.40 node1 <none> <none> httpd-57c7d78848-lmq97 1/1 Running 0 25s 10.244.1.39 node1 <none> <none> httpd-57c7d78848-v4mk8 1/1 Running 0 25s 10.244.2.30 node2 <none> <none> [root@master myservice]# curl 10.244.1.40 <html><body><h1>It works!</h1></body></html>
创建service
[root@master myservice]# cat server.yml apiVersion: v1 kind: Service metadata: name: httpd-svc spec: selector: run: apache ports: - protocol: TCP port: 8080 targetPort: 80
[root@master myservice]# kubectl get service NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE httpd-svc ClusterIP 10.96.213.197 <none> 8080/TCP 12m kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 10d
[root@master myservice]# curl 10.96.213.197:8080 <html><body><h1>It works!</h1></body></html>
通过kubectl describe 可以查看httpd-svc 与pod的对应关系
[root@master myservice]# kubectl describe service httpd-svc Name: httpd-svc Namespace: default Labels: <none> Annotations: kubectl.kubernetes.io/last-applied-configuration: {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"httpd-svc","namespace":"default"},"spec":{"ports":[{"port":8080,"... Selector: run=apache Type: ClusterIP IP: 10.96.213.197 Port: <unset> 8080/TCP TargetPort: 80/TCP Endpoints: 10.244.1.43:80,10.244.1.44:80,10.244.2.32:80 Session Affinity: None Events: <none>
DNS 访问 service
集群中的pod可以通过 服务名字+命名空间 访问服务:
[root@master myservice]# kubectl run -it --rm --image=busybox:latest bash kubectl run --generator=deployment/apps.v1 is DEPRECATED and will be removed in a future version. Use kubectl run --generator=run-pod/v1 or kubectl create instead. If you don't see a command prompt, try pressing enter. / # wget httpd-svc.default:8080 Connecting to httpd-svc.default:8080 (10.96.213.197:8080) saving to 'index.html' index.html 100% |*****************************************************| 45 0:00:00 ETA 'index.html' saved / # cat index.html <html><body><h1>It works!</h1></body></html>
外网访问服务:
需要在 httpd-svc里spec下添加类型为NodePort
[root@master myservice]# cat server.yml apiVersion: v1 kind: Service metadata: name: httpd-svc spec: type: NodePort selector: run: apache ports: - protocol: TCP port: 8080 targetPort: 80
重新运行yml文件
查看:
[root@master myservice]# kubectl get service NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE httpd-svc NodePort 10.96.95.12 <none> 8080:30002/TCP 16s kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 10d
类型变成了NodePort
监听30002端口收到请求会转发给10.96.95.12的8080端口,然后按照上面的规则发给pod
自己指定端口在30000-32767 之间别的端口不行
测试:
[root@master myservice]# curl 192.168.172.134:30002 <html><body><h1>It works!</h1></body></html> [root@master myservice]# curl 192.168.172.135:30002 <html><body><h1>It works!</h1></body></html> [root@master myservice]# curl 192.168.172.136:30002 <html><body><h1>It works!</h1></body></html>
自己指定端口:
[root@master myservice]# cat server.yml apiVersion: v1 kind: Service metadata: name: httpd-svc spec: type: NodePort selector: run: apache ports: - protocol: TCP nodePort: 31111 port: 8080 targetPort: 80
nodePort: 31111 是开放主机的端口
port: 8080 服务的端口
targetPort: 80 pod的端口
查看并验证:
[root@master myservice]# kubectl describe svc httpd-svc Name: httpd-svc Namespace: default Labels: <none> Annotations: kubectl.kubernetes.io/last-applied-configuration: {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"httpd-svc","namespace":"default"},"spec":{"ports":[{"nodePort":31... Selector: run=apache Type: NodePort IP: 10.96.103.106 Port: <unset> 8080/TCP TargetPort: 80/TCP NodePort: <unset> 31111/TCP Endpoints: 10.244.1.47:80,10.244.1.48:80,10.244.2.36:80 Session Affinity: None External Traffic Policy: Cluster Events: <none>
[root@master myservice]# kubectl get service NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE httpd-svc NodePort 10.96.103.106 <none> 8080:31111/TCP 2m19s kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 10d
[root@master myservice]# curl 192.168.172.134:31111 <html><body><h1>It works!</h1></body></html> [root@master myservice]# curl 192.168.172.135:31111 <html><body><h1>It works!</h1></body></html> [root@master myservice]# curl 192.168.172.136:31111 <html><body><h1>It works!</h1></body></html>