Service是Kubernetes中最核心的概念,正是因为对此概念的支持,Kubernetes在某种角度下可以被看成是一种微服务平台。Kubernetes中的pod并不稳定,比如由ReplicaSet、Deployment、DaemonSet等副本控制器创建的pod,其副本数量、pod名称、pod所运行的节点、pod的IP地址等,会随着集群规模、节点状态、用户缩放等因素动态变化。Service是一组逻辑pod的抽象,为一组pod提供统一入口,用户只需与service打交道,service提供DNS解析名称,负责追踪pod动态变化并更新转发表,通过负载均衡算法最终将流量转发到后端的pod
创建service
service是一个抽象概念,定义了一个服务的多个pod逻辑合集和访问pod的策略,一般把service称为微服务。这组pod能够被service访问到,通常是通过Label Selector。
service能够提供负载均衡的能力,但是在使用上有以下限制:
只提供4层负载均衡能力,而没有7层功能,但有时可能需要更多的匹配规则来转发请求,这点上4层负载均衡是不支持的。
实例:
创建一个httpd的deployment
vim httpd-deployment.yml
apiVersion: apps/v1
kind: Deployment
metadata:
name: httpd
labels:
run: httpd
spec:
replicas: 3
selector:
matchLabels:
run: httpd ##run与服务对应 会自动寻找
template:
metadata:
labels:
run: httpd
spec:
containers:
- name: httpd
image: httpd
ports:
- containerPort: 80
运行
kubectl apply -f httpd-deploy.yml
deployment.apps/httpd created
查看pod
kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
httpd-785b97775d-r66kp 1/1 Running 0 40s 10.244.1.65 node1 <none> <none>
httpd-785b97775d-vw922 1/1 Running 0 40s 10.244.1.64 node1 <none> <none>
httpd-785b97775d-xhsft 1/1 Running 0 40s 10.244.3.57 node2 <none> <none>
访问ip
curl 10.244.1.65
<html><body><h1>It works!</h1></body></html>
curl 10.244.1.64
<html><body><h1>It works!</h1></body></html>
curl 10.244.3.57
<html><body><h1>It works!</h1></body></html>
这些ip只能提供内部访问,如果pod出现问题,则网页无法访问
创建一个service,service会把请求随机转发到三台pod中的一台,并且动态更新,当有pod损坏时会移除pod。
vim httpd-service.yml
apiVersion: v1
kind: Service
metadata:
name: httpd-svc
spec:
selector: ##选择那些标签为pod做服务后端
run: httpd
ports: ##端口模块,选择tcp协议 8080端口对应pod80端口
- protocol: TCP
port: 8080
targetPort: 80
运行
kubectl apply -f httpd-service.yml
service/httpd-svc created
查看服务详细信息
kubectl describe service httpd-svc
Name: httpd-svc
Namespace: default
Labels: <none>
Annotations: kubectl.kubernetes.io/last-applied-configuration:
{"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"httpd-svc","namespace":"default"},"spec":{"ports":[{"port":8080,"...
Selector: run=httpd
Type: ClusterIP
IP: 10.96.4.100
Port: <unset> 8080/TCP
TargetPort: 80/TCP
Endpoints: 10.244.1.66:80,10.244.1.67:80,10.244.3.58:80 ##pod ip
Session Affinity: None
Events: <none>
访问
curl 10.96.4.100:8080
<html><body><h1>It works!</h1></body></html>
外网访问service
使用NodePort,service通过Cluster节点的静态端口对外提供服务。
apiVersion: v1
kind: Service
metadata:
name: httpd-svc
spec: ##此处添加type指定网络类型
type: NodePort
selector:
run: httpd
ports:
- protocol: TCP
port: 8080
targetPort: 80
重新运行yml
kubectl apply -f httpd-service.yml
service/httpd-svc configured
查看service
kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
httpd-svc NodePort 10.96.4.100 <none> 8080:32547/TCP 10m
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 11d
可以看到类型变成了NodePort,监听32547端口收到请求后会转发给8080端口,如果自己指定端口必须在30000-32767之间。
访问:
curl 192.168.1.10:32547
<html><body><h1>It works!</h1></body></html>
curl 192.168.1.20:32547
<html><body><h1>It works!</h1></body></html>
curl 192.168.1.30:32547
<html><body><h1>It works!</h1></body></html>
自己指定端口 在ports下添加 nodePort
vim httpd-service.yml
apiVersion: v1
kind: Service
metadata:
name: httpd-svc
spec:
type: NodePort
selector:
run: httpd
ports:
- protocol: TCP
nodePort: 30000 ##指定端口号
port: 8080
targetPort: 80
重新运行yml
kubectl apply -f httpd-service.yml
service/httpd-svc configured
查看service
kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
httpd-svc NodePort 10.96.4.100 <none> 8080:30000/TCP 16m
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 11d
访问测试
curl 192.168.1.10:30000
<html><body><h1>It works!</h1></body></html>
curl 192.168.1.20:30000
<html><body><h1>It works!</h1></body></html>
curl 192.168.1.30:30000
<html><body><h1>It works!</h1></body></html>