Five, kubernetes of service management

Others 2020-02-13 14:58:09 views: null

Service introduction
in each Pod kubernetes there life cycle; Pod when a fault occurs, is likely to be destroyed Pod Pod controller and create a similar substitution (Pod Pod controller capacity expansion will create a new Pod). Therefore, each new Pod will re-acquire the IP, it can be said Pod acquired over IP service is not reliable.

a fixed domain name service is a service access entry, receiving a user access request to the agent by an algorithm on the rear end Pods. Pods will be created and destroyed timely relevance to the service.

Works Introduction
kubelet on each Node node attention pod on each node, are subject to change will promptly notify kube-apiserver on the master.
Kube-proxy on each node and real-time monitoring of the changes on kube-apiserver on the pod, be revised local iptables (or ipvs) after obtaining information changes, generate a new proxy rules.

service-dependent name resolution
CoreDNS (new version K8S) and kube-dns (old version K8S)
the DNS is an optional (although highly recommended) cluster plug-ins. DNS server monitors are responsible for creating a new Service of Kubernetes API, to create a set of DNS records for each Service. If the DNS entire cluster has been enabled, then all should be able to automatically Pod Service for name resolution.

For example, there is a name for the "my-service" of the Service, it Kubernetes Cluster Namespace named "my-ns", create a DNS record for the "my-service.my-ns". Pod in the name of "my-ns" of the Namespace should be able to simply find the "my-service" by the name of the query. In another Pod Namespace must be defined as the name "my-service.my-ns". The results of these queries is the name Cluster IP

service of three operating modes
Before using a userspace v1.1 version
using iptables version before v1.10
use ipvs later version v1.11

service type

  1. ClusterIP only for accessing the interior of the cluster (default type), randomly generated service network segments in a cluster IP, through a set of proxy ClusterIP + port Pod service.
  2. Nodeport for, k8s specify access to the outside of the cluster for the running of each cluster node Pod open nodePort port for external access, nodePort default range is 30000-32767. ip + nodeport node of this group pod proxy service. (If the node linked to another node may need to change the ip)
  3. LoadBalancer call Iaas public cloud service generates load balancer outside a cluster, add Nodeport and nodeip corresponding to the load balancer, allowing access directly hit node in the pod.
  4. ExternalName service agency outside the cluster a service, service outside the K8S cluster pod cluster access

Service applications
Cluster类型的Service
currently k8s cluster has a set of Pod
Here Insert Picture Description
to create a new service as their proxy (by label selector)
defined list of service are as follows

kind: Service
apiVersion: v1
metadata:
   name: ngx-service
spec:
   selector:
     app: ngx  ##选择label为app:ngx的pod建立代理关系
   ports:
     - protocol: TCP  ##代理的协议,可选TCP或者UDP
       port: 80       ##service对外服务端口
       targetPort: 80  ##Pod上的服务端口

Create a list based on service and observe the proxy case

[root@k8s-master k8s-yaml]# kubectl apply -f ngx-service.yaml 
service/ngx-service created
[root@k8s-master k8s-yaml]# kubectl get services
NAME          TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)   AGE
kubernetes    ClusterIP   10.96.0.1        <none>        443/TCP   7d
ngx-service   ClusterIP   10.105.184.128   <none>        80/TCP    43s
[root@k8s-master k8s-yaml]# curl 10.105.184.128/hostname.html
ngx-deployment-58d847f49c-9tbwh
[root@k8s-master k8s-yaml]# curl 10.105.184.128/hostname.html
ngx-deployment-58d847f49c-vvnrj

docker in advance to build a good image, provide services and /hostname.html nginx show docker host name.

代理多服务的cluster类型
The following list of definitions

kind: Service
apiVersion: v1
metadata:
   name: ngx-service
spec:
   selector:
     app: ngx  ##选择label为app:ngx的pod建立代理关系
   ports:
     - name: http
       protocol: TCP  ##代理的协议,可选TCP或者UDP
       port: 80       ##service对外服务端口
       targetPort: 80  ##Pod上的服务端口
     - name: https
       protocol: TCP  ##代理的协议,可选TCP或者UDP
       port: 443       ##service对外服务端口
       targetPort: 443  ##Pod上的服务端口

NodePort类型的Service
The following list of definitions

kind: Service
apiVersion: v1
metadata:
   name: ngx-sr-nodeport
spec:
   type: NodePort   ##虽然为NodePort但仍会为其分配一个ClusterIP
   selector:
     app: ngx
   ports:
     - protocol: TCP
       port: 80    ##供集群内部使用CluserIP+port访问服务
       targetPort: 80  ##Pod上的服务端口
       nodePort: 30080   ##供集群外部使用node的IP+nodeport访问服务

Create a list based on service and observe the proxy case

`仍会生成clusterIP,也能提供服务`
[root@k8s-master k8s-yaml]# kubectl get services
NAME              TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)        AGE
kubernetes        ClusterIP   10.96.0.1       <none>        443/TCP        7d
ngx-sr-nodeport   NodePort    10.106.74.134   <none>        80:30080/TCP   6s
[root@k8s-master k8s-yaml]# curl 10.106.74.134/hostname.html
ngx-deployment-58d847f49c-9tbwh
[root@k8s-master k8s-yaml]# curl 10.106.74.134/hostname.html
ngx-deployment-58d847f49c-vvnrj

`从集群外的主机访问服务`
[root@192-168-80-121 ~]# curl 192.168.80.147:30080/hostname.html
ngx-deployment-58d847f49c-9tbwh
[root@192-168-80-121 ~]# curl 192.168.80.147:30080/hostname.html
ngx-deployment-58d847f49c-vvnrj
[root@192-168-80-121 ~]# curl 192.168.80.147:30080/hostname.html
ngx-deployment-58d847f49c-9tbwh

外部Service
For access outside the cluster (or another k8s cluster or another namespace with a cluster) services. Self service need to use Endpoint, service does not require the use of spec.selector. In order to Endpoint and service bindings, you need to define the same name with the Endpoint service .

service list

kind: Service
apiVersion: v1
metadata:
   name: ngx-service
spec:
   ports:
     - protocol: TCP  ##代理的协议,可选TCP或者UDP
       port: 80       ##service对外服务端口
       targetPort: 80  ##Pod上的服务端口

Self Endpoint list

kind: Service
apiVersion: v1
metadata:
   name: ngx-service
subsets:
   - address:
   	 - IP:1.2.3.4
   	 ports:
   	 - port:80

Headless Service
Service ClusterIP not set (i.e. clusterIP: none), with a rear end of the list spec.selector the Pod is directly returned to the user, in particular self-load schedule.

kind: Service
apiVersion: v1
metadata:
   name: ngx-service
spec:
   selector:
     app: ngx  ##选择label为app:ngx的pod建立代理关系
   clusterIP: None
   ports:
     - name: http
       protocol: TCP  ##代理的协议,可选TCP或者UDP
       port: 80       ##service对外服务端口
       targetPort: 80  ##Pod上的服务端口
MoriNarusara 1990
Published 40 original articles · won praise 2 · Views 2099
Private letter concerns

Guess you like

Origin blog.csdn.net/weixin_42155272/article/details/90238865
Recommended
Ranking
#2019110700005
What materials and procedures are required for patent transfer
What is the blockchain Ethereum triplet state root transaction root receipt root
Front-end study notes 04 --- About the insertion of html pictures and videos
Documents required for the filing of WeChat Mini Programs in special industries, the filing process of WeChat Mini Programs in special industries, how to file WeChat Mini Programs in special industries
2017 Qingdao-site tournament I The Squared Mosquito Coil
[BZOJ3165][HEOI2013]Segment (line segment tree without marking)
Kettle series: KettleEasyExpand, an open source Kettle universal plugin by Ma Jinju
The latest tutorial on making framework for iOS
DAX Section 6: Statistical Functions
Daily
More
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)

Code World

© 2018 codetd.com