K8s-service
暴露端口的方式
1.clusterIP
此类型会提供一个集群内部的虚拟IP(与pod不在同一网段),以供集群内部的pod之间通信使用。clusterIP也是kubernetes service的默认类型
主要需要以下几个组件的协同工作
apiservice:在创建service时,apiserver接收到请求以后将数据存储到etcd中。
kube-proxy:k8s的每个节点中都有该进程,负责实现service功能,这个进程负责感知service,pod的变化,并将变化的信息写入本地的iptables中
iptables:使用NAT等技术奖virtuallp的流量转至endpoint中
2.NodePort
NodePort模式除了使用cluster ip外,也将service的port映射到每个node的一个指定内部的port上,映射的每个node的内部port都一样。为每个节点暴露一个端口,通过nodeIP+nodeport可以访问你这个服务,同时服务依然会有cluster类型的ip+port。内部通过clusterip方式访问,外部通过nodeport方式访问
3.loadbalancer
loadbalancer在nodeport基础上,k8s可以请求底层云平台创建一个负载均衡器,将每个node作为后端,进行服务分发,该模式需要底层云平台(例如GCE)支持
4.lngress
lngress,是一种http方式的路由转发机制由lngress controller和http代理服务器组合而成,lngress controller实例监控kubernetes api,实时更新http代理服务器的转发规则。http代理服务器有GCE load-balancer、haproxy、nginx等开源方案
service是一个抽象概念,定义了一个服务的多个pod逻辑合集和访问pod的策略,一般把service称为微服务.举个例子一个a服务运行3个pod,b服务怎么访问a服务的pod,pod的ip都不是持久化的重启之后就会有变化。这时候b服务可以访问跟a服务绑定的service,service信息是固定的提前告诉b就行了,service通过Label Selector跟a服务的pod绑定,无论a的pod如何变化对b来说都是透明的.
service的类型
- ClusterIP 默认模式,只能在集群内部访问
- NodePort 在每个节点上都监听一个同样的端口号(30000-32767),ClusterIP和路由规则会自动创建。
- LoadBalancer 使用外部负载均衡。其实也是NodePort,只不过会把:自动添加到公有云的负载均衡当中
- ExternalName 创建一个dns别名指到service name上,主要是防止service name发生变化,要配合dns插件使用
K8s-基础操作
创建一个deployment副本数3,然后滚动更新镜像版本,并记录这个更新记录,最后再回滚到上一个版本
//清单文件
[root@master manifest]# cat test.yml
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: test
namespace: default
spec:
replicas: 3 //三个副本
selector:
matchLabels:
app: web
template:
metadata:
labels:
app: web
spec:
containers:
- name: web
image: w/httpd:v1.0 //1.0版本镜像
imagePullPolicy: IfNotPresent
//运行pod
[root@master manifest]# kubectl apply -f test.yml
deployment.apps/test created
[root@master manifest]# kubectl get pods
NAME READY STATUS RESTARTS AGE
test-7746d6b875-8wqfw 1/1 Running 0 49s
test-7746d6b875-rtnbv 1/1 Running 0 49s
test-7746d6b875-tphkd 0/1 ContainerCreating 0 49s
//更换镜像,升级版本
[root@master manifest]# cat test.yml
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: test
namespace: default
spec:
replicas: 3
selector:
matchLabels:
app: web
template:
metadata:
labels:
app: web
spec:
containers:
- name: web
image: w/httpd:v2.0 //2.0版本镜像
imagePullPolicy: IfNotPresent
//升级应用
[root@master manifest]# kubectl apply -f test.yml
deployment.apps/test configured
[root@master manifest]# kubectl get pods
NAME READY STATUS RESTARTS AGE
test-6f778f5576-6ljqz 1/1 Running 0 12s
test-6f778f5576-bq7bz 1/1 Running 0 49s
test-6f778f5576-hgf5c 1/1 Running 0 14s
//查看历史发布版本
[root@master manifest]# kubectl rollout history deployment/test
deployment.apps/test
REVISION CHANGE-CAUSE
1 <none>
2 <none>
//查看指定版本详细信息
[root@master manifest]# kubectl rollout history deployment/test --revision=2
deployment.apps/test with revision #2
Pod Template:
Labels: app=web
pod-template-hash=6f778f5576
Containers:
web:
Image: w/httpd:v1.0 //1.0镜像版本
Port: <none>
Host Port: <none>
Environment: <none>
Mounts: <none>
Volumes: <none>
//回滚到上一版本
[root@master manifest]# kubectl rollout undo deployment/test --to-revision=1
deployment.apps/test rolled back
给一个应用扩容副本数为5
[root@master manifest]# kubectl scale deploy/test --replicas=5
deployment.apps/test scaled
[root@master manifest]# kubectl get pods
NAME READY STATUS RESTARTS AGE
test-7746d6b875-6msxw 1/1 Running 0 7s
test-7746d6b875-6v9cr 1/1 Running 0 3m39s
test-7746d6b875-dlv92 1/1 Running 0 3m37s
test-7746d6b875-nwlcx 1/1 Running 0 3m38s
test-7746d6b875-qhr52 1/1 Running 0 7s
创建一个pod,其中运行着nginx、redis、memcached 3个容器
//清单文件
[root@master manifest]# cat test.yml
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: test
namespace: default
spec:
selector:
matchLabels:
app: web
template:
metadata:
labels:
app: web
spec:
containers:
- name: nginx
image: nginx
imagePullPolicy: IfNotPresent
- name: redis
image: redis
imagePullPolicy: IfNotPresent
- name: memcached
image: memcached
imagePullPolicy: IfNotPresent
//查看pod
[root@master manifest]# kubectl apply -f test.yml
deployment.apps/test created
[root@master manifest]# kubectl get pods
NAME READY STATUS RESTARTS AGE
test-77d687f47b-nr9pc 3/3 Running 0 3s
给一个pod创建service,并可以通过ClusterlP/NodePort访问
//清单文件
[root@master manifest]# cat test.yml
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: web
namespace: default
spec:
replicas: 1
selector:
matchLabels:
app: web
template:
metadata:
labels:
app: web
spec:
containers:
- name: nginx
image: nginx
imagePullPolicy: IfNotPresent
---
apiVersion: v1
kind: Service
metadata:
name: web
namespace: default
spec:
ports:
- port: 80 //本机的端口
protocol: TCP
targetPort: 80 //容器中的端口
nodePort: 30000 //所有的节点都会开放此端口,此端口供外部调用
selector:
app: web
type: NodePort
//运行pod
[root@master manifest]# kubectl apply -f test.yml
deployment.apps/web created
service/web created
[root@master manifest]# kubectl get pod,svc
NAME READY STATUS RESTARTS AGE
pod/web-59b9bb7664-ppnmh 1/1 Running 0 51s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 3d22h
service/web NodePort 10.103.165.44 <none> 80:30000/TCP 51s
//NodePort访问测试
[root@master manifest]# curl 10.103.165.44
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
//ClusterlP访问测试
[root@master manifest]# curl 192.168.218.133:30000
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
创建deployment和service,使用busybox容器nslookup解析service
[root@master manifest]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 3d22h
web NodePort 10.103.165.44 <none> 80:30000/TCP 7m10s
[root@master manifest]# kubectl run -it b1 --image busybox -- /bin/sh
If you don't see a command prompt, try pressing enter.
/ # nslookup web.default.svc.cluster.local
Server: 10.96.0.10
Address: 10.96.0.10:53
Name: web.default.svc.cluster.local
Address: 10.103.165.44
*** Can't find web.default.svc.cluster.local: No answer
1075
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
