Pod控制器應用進階五(kubernetes service)
阿新 • • 發佈:2018-11-09
kubernetes service是強依賴CoreDNS或者是kube-dns功能
node network節點網路
pod network pod網路
cluster network service ip
kube-proxy元件是監控apiservice和service 資源變動的資訊,通過watch連線的
service:
工作模式:userspace,iptables,ipvs
userspace:1.1-
iptables:1.10-
ipvs:1.11+
apiserver有兩個地址,一個是內部的地址,一個是外部的地址,
下面的這個是內部的地址。
[[email protected] ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 1h
型別:
ExternalName(在叢集內部引入外部),ClusterIP(預設),NodePort,LoadBalance(在雲環境上,需要支援LSB)
[[email protected] shell]# cat redis-svc.yaml
apiVersion: v1
kind: Service
metadata:
name: redis
namespace: default
spec:
selector:
app: redis
role: logstor
clusterIP: 10.97.97.97
type: ClusterIP
ports:
- port: 6379
targetPort: 6379
[ [email protected] shell]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 1h
redis ClusterIP 10.97.97.97 <none> 6379/TCP 39s
檢視redis service的詳細資訊
[[email protected] shell]# kubectl describe svc redis
Name: redis
Namespace: default
Labels: <none>
Annotations: kubectl.kubernetes.io/last-applied-configuration={"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"redis","namespace":"default"},"spec":{"clusterIP":"10.97.97.97","ports":[{"por...
Selector: app=redis,role=logstor
Type: ClusterIP
IP: 10.97.97.97 #後臺的地址
Port: <unset> 6379/TCP
TargetPort: 6379/TCP
Endpoints: <none>
Session Affinity: None
Events: <none>
service到Pod是有一箇中間層
他會在叢集中新增一個解析記錄
資源記錄:
SVC_NAME.NS_NAME.DOMAIN.LTD.
svc.cluster.local
redis.default.svc.cluster.local.
[[email protected] shell]# cat deploy-demo.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: myapp-deploy
namespace: default
spec:
replicas: 5
selector:
matchLabels:
app: myapp
release: canary
template:
metadata:
labels:
app: myapp
release: canary
spec:
containers:
- name: myapp
image: ikubernetes/myapp:v2
ports:
- name: http
containerPort: 80
[[email protected] shell]# cat myapp-svc.yaml
apiVersion: v1
kind: Service
metadata:
name: myapp
namespace: default
spec:
selector:
app: myapp
release: canary
clusterIP: 10.99.99.99
type: NodePort
ports:
- port: 80
targetPort: 80
nodePort: 30080
[[email protected] shell]# cat redis-svc.yaml
apiVersion: v1
kind: Service
metadata:
name: redis
namespace: default
spec:
selector:
app: redis
role: logstor
clusterIP: 10.97.97.97
type: ClusterIP
ports:
- port: 6379
targetPort: 6379
開始啟動起來:
deploy-demo.yaml myapp-svc.yaml redis-svc.yaml
kubectl -f apple deploy-demo.yaml
kubectl -f apple myapp-svc.yaml
kubectl -f apple redis-svc.yaml
[[email protected] shell]# kubectl get pods
NAME READY STATUS RESTARTS AGE
myapp-deploy-67f6f6b4dc-g9z9s 1/1 Running 2 18m
myapp-deploy-67f6f6b4dc-rlwqg 1/1 Running 1 18m
myapp-deploy-67f6f6b4dc-tk6hw 1/1 Running 1 18m
myapp-deploy-67f6f6b4dc-trbmr 1/1 Running 1 18m
myapp-deploy-67f6f6b4dc-zfpgk 1/1 Running 1 18m
kubectl get svc
[[email protected] shell]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 3h
myapp NodePort 10.99.99.99 <none> 80:30080/TCP 1h
redis ClusterIP 10.97.97.97 <none> 6379/TCP 1h
[[email protected] shell]# while true; do curl 192.168.146.20:30080/hostname.html; sleep 1; done
myapp-deploy-67f6f6b4dc-tk6hw
myapp-deploy-67f6f6b4dc-zfpgk
myapp-deploy-67f6f6b4dc-zfpgk
myapp-deploy-67f6f6b4dc-trbmr
myapp-deploy-67f6f6b4dc-g9z9s
myapp-deploy-67f6f6b4dc-g9z9s
myapp-deploy-67f6f6b4dc-tk6hw
myapp-deploy-67f6f6b4dc-trbmr
myapp-deploy-67f6f6b4dc-trbmr
myapp-deploy-67f6f6b4dc-rlwqg
myapp-deploy-67f6f6b4dc-g9z9s
ExternalName(在叢集內部引入外部)
下面我們將隨機訪問更改成每個使用者請求直接到固定的一個pod上
[[email protected] shell]# kubectl patch svc myapp -p '{"spec":{"sessionAffinity":"ClientIP"}}'
service/myapp patched
[[email protected] shell]# while true; do curl 192.168.146.20:30080/hostname.html; sleep 1; done
myapp-deploy-67f6f6b4dc-rlwqg
myapp-deploy-67f6f6b4dc-rlwqg
myapp-deploy-67f6f6b4dc-rlwqg
myapp-deploy-67f6f6b4dc-rlwqg
myapp-deploy-67f6f6b4dc-rlwqg
myapp-deploy-67f6f6b4dc-rlwqg
上面生效了,我們在改回來預設的
[[email protected] shell]# kubectl patch svc myapp -p '{"spec":{"sessionAffinity":"None"}}'
service/myapp patched
[[email protected] shell]# while true; do curl 192.168.146.20:30080/hostname.html; sleep 1; done
myapp-deploy-67f6f6b4dc-tk6hw
myapp-deploy-67f6f6b4dc-rlwqg
myapp-deploy-67f6f6b4dc-trbmr
myapp-deploy-67f6f6b4dc-g9z9s
myapp-deploy-67f6f6b4dc-tk6hw
myapp-deploy-67f6f6b4dc-trbmr
myapp-deploy-67f6f6b4dc-tk6hw
檢視內部的DNS解析Pod實驗
[[email protected] shell]# cat myapp-svc-headless.yaml
apiVersion: v1
kind: Service
metadata:
name: myapp-svc
namespace: default
spec:
selector:
app: myapp
release: canary
clusterIP: "None"
ports:
- port: 80
targetPort: 80
[[email protected] shell]# kubectl apply -f myapp-svc-headless.yaml
service/myapp-svc created
[[email protected] shell]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 5h
myapp NodePort 10.99.99.99 <none> 80:30080/TCP 3h
myapp-svc ClusterIP None <none> 80/TCP 4s
redis ClusterIP 10.97.97.97 <none> 6379/TCP 3h
安裝DNS解析檢視工具
yum install bind-utils
[[email protected] shell]# dig -t A myapp-svc.default.svc.cluster.local. @10.96.0.10
; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7_5.1 <<>> -t A myapp-svc.default.svc.cluster.local. @10.96.0.10
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55163
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;myapp-svc.default.svc.cluster.local. IN A
;; ANSWER SECTION:
myapp-svc.default.svc.cluster.local. 5 IN A 10.244.1.4
myapp-svc.default.svc.cluster.local. 5 IN A 10.244.1.5
myapp-svc.default.svc.cluster.local. 5 IN A 10.244.2.6
myapp-svc.default.svc.cluster.local. 5 IN A 10.244.2.7
myapp-svc.default.svc.cluster.local. 5 IN A 10.244.2.8
;; Query time: 105 msec
;; SERVER: 10.96.0.10#53(10.96.0.10)
;; WHEN: Fri Sep 07 14:19:16 CST 2018
;; MSG SIZE rcvd: 319
可以看出myapp-svc.default.svc.cluster.local這個地址已經轉發到了內部的Pod上
[[email protected] shell]# curl 10.244.1.4
Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a>
[[email protected] shell]# curl 10.244.1.4/hostname.html
myapp-deploy-67f6f6b4dc-trbmr
[[email protected] shell]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 5h
myapp NodePort 10.99.99.99 <none> 80:30080/TCP 3h
myapp-svc ClusterIP None <none> 80/TCP 7m
redis ClusterIP 10.97.97.97 <none> 6379/TCP 3h
[[email protected] shell]# kubectl get svc -n kube-system
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kube-dns ClusterIP 10.96.0.10 <none> 53/UDP,53/TCP 5h
[[email protected] shell]# kubectl get pods -o wide -l app=myapp
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE
myapp-deploy-67f6f6b4dc-g9z9s 1/1 Running 2 2h 10.244.2.8 node2 <none>
myapp-deploy-67f6f6b4dc-rlwqg 1/1 Running 1 2h 10.244.2.6 node2 <none>
myapp-deploy-67f6f6b4dc-tk6hw 1/1 Running 1 2h 10.244.2.7 node2 <none>
myapp-deploy-67f6f6b4dc-trbmr 1/1 Running 1 2h 10.244.1.4 node1 <none>
myapp-deploy-67f6f6b4dc-zfpgk 1/1 Running 1 2h 10.244.1.5 node1 <none>
如果檢視無頭的資訊:
[[email protected] shell]# dig -t A myapp.default.svc.cluster.local. @10.96.0.10
; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7_5.1 <<>> -t A myapp.default.svc.cluster.local. @10.96.0.10
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58291
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;myapp.default.svc.cluster.local. IN A
;; ANSWER SECTION:
myapp.default.svc.cluster.local. 5 IN A 10.99.99.99
;; Query time: 1 msec
;; SERVER: 10.96.0.10#53(10.96.0.10)
;; WHEN: Fri Sep 07 14:29:09 CST 2018
;; MSG SIZE rcvd: 107