在k8s上是如何发布服务的
kubenetes-service1
·
1、什么是Service
- Service可以简单的理解为逻辑上的一组Pod。一种可以访问Pod的策略,而且其他Pod可以通过这个Service访问到这个Service代理的Pod。相对于Pod而言,它会有一个固定的名称,一旦创建就固定不变。
2、定义一个Service
创建Service文件
#查看 deploy
[root@k8s-master ~]# kubectl get deploy -owide
NAME READY UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR
nginx 2/2 2 2 13h nginx nginx:1.21.6 app=nginx
查看pod
[root@k8s-master ~]# kubectl get po -owide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
busybox 1/1 Running 50 (19m ago) 2d2h 192.161.125.10 k8s-node01 <none> <none>
nginx-6b5dc8646d-ph4d6 1/1 Running 0 135m 192.169.214.243 k8s-node03 <none> <none>
nginx-6b5dc8646d-w59mb 1/1 Running 0 13h 192.169.214.237 k8s-node03 <none> <none>
#创建文件
[root@k8s-master ~]# vim nginx-test-svc.yaml
apiVersion: v1
kind: Service
metadata:
labels:
app: nginx-test-svc
name: nginx-test-svc
spec:
ports:
- name: http #Service端口的名称
port: 80 #Service自己的端口 如果是80端口 service-a 调用 service-b http://service-b 不需要后面再写端口号
protocol: TC P #UDP TCP SCTP default:TCP
targetPort: 80 #应用的端口
- name: https
port: 443
protocol: TCP
targetPort: 443
selector: #对应 deploy SELECTOR
app: nginx
sessionAffinity: None
type: ClusterIP
[root@k8s-master ~]# kubectl create -f nginx-test-svc.yaml
service/nginx-test-svc created
[root@k8s-master ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 12d
nginx-test-svc ClusterIP 10.99.39.37 <none> 80/TCP,443/TCP 33s
#通过service ip 访问 nginx
[root@k8s-master ~]# curl 10.99.39.37
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
- 单独删除pod之后,并不影响svc的访问,因为pod所有的ip地址和端口号都会被记录到endpoint,endpoint在创建svc时自动创建,endpoint会动态的将svc跟pod结合起来
[root@k8s-master ~]# kubectl get ep
NAME ENDPOINTS AGE
kubernetes 172.16.55.220:6443 12d
nginx-test-svc 192.169.214.237:443,192.169.214.243:443,192.169.214.237:80 + 1 more... 109m
[root@k8s-master ~]# kubectl get ep nginx-test-svc -oyaml
apiVersion: v1
kind: Endpoints
metadata:
annotations:
endpoints.kubernetes.io/last-change-trigger-time: "2022-05-14T14:23:58Z"
creationTimestamp: "2022-05-14T14:23:58Z"
labels:
app: nginx-test-svc
name: nginx-test-svc
namespace: default
resourceVersion: "424732"
uid: ff25d0e1-0889-4ca4-93c7-8c356c2cf0bd
subsets:
- addresses: #动态的绑定pod
- ip: 192.169.214.237
nodeName: k8s-node03
targetRef:
kind: Pod
name: nginx-6b5dc8646d-w59mb
namespace: default
resourceVersion: "335755"
uid: 88e4d87b-b47a-4d80-88aa-a3fdb9278411
- ip: 192.169.214.243
nodeName: k8s-node03
targetRef:
kind: Pod
name: nginx-6b5dc8646d-ph4d6
namespace: default
resourceVersion: "409688"
uid: 7315d7d3-54a6-4348-adac-695024d73b40
ports:
- name: https
port: 443
protocol: TCP
- name: http
port: 80
protocol: TCP
3、使用Service代理k8s外部服务
- 希望在生产环境中使用某个固定的名称而非IP地址进行访问外部的中间件服务
- 希望Service指向另一个Namespace中或其他集群中的服务
- 某个项目正在迁移至k8s集群,但是一部分服务仍然在集群外部,此时可以使用service代理至k8s集群外部的服务
- 创建yaml文件
[root@k8s-master ~]# cp nginx-test-svc.yaml nginx-svc-external.yaml
#修改yaml
[root@k8s-master ~]# vim nginx-svc-external.yaml
apiVersion: v1
kind: Service
metadata:
labels:
app: nginx-svc-external
name: nginx-svc-external
spec:
ports:
- name: http
port: 80
protocol: TCP
targetPort: 80
sessionAffinity: None
type: ClusterIP
- 新建Service
[root@k8s-master ~]# kubectl create -f nginx-svc-external.yaml
service/nginx-svc-external created
[root@k8s-master ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 12d
nginx-svc-external ClusterIP 10.96.196.165 <none> 80/TCP 55s
nginx-test-svc ClusterIP 10.99.39.37 <none> 80/TCP,443/TCP 163m
#没有对应的Endpoint 需要自己创建
[root@k8s-master ~]# kubectl get ep
NAME ENDPOINTS AGE
kubernetes 172.16.55.220:6443 12d
nginx-test-svc 192.169.214.237:443,192.169.214.243:443,192.169.214.237:80 + 1 more... 166m
#新建yaml
[root@k8s-master ~]# vim nginx-ep-external.yaml
apiVersion: v1
kind: Endpoints
metadata:
labels:
app: nginx-svc-external #名字要与svc 名称一致
name: nginx-svc-external
namespace: default
subsets:
- addresses:
- ip: 172.16.55.201 #选择一个需要代理的IP
ports:
- name: http
port: 80
protocol: TCP
#创建Endpoint
[root@k8s-master ~]# kubectl create -f nginx-ep-external.yaml
endpoints/nginx-svc-external created
[root@k8s-master ~]# kubectl get ep
NAME ENDPOINTS AGE
kubernetes 172.16.55.220:6443 12d
nginx-svc-external 172.16.55.201:80 9s
nginx-test-svc 192.169.214.237:443,192.169.214.243:443,192.169.214.237:80 + 1 more... 3h12m
[root@k8s-master ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 12d
nginx-svc-external ClusterIP 10.96.196.165 <none> 80/TCP 36m
nginx-test-svc ClusterIP 10.99.39.37 <none> 80/TCP,443/TCP 3h18m
#通过访问Service 地址 访问外部资源
[root@k8s-master ~]# curl 10.96.196.165 -I
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 14 May 2022 17:43:03 GMT
Content-Type: text/html; charset=utf-8
#修改配置
[root@k8s-master ~]# kubectl edit ep nginx-svc-external
endpoints/nginx-svc-external edited
4、使用Service反代理外部域名
创建配置文件,反向代理百度
[root@k8s-master ~]# vim nginx-externalname.yaml
apiVersion: v1
kind: Service
metadata:
labels:
app: nginx-externalname
name: nginx-externalname
spec:
type: ExternalName
externalName: www.baidu.com
#创建
[root@k8s-master ~]# kubectl create -f nginx-externalname.yaml
service/nginx-externalname created
[root@k8s-master ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 12d
nginx-externalname ExternalName <none> www.baidu.com <none> 45s
nginx-svc-external ClusterIP 10.96.196.165 <none> 80/TCP 70m
nginx-test-svc ClusterIP 10.99.39.37 <none> 80/TCP,443/TCP 3h52m
#进入 busybox
[root@k8s-master ~]# kubectl exec -it busybox -- sh
#访问service 由于跨域 访问失败
/ # wget nginx-externalname
Connecting to nginx-externalname (104.193.88.77:80)
wget: server returned error: HTTP/1.1 500 Internal Server Error
#解析路由
/ # nslookup nginx-externalname
Server: 10.96.0.10
Address 1: 10.96.0.10 kube-dns.kube-system.svc.cluster.local
Name: nginx-externalname
Address 1: 180.101.49.12
Address 2: 180.101.49.11
#访问最终地址
/ # wget 180.101.49.12
Connecting to 180.101.49.12 (180.101.49.12:80)
index.html 100% |***********************************************************************************************************************************************************************************************| 2381 0:00:00 ETA
5、Service常用类型
- ClusterIP: 在集群内部使用,也是默认值
- ExternalName:通过返回定义的CNAME别名
- NodePort:在所有安装了kube-proxy的节点上打开一个端口,此端口可以代理至后端Pod,集群外部可以使用节点的IP地址和NodePort的端口号访问到集群的Pod的服务。NodePort 默认值是30000-32767
- LoadBalancer:使用云提供商的负载均衡器公开服务
[root@k8s-master ~]# kubectl get svc -nkubernetes-dashboard
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
dashboard-metrics-scraper ClusterIP 10.98.72.161 <none> 8000/TCP 12d
kubernetes-dashboard NodePort 10.96.142.96 <none> 443:32628/TCP 12d
[root@k8s-master ~]# netstat -lntp | grep 32628
tcp 0 0 0.0.0.0:32628 0.0.0.0:* LISTEN 1233/kube-proxy
#修改NodePort 默认值是30000-32767
vim /usr/lib/systemd/system/kube-apiserver.service
--service-node-port-range=30000-32767 \
- ClusterIP 改为 NodePort
#查看现有的svc
[root@k8s-master ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 12d
nginx-externalname ExternalName <none> www.baidu.com <none> 8h
nginx-svc-external ClusterIP 10.96.196.165 <none> 80/TCP 9h
nginx-test-svc ClusterIP 10.99.39.37 <none> 80/TCP,443/TCP 12h
#修改配置
[root@k8s-master ~]# kubectl edit svc nginx-test-svc
service/nginx-test-svc edited
apiVersion: v1
kind: Service
metadata:
creationTimestamp: "2022-05-14T14:23:58Z"
labels:
app: nginx-test-svc
name: nginx-test-svc
namespace: default
resourceVersion: "424731"
uid: 8ad8ff61-f6d6-4325-8573-bd2ca205ac0b
spec:
clusterIP: 10.99.39.37
clusterIPs:
- 10.99.39.37
internalTrafficPolicy: Cluster
ipFamilies:
- IPv4
ipFamilyPolicy: SingleStack
ports:
- name: http
port: 80
protocol: TCP
targetPort: 80
nodePort: 31000 #自己指定端口号
selector:
app: nginx
sessionAffinity: None
type: NodePort #ClusterIP 改为 NodePort
status:
loadBalancer: {}
#查看改完的svc
[root@k8s-master ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 12d
nginx-externalname ExternalName <none> www.baidu.com <none> 8h
nginx-svc-external ClusterIP 10.96.196.165 <none> 80/TCP 9h
nginx-test-svc NodePort 10.99.39.37 <none> 80:31000/TCP 12h
#访问服务
[root@k8s-master ~]# curl http://172.16.55.220:31000/
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容
更多推荐
1
0- 0
已为社区贡献3条内容
所有评论(0)