kubernetes-service
service :网络负载均衡,vip—>转发至pod ,应用发布,前置条件,节点需要运行proxy.
service分类
1)ClsuterIP :
集群ip,集群内部可用,生产无法访问。
一张图解,希望能看的懂
下面实验操作。
创建一个nginx的deployment资源,关联svc
[root@master01 service]# cat deploy.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
creationTimestamp: null
labels:
app: my-web
name: my-web
spec:
replicas: 2
selector:
matchLabels:
app: app
strategy: {}
template:
metadata:
creationTimestamp: null
labels:
app: app
spec:
containers:
- image: nginx
imagePullPolicy: IfNotPresent
name: app
resources:
requests:
cpu: 400m
status: {}
验证
[root@master01 service]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
my-web-7d5ccb86d7-5b672 1/1 Running 0 9s 10.244.196.141 node01 <none> <none>
my-web-7d5ccb86d7-6m4vb 1/1 Running 0 9s 10.244.140.80 node02 <none> <none>
[root@master01 service]# kubectl describe deployments.apps my-web
Name: my-web
Namespace: default
CreationTimestamp: Fri, 17 Feb 2023 17:03:39 +0800
Labels: app=my-web
Annotations: deployment.kubernetes.io/revision: 1
Selector: app=app
Replicas: 2 desired | 2 updated | 2 total | 2 available | 0 unavailable
StrategyType: RollingUpdate
MinReadySeconds: 0
RollingUpdateStrategy: 25% max unavailable, 25% max surge
Pod Template:
Labels: app=app
Containers:
app:
Image: nginx
Port: <none>
Host Port: <none>
Requests:
cpu: 400m
Environment: <none>
Mounts: <none>
Volumes: <none>
Conditions:
Type Status Reason
---- ------ ------
Available True MinimumReplicasAvailable
Progressing True NewReplicaSetAvailable
OldReplicaSets: <none>
NewReplicaSet: my-web-7d5ccb86d7 (2/2 replicas created)
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal ScalingReplicaSet 19s deployment-controller Scaled up replica set my-web-7d5ccb86d7 to 2
创建service
[root@master01 service]# kubectl expose deployment my-web --port=80 --target-port=80 --dry-run=client -o yaml >server.yaml
[root@master01 service]# cat server.yaml
apiVersion: v1
kind: Service
metadata:
creationTimestamp: null
labels:
app: my-web
name: my-web
spec:
ports:
- port: 80 #外部端口
protocol: TCP
targetPort: 80 #pod内部端口
selector:
app: app
status:
loadBalancer: {}
[root@master01 service]# kubectl create -f server.yaml
service/my-web created
[root@master01 service]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.1.0.1 <none> 443/TCP 8d
my-web ClusterIP 10.1.92.149 <none> 80/TCP 4s
验证:
[root@master01 service]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
my-web-7d5ccb86d7-5b672 1/1 Running 0 5m15s 10.244.196.141 node01 <none> <none>
my-web-7d5ccb86d7-6m4vb 1/1 Running 0 5m15s 10.244.140.80 node02 <none> <none>
[root@master01 service]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.1.0.1 <none> 443/TCP 8d
my-web ClusterIP 10.1.92.149 <none> 80/TCP 64s
[root@master01 service]# curl 10.1.92.149
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
负载均衡
[root@master01 service]# kubectl exec -ti my-web-7d5ccb86d7-5b672 -- /bin/bash
root@my-web-7d5ccb86d7-5b672:/# echo "web1" >/usr/share/nginx/html/index.html
root@my-web-7d5ccb86d7-5b672:/# exit
exit
[root@master01 service]# kubectl exec -ti my-web-7d5ccb86d7-6m4vb -- /bin/bash
root@my-web-7d5ccb86d7-6m4vb:/# echo "web2" >/usr/share/nginx/html/index.html
root@my-web-7d5ccb86d7-6m4vb:/# exit
exit
[root@master01 service]# curl 10.1.92.149
web1
[root@master01 service]# curl 10.1.92.149
web2
[root@master01 service]# curl 10.1.92.149
web1
[root@master01 service]# curl 10.1.92.149
web2
2)NodePort
在物理节点上开启端口,端口访问为30000以上,,节点无高可用,节点关闭,客户端无法访问
[root@master01 ~]# kubectl edit service my-web
service/my-web edited
- port: 80
protocol: TCP
targetPort: 80
selector:
app: app
sessionAffinity: None
type: NodePort
[root@master01 ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.1.0.1 <none> 443/TCP 8d
my-web NodePort 10.1.92.149 <none> 80:30085/TCP 7m41s
[root@master01 ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.1.0.1 <none> 443/TCP 8d
my-web NodePort 10.1.92.149 <none> 80:30085/TCP 7m41s
[root@master01 ~]#
[root@master01 ~]# curl 192.168.5.170:30085
web1
[root@master01 ~]# curl 192.168.5.170:30085
web2
[root@master01 ~]# curl 192.168.5.171:30085
web1
[root@master01 ~]# curl 192.168.5.172:30085
web1
3)loadbalancer
可以在前面加一个LB负载至后端,客户端访问就不访问某一个节点。客户端访问虚拟ip,。
在k8s内部实现lb
可支持多种应用,一个ip对应一个service,(tcp,udp,http,https,都支持)
每个svc都需关联一个生产ip(成本较高)
传统企业网:
k8s软件lb:不是k8s原生支持,需手动部署
部署附加功能 loadbalancer
下载地址GitHub
还有其他部署方式网上
部署metallb
微信公众号
csdn
metallb
测试
[root@master01 metallb]# kubectl edit svc my-web
service/my-web edited
[root@master01 metallb]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.1.0.1 <none> 443/TCP 10d
my-web LoadBalancer 10.1.92.149 192.168.5.180 80:30085/TCP 2d18h
[root@master01 ~]# curl 192.168.5.180
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
4)ingress
基于nginx的反向代理。支持基于URL地址进行请求转发,只支持http或https应用,要求有域名解析。dns支持
Ingress 公开从集群外部到集群内服务的 HTTP 和 HTTPS 路由。 流量路由由 Ingress 资源上定义的规则控制。,官网写的很清楚,就是说你访问我的ingress-svc,由它定义的规则来控制访问结果。role
图解
部署参考:
ingress-nginx
掘金掘金
博客园:博客园
csdn:csdn
csdn
找一个部署。。
网上教程一堆。。
部署完毕
[root@master01 ~]# kubectl get svc -n ingress-nginx
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
ingress-nginx-controller LoadBalancer 10.1.47.11 192.168.5.180 80:31124/TCP,443:30551/TCP 4h3m
ingress-nginx-controller-admission ClusterIP 10.1.193.45 <none> 443/TCP 4h3m
创建两个deployment关联及其svc ,验证一波
nginx-tomcat.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: ng-dep
spec:
replicas: 3
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx
ports:
- containerPort: 80
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: tom-dep
spec:
replicas: 2
selector:
matchLabels:
app: tomcat
template:
metadata:
labels:
app: tomcat
spec:
containers:
- name: tomcat
image: tomcat:8.5-jre10-slim
ports:
- containerPort: 8080
创建deployment
[root@master01 ingressv1.3.0]# kubectl apply -f tomcat-nginx.yaml
[root@master01 ingressv1.3.0]# kubectl get deployments.apps
NAME READY UP-TO-DATE AVAILABLE AGE
ng-dep 2/2 2 2 44s
tom-dep 2/2 2 2 44s
创建svc 分别关联两个deployment
svc.yaml
apiVersion: v1
kind: Service
metadata:
creationTimestamp: null
name: nginx-svc
spec:
ports:
- port: 80
protocol: TCP
targetPort: 80
selector:
app: nginx
---
apiVersion: v1
kind: Service
metadata:
creationTimestamp: null
name: tomcat-svc
spec:
ports:
- port: 8080[root@master01 ingressv1.3.0]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.1.0.1 <none> 443/TCP 17d
nginx-svc ClusterIP 10.1.122.129 <none> 80/TCP 56s
tomcat-svc ClusterIP 10.1.177.93 <none> 8080/TCP 56s
protocol: TCP
targetPort: 8080
selector:
app: tomcat
创建svc
[root@master01 ingressv1.3.0]# kubectl apply -f tomcat-svc.yaml
service/nginx-svc created
service/tomcat-svc created
[root@master01 ingressv1.3.0]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.1.0.1 <none> 443/TCP 17d
nginx-svc ClusterIP 10.1.122.129 <none> 80/TCP 56s
tomcat-svc ClusterIP 10.1.177.93 <none> 8080/TCP 56s
测试下svc
nginx
[root@master01 ingressv1.3.0]# curl 10.1.122.129
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
tomcat
[root@master01 ingressv1.3.0]# curl 10.1.177.93:8080
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8" />
<title>Apache Tomcat/8.5.35</title>
<link href="favicon.ico" rel="icon" type="image/x-icon" />
<link href="favicon.ico" rel="shortcut icon" type="image/x-icon" />
<link href="tomcat.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="wrapper">
<div id="navigation" class="curved container">
<span id="nav-home"><a href="https://tomcat.apache.org/">Home</a></span>
<span id="nav-hosts"><a href="/docs/">Documentation</a></span>
<span id="nav-config"><a href="/docs/config/">Configuration</a></span>
测试:
[root@master01 ingressv1.3.0]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.1.0.1 <none> 443/TCP 17d
nginx-svc ClusterIP 10.1.122.129 <none> 80/TCP 15m
tomcat-svc ClusterIP 10.1.177.93 <none> 8080/TCP 15m
tomcat
nginx
创建ingress资源
ingress.yaml
[root@master01 ingressv1.3.0]# cat ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ingress
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
rules:
- host: "www.example.com"
http:
paths:
- pathType: Prefix
path: /
backend:
service:
name: nginx-svc
port:
number: 80
- host: "www.emporer.com"
http:
paths:
- pathType: Prefix
path: /
backend:
service:
name: tomcat-svc
port:
number: 8080
ingressClassName: nginx
[root@master01 ingressv1.3.0]# kubectl apply -f ingress.yaml
ingress.networking.k8s.io/ingress configured
添加两条域名解析至hosts
[root@master01 ingressv1.3.0]# cat /etc/hosts
192.168.5.170 master01
192.168.5.171 node01
192.168.5.172 node02
192.168.5.180 www.example.com
192.168.5.180 www.emporer.com
访问测试。访问不同的域名调度至不同的网页,且不用跟端口。
www.emporer.com
www.example.com
本文链接:
/archives/service
版权声明:
本站所有文章除特别声明外,均采用 CC BY-NC-SA 4.0 许可协议。转载请注明来自
Emporer-Linux!
喜欢就支持一下吧