Este artículo se ha incluido en la columna " Aprender k8s desde cero "
Artículo anterior: Kubernetes core technology Service combat
¡Continúa lo que dejamos en el último capítulo!
Combate de servicio
Crear servicio: el tipo es NodePort
1、创建一个 pod 资源
[root@k8smaster service]# vim pod_nodeport.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-nginx-nodeport
spec:
selector:
matchLabels:
run: my-nginx-nodeport
replicas: 2
template:
metadata:
labels:
run: my-nginx-nodeport
spec:
containers:
- name: my-nginx-nodeport-container
image: nginx
imagePullPolicy: IfNotPresent
ports:
- containerPort: 80
#更新资源清单文件
[root@k8smaster service]# kubectl apply -f pod_nodeport.yaml
deployment.apps/my-nginx-nodeport created
#查看 pod 是否创建成功
[root@k8smaster service]# kubectl get pods -l run=my-nginx-nodeport
NAME READY STATUS RESTARTS AGE
my-nginx-nodeport-5fccbb754b-jdj67 1/1 Running 0 19s
my-nginx-nodeport-5fccbb754b-w5f8l 1/1 Running 0 19s
2、创建 service,代理 pod
[root@xianchaomaster1 ~]# vim service_nodeport.yaml
apiVersion: v1
kind: Service
metadata:
name: my-nginx-nodeport
labels:
run: my-nginx-nodeport
spec:
type: NodePort
ports:
- port: 80
protocol: TCP
targetPort: 80
nodePort: 30380
selector:
run: my-nginx-nodeport
#更新资源清单文件
[root@k8smaster service]# kubectl apply -f service_nodeport.yaml
service/my-nginx-nodeport created
#查看刚才创建的 service
[root@k8smaster service]# kubectl get svc -l run=my-nginx-nodeport
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
my-nginx-nodeport NodePort 10.97.89.147 <none> 80:30380/TCP 111s
[root@k8smaster service]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED
my-nginx-nodeport-5fccbb754b-jdj67 1/1 Running 0 9m14s 10.244.1.37 k8snode2 <none>
my-nginx-nodeport-5fccbb754b-w5f8l 1/1 Running 0 9m14s 10.244.2.38 k8snode <none>
[root@k8smaster service]# kubectl describe svc my-nginx-nodeport
Name: my-nginx-nodeport
Namespace: default
Labels: run=my-nginx-nodeport
Annotations: Selector: run=my-nginx-nodeport
Type: NodePort
IP: 10.97.89.147
Port: <unset> 80/TCP
TargetPort: 80/TCP
NodePort: <unset> 30380/TCP
Endpoints: 10.244.1.37:80,10.244.2.38:80
Session Affinity: None
External Traffic Policy: Cluster
Events: <none>
#ip一样的
#访问 service
[root@k8smaster service]# curl 10.97.89.147
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
注意:
10.100.156.7 是 k8s 集群内部的 service ip 地址,只能在 k8s 集群内部访问,在集群外无法访问。
都是80端口也没事,不冲突,会有新的ip加入到防火墙规则。
#在集群外访问 service
[root@k8smaster service]# curl 192.168.11.139:30380
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
#在浏览器访问 service
La solicitud de servicio va a
IP de nodo de cliente: 30380-> IP de servicio: 80-> IP de pod: puerto de contenedor
Cliente-> 192.168.11.139: 30380-> 10.97.89.147: 80-> IP de pod: 80
Crear servicio: el tipo de tipo es ExternalName
应用场景:跨名称空间访问
需求:default 名称空间下的 client 服务想要访问 nginx-ns 名称空间下的 nginx-svc 服务
docker load -i busybox.tar.gz
node1,2下载busybox
[root@k8smaster service]# vim client.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: client
spec:
replicas: 1
selector:
matchLabels:
app: busybox
template:
metadata:
labels:
app: busybox
spec:
containers:
- name: busybox
image: busybox
imagePullPolicy: IfNotPresent
command: ["/bin/sh","-c","sleep 36000"]
[root@k8smaster service]# kubectl apply -f client.yaml
deployment.apps/client created
[root@k8smaster service]# vim client_svc.yaml
apiVersion: v1
kind: Service
metadata:
name: client-svc
spec:
type: ExternalName
externalName: nginx-svc.nginx-ns.svc.cluster.local
ports:
- name: http
port: 80
targetPort: 80
该文件中指定了到 nginx-svc 的软链,让使用者感觉就好像调用自己命名空间的服务一样,访问 client-svc 会代理到 nginx-svc.nginx-ns.svc.cluster.local
[root@k8smaster service]# kubectl apply -f client_svc.yaml
service/client-svc created
查看 pod 是否正常运行
[root@k8smaster service]# kubectl get pods
NAME READY STATUS RESTARTS AGE
client-849cbd69b-76hcp 1/1 Running 0 5m22s
[root@k8smaster service]# kubectl describe svc client-svc
Name: client-svc
Namespace: default
Labels: <none>
Annotations: Selector: <none>
Type: ExternalName
IP:
External Name: nginx-svc.nginx-ns.svc.cluster.local #FQDN
Port: http 80/TCP #服务本身端口
TargetPort: 80/TCP
Endpoints: <none> #因为没有定义selector所以也是空
Session Affinity: None
Events: <none>
#新建一个命名空间,把nginx的东西放在下面。
[root@k8smaster service]# kubectl create ns nginx-ns
namespace/nginx-ns created
[root@k8smaster service]# vim server_nginx.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx
namespace: nginx-ns
spec:
replicas: 1
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx
imagePullPolicy: IfNotPresent
#nginx默认暴露80,所以可以找到deploy控制器创建的pod,进入到pod封装的容器nginx里面。
[root@k8smaster service]# kubectl apply -f server_nginx.yaml
deployment.apps/nginx created
#查看 pod 是否创建成功
[root@k8smaster service]# kubectl get pods -n nginx-ns
NAME READY STATUS RESTARTS AGE
nginx-5957f949fc-9nwbh 1/1 Running 0 10s
[root@xianchaomaster1 exter]# vim nginx_svc.yaml
apiVersion: v1
kind: Service
metadata:
name: nginx-svc
namespace: nginx-ns
spec:
selector:
app: nginx
ports:
- name: http
protocol: TCP
port: 80
targetPort: 80
[root@k8smaster service]# kubectl apply -f nginx_svc.yaml
service/nginx-svc created
[root@k8smaster service]# kubectl describe svc nginx-svc -n nginx-ns
Name: nginx-svc
Namespace: nginx-ns
Labels: <none>
Annotations: Selector: app=nginx
Type: ClusterIP
IP: 10.101.124.84
Port: http 80/TCP
TargetPort: 80/TCP
Endpoints: 10.244.1.39:80 #ip是一样的 这个service通过标签选择器选择app=nginx的pod也就是第二个模板创建的
Session Affinity: None
Events: <none>
[root@k8smaster service]# kubectl get pods -o wide -n nginx-ns
NAME READY STATUS RESTARTS AGE IP NODE
nginx-5957f949fc-9nwbh 1/1 Running 0 7m49s 10.244.1.39 k8snode2
[root@k8smaster service]# curl 10.101.124.84
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
#登录到 client pod
[root@xianchaomaster1 exter]# kubectl exec -it client-849cbd69b-76hcp -- /bin/sh
/ # wget -q -O - client-svc.default.svc.cluster.local
wget -q -O - nginx-svc.nginx-ns.svc.cluster.local
#上面两个请求的结果一样,这个实验是为了有些情况下想通过默认命名空间下的全局限定域名到其他命名空间下的服务和服务区域通信访问。
Asignación de casos de servicios externos
El clúster k8s hace referencia a la base de datos mysql externa
node2安装mysql
[root@k8snode2 ~]# yum install mariadb-server.x86_64 -y
[root@k8snode2 ~]# systemctl start mariadb
[root@k8snode2 ~]# systemctl enable mariadb
[root@k8smaster ~]# mkdir mysql
[root@k8smaster ~]# cd mysql/
[root@k8smaster mysql]# vim mysql_service.yaml
apiVersion: v1
kind: Service
metadata:
name: mysql
spec:
type: ClusterIP
ports:
- port: 3306
[root@k8smaster mysql]# kubectl apply -f mysql_service.yaml
service/mysql created
[root@k8smaster mysql]# kubectl get svc | grep mysql
mysql ClusterIP 10.103.7.164 <none> 3306/TCP 4s
[root@k8smaster mysql]# kubectl describe svc mysql
Name: mysql
Namespace: default
Labels: <none>
Annotations: Selector: <none>
Type: ClusterIP
IP: 10.103.7.164
Port: <unset> 3306/TCP
TargetPort: 3306/TCP
Endpoints: <none> #还没有 endpoint
Session Affinity: None
Events: <none>
[root@k8smaster mysql]# vim mysql_endpoint.yaml endpoint和svc的名字保持一致
apiVersion: v1
kind: Endpoints
metadata:
name: mysql
subsets:
- addresses:
- ip: 192.168.40.182
ports:
- port: 3306
[root@k8smaster mysql]# kubectl apply -f mysql_endpoint.yaml
endpoints/mysql created
[root@k8smaster mysql]# kubectl describe svc mysql
Name: mysql
Namespace: default
Labels: <none>
Annotations: Selector: <none>
Type: ClusterIP
IP: 10.103.7.164
Port: <unset> 3306/TCP
TargetPort: 3306/TCP
Endpoints: 192.168.40.182:3306 #这就是定义的外部数据库
Session Affinity: None
Events: <none>
mysql.default.svc.cluster.local #这就是它的全局域名
La configuración anterior es para introducir direcciones IP y servicios externos en el clúster k8s (otros nodos) y usar el servicio como proxy para acceder a servicios externos.
escribir al final
No es fácil de crear, si crees que el contenido es útil para ti, ¡por favor dame un seguimiento de tres enlaces para apoyarme! Si hay algún error, indíquelo en los comentarios y lo cambiaré a tiempo.
La serie que se está actualizando actualmente: aprende k8s desde cero.
Gracias por mirar. El artículo se mezcla con la comprensión personal. Si hay algún error, comuníquese conmigo e indíquelo ~
