30、k8s-service类型-ClusterIP(默认值、属于Cluster IP类型的)-分配的IP只能在集群内部访问
实验:实验Deployment控制器创建三个pod、pod里面创建nginx、pod暴露80端口、再创建一个service服务来对pod里的nginx进行访问(service切换不同的类型)
-------------------------------------------------------------------------------------
1、部署deployment和pod
1、先准备deployment下的pod
·创建yaml文件:vim svc-deployment.yaml
----------------------------------------------------------------
apiVersion: apps/v1
kind: Deployment
metadata:
name: svc-deployment
namespace: dev
spec:
replicas: 3
selector:
matchLabels:
app: nginx-pod
template:
metadata:
labels:
app: nginx-pod
spec:
containers:
- name: nginx
image: nginx:1.17.1
ports:
- containerPort: 80
--------------------------------------------------------------
2、创建deployment和pod:kubectl create -f svc-deployment.yaml
3、查看deployment和pod的运行情况:kubectl get deploy,pods -ndev -o wide
·可以看到nginx的ip、通过ip:80 可以访问到nginx
-----------------------------------------------------------------------------------------------
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
pod/svc-deployment-6696798b78-bzdnr 1/1 Running 0 3m4s 10.244.1.234 node-1 <none> <none>
pod/svc-deployment-6696798b78-p5vhz 1/1 Running 0 3m4s 10.244.1.233 node-1 <none> <none>
pod/svc-deployment-6696798b78-st2l2 1/1 Running 0 3m4s 10.244.1.235 node-1 <none> <none>
------------------------------------------------------------------------------------------------------------------------------
·在虚拟机内访问nginx:curl 10.244.1.234:80
·但是这样看不出来是访问哪一个nginx(pod的ip是随时会变得)、所以要修改一下nginx的主页面html显示的信息
4、进到pod下的nginx服务:
·先进到nginx后台:kubectl exec -it svc-deployment-6696798b78-bzdnr -ndev /bin/sh
·将内容写入到html网页: echo "10.244.1.234" > /usr/share/nginx/html/index.html #当访问这个pod下的nginx时会显示ip地址
·其它两个pod下的nginx也按这样操作即可(注意ip要对应)
·修改完后在访问:
··curl 10.244.1.234:80 #此时就显示ip地址了
··curl 10.244.1.233:80
··curl 10.244.1.235:80
2、部署service-类型是ClusterIP:默认值、他是kubernetes系统自动分配的虚拟ip、只能在集群内部访问
1、创建service-clusterip.yaml文件:vim service-clusterip.yaml
-------------------------------------------------
apiVersion: v1
kind: Service
metadata:
name: service-clusterip
namespace: dev
spec:
selector:
app: nginx-pod
clusterIP: 10.97.97.97 #service的ip、如果不写、默认会生成随机ip
type: ClusterIP #service类型
ports:
- port: 80 #service的端口
targetPort: 80 #pod的端口
-----------------------------------------------------------------------------------------
2、执行文件创建service:kubectl create -f service-clusterip.yaml
3、查看service:kubectl get svc -ndev -o wide
--------------------------------------------------------------------
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
service-clusterip ClusterIP 10.97.97.97 <none> 80/TCP 98s app=nginx-pod
#这里ip为指定的clusterip、端口为指定的port端口
------------------------------------------------------------------------------------------------------
4、查看service的更详细的信息: kubectl describe svc service-clusterip -ndev
-----------------------------------------------------------------------------------------------------
Name: service-clusterip
Namespace: dev
Labels: <none>
Annotations: <none>
Selector: app=nginx-pod #此选择器关联到上面的deployment的下的pod标签、使pod与该service建立了关联
Type: ClusterIP #service的类型
IP: 10.97.97.97
Port: <unset> 80/TCP #service的端口
TargetPort: 80/TCP #pod的端口
Endpoints: 10.244.1.233:80,10.244.1.234:80,10.244.1.235:80 #这三个ip就是上边创建的deployment下的pod(靠标签建立联系)
Session Affinity: None #亲和性
Events: <none>
-------------------------------------------------------------------------------------------------------------------------------------
5、这里可以查看ipvs的映射规则:ipvsadm -Ln
------------------------------------------------
#找到
TCP 10.97.97.97:80 rr #rr是轮询的意思 、当访问这个地址的时候、就会按轮询的方法分配到下边的三个pod中的一个
-> 10.244.1.233:80 Masq 1 0 0
-> 10.244.1.234:80 Masq 1 0 0
-> 10.244.1.235:80 Masq 1 0 0
------------------------------------------------------------------------------------------------
6、测试访问10.97.97.97:80会不会按轮询的方式访问到上面三个pod中的nginx服务:
·while true;do curl 10.97.97.97:80; sleep 3; done; #使用循环
---------------------------------------------------负载分发策略------------------------------------------
由上面的实验得知、分发策略是随机的、轮询的
对于service的访问被分发到了后端的pod上去、目前kubernetes提供了两种负载分发的策略:
·轮询或随机:如果不定义就默认使用kube-proxy的策略、轮询、随机
·ClientIP:基于客户端地址的会话保持模式、即来自同一个客户端发起的所有请求都会转发到固定的一个pod上
在spec下添加:
sessionAffinity: ClientIP 即可
------------------------------------------------
1、先将上面的实验service删除: kubectl delete -f service-clusterip.yaml
2、修改service-clusterip.yaml文件:vim service-clusterip.yaml
----------------------------------------------------------------------
apiVersion: v1
kind: Service
metadata:
name: service-clusterip
namespace: dev
spec:
sessionAffinity: ClientIP #添加这个亲和性即可
selector:
app: nginx-pod
clusterIP: 10.97.97.97 #service的ip、如果不写、默认会生成随机ip
type: ClusterIP #service类型
ports:
- port: 80 #service的端口
targetPort: 80 #pod的端口
------------------------------------------------------------------------------------
3、创建service: kubectl create -f service-clusterip.yaml
4、查看service详细信息: kubectl describe svc service-clusterip -ndev
--------------------------------------------------------------------------------------
Name: service-clusterip
Namespace: dev
Labels: <none>
Annotations: <none>
Selector: app=nginx-pod
Type: ClusterIP
IP: 10.97.97.97
Port: <unset> 80/TCP
TargetPort: 80/TCP
Endpoints: 10.244.1.236:80,10.244.1.237:80,10.244.1.240:80
Session Affinity: ClientIP #这里就多出了这个亲和性
Events: <none>
----------------------------------------------------------------------------
5、测试访问是不是同一个ip客户端访问都是往同一个pod上去:
·while true;do curl 10.97.97.97:80; sleep 3;done
·测试发现访问的都是同一个pod的nginx
6、查看ipvs的映射规则:ipvsadm -Ln
-----------------------------------------------------
TCP 10.97.97.97:80 rr persistent 10800 #persistent 永久化
-> 10.244.1.236:80 Masq 1 0 0
-> 10.244.1.237:80 Masq 1 0 0
-> 10.244.1.240:80 Masq 1 0 23
------------------------------------------------------------------------------
7、删除service:kubectl create -f service-clusterip.yaml
