Service
Table of contents
3 Relationship between Service and Pod
1 What is Service
1.1 Definition
Official website address: Service | Kubernetes
A method to expose a network application running on a Pod or a group of Pods as a network service.
Popular definition: Service is a way to provide network services for pods.
1.2 Why Service is needed
Question: If a set of Pods (called the "backend") provide functionality to other Pods within the cluster (called the "frontend"), how does the frontend figure out and keep track of the IP address to connect to so that the frontend can use it to serve the workload the backend part?
If this is an image processing backend, it runs 3 copies. These copies are interchangeable - frontends don't need to care which backend copy they call. However, the Pods that make up this group of backend programs may actually change. The front-end client should not and does not need to know, and there is no need to track the status of this group of backends. The abstraction defined by Service can decouple this connection .
2 features
-
Service associates the corresponding Pod through label
-
The Servcie life cycle is not bound to the Pod, and the IP will not change due to the re-creation of the Pod.
-
Provides load balancing function to automatically forward traffic to different Pods
-
Provides access ports outside the cluster
-
The cluster can be accessed through the service name
3 Relationship between Service and Pod
4 Use Service
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx
labels:
app: nginx
spec:
replicas: 1
template:
metadata:
name: nginx
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.19
imagePullPolicy: IfNotPresent
ports:
- containerPort: 80
restartPolicy: Always
selector:
matchLabels:
app: nginx
---
apiVersion: v1
kind: Service
metadata:
name: nginx
spec:
selector:
app: nginx
ports:
- port: 8080 #service 端口
targetPort: 80 #容器端口
nodePort: 31001 #node 节点端口 固定在 30000-32767 之间
type: NodePort
注意:节点端口固定在 30000-32767 之间
5 multi-port
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx
labels:
app: nginx
spec:
replicas: 1
template:
metadata:
name: nginx
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.19
imagePullPolicy: IfNotPresent
ports:
- containerPort: 80
restartPolicy: Always
selector:
matchLabels:
app: nginx
---
apiVersion: v1
kind: Service
metadata:
name: nginx
spec:
selector:
app: nginx
ports:
- port: 8080 #service 端口
name: write
targetPort: 80 #容器端口
nodePort: 31001 #node 节点端口 固定在 30000-32767 之间
- port: 8081
name: read
targetPort: 80
nodePort: 31002
type: NodePort
6 typestype
For certain parts of some applications (such as the front end), you may want to expose them to IP addresses outside the Kubernetes cluster.
Kubernetes ServiceTypes
allows you to specify the type of Service you need.
-
ClusterIP
: Service is exposed inside the cluster and can only be accessed by other objects inside the cluster. It is usually used for internal service discovery and will not be exposed outside the cluster. -
NodePort
: Expose the Service on a certain port of the Node, so that the Service can be accessed through the Node's IP address and port number. It is usually used in development and testing environments. -
LoadBalancer
: Expose the Service to the public network through the load balancer provided by the cloud service provider, so that external users can access the Service. -
ExternalName
: Map the Service to a DNS name, so that the Service can be accessed through the DNS name, usually used to access external services.
6.1 ClusterIP type
-
这是最常用的 Service 类型之一
. Create a virtual IP address inside the cluster, which can be accessed by other Pods in the same cluster, but cannot be accessed by requests outside the cluster. This type of service is usually used to expose internal services, such as database or cache services. For example, in a web application, you may need to connect to a database, but the database does not need to be exposed outside the application. At this time, you can use the ClusterIP type Service to allow the application to access the database.
6.2 NodePort type
-
This type of Service will create a port and bind it to each cluster node, allowing external traffic to access the Service. This type is typically used for exposing public services, such as web applications or APIs. For example, if you need to access a web application running in the cluster from outside the cluster, you can create a NodePort type Service and expose the Service
nodePort
to the outside of the cluster by specifying the Service field. -
If you
type
set the field toNodePort
, the Kubernetes control plane will--service-node-port-range
allocate ports in the range specified by the flag (default: 30000-32767).
6.3 LoadBalancer type
-
This type of Service is similar to NodePort, but creates a load balancer in the cloud provider. This type is usually used to deploy applications on cloud platforms. The cloud platform's load balancer distributes traffic to the nodes in the cluster. This type of Service can only be used on cloud platforms and requires support from cloud vendors.
6.4 ExternalName type
-
This type of Service allows forwarding of the Service to any CNAME DNS entry that needs to be accessed. Unlike other types of Services, it does not proxy requests to any Pods. Instead, it forwards the request to the configured external address. This type of Service is typically used to proxy services to other services outside the cluster. For example, if you have a service running on the external network and you want to use the service in the Kubernetes cluster, you can create a Service of type ExternalName to resolve the DNS of the service to the Kubernetes cluster.
7 Internal communication
7.1 Create pod
apiVersion: apps/v1
kind: Deployment
metadata:
name: mysql
labels:
app: mysql
spec:
selector:
matchLabels:
app: mysql
replicas: 1
template:
metadata:
labels:
app: mysql
spec:
containers:
- name: mysql
image: mysql/mysql-server:8.0
env:
- name: MYSQL_ROOT_PASSWORD
value: root
ports:
- name: mysql
containerPort: 3306
---
apiVersion: v1
kind: Service
metadata:
name: mysql
spec:
selector:
app: mysql
ports:
- name: mysql
port: 3306
targetPort: 3306
type: ClusterIP
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx
labels:
app: nginx
spec:
selector:
matchLabels:
app: nginx
replicas: 1
template:
metadata:
labels:
app: nginx
spec:
hostNetwork: true
containers:
- name: nginx
image: nginx:latest
#command: ["/bin/sh", "-c"]
#args:
#- apt-get update && apt-get install -y mysql-client && nginx -g 'daemon off;'
ports:
- name: http
containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
name: nginx
spec:
selector:
app: nginx
ports:
- name: http
port: 8081
targetPort: 80
type: ClusterIP
7.2 Mutual access
# Enter nginx to access mysql $ mysql -h mysql -uroot -ppassword # Note: mysql here is the name of the MySQL Service, not the name of the Pod.