Service资源在k8s上主要用来解决pod访问问题;我们知道在k8s上pod由于各种原因重建,对于重建后的podip地址和名称都是变化的,这样一来使得我们访问pod就变得有些不便;为了解决pod访问能有一个固定的端点,在k8s上就是用service来解决的;简单来讲,service对象就是工作在节点上的一组iptables或ipvs规则,用于将到达service对象ip地址的流量调度转发至相应endpoint对象指向的ip地址和端口之上;工作于每个节点的kube-proxy组件通过apiserver持续监控着各service及其关联的pod对象,并将其创建或变动实时反映至当前工作节点上相应的iptables或ipvs规则;其实service和pod或其他资源的关联,本质上不是直接关联,它依靠一个中间组件endpoint;endpoint主要作用就是引用后端pod或其他资源(比如k8s外部的服务也可以被endpoint引用);所谓endpoint就是ip地址+端口;
提示:在k8s上kube-proxy它会监视着apiserver上的service资源变动,及时将变动转化为本机的iptables或ipvs规则;对应客户端pod访问对应serverpod,报文首先会从本机的iptables或ipvs规则所匹配,然后再由对应规则逻辑把请求调度到对应的pod上;
service代理模式模式
在k8s上service代理模式有三种,早期的k8s版本(1.1之前包含1.1的版本)默认的代理模式为userspace,后面的版本(1.11起)默认代理模式为ipvs,如果对应ipvs的模块没有加载,它会自动降级为iptables;
userspace代理模式
提示:userspace是指Linux操作系统上的用户空间;在这种代理模型下iptables只是做转发并不调度,对应调度由kube-proxy完成;userspace这种调度模型用户请求从内核空间到用户空间再到内核空间,性能效率比较低下;
iptables代理模式
提示:iptables这种代理模式,对于每个service对象,kube-proxy会创建iptables规则直接捕获到达Clusterip和port的流量,并将其重定向至当前service对象的后端pod资源;对于每个endpoint对象,service资源会为其创建iptables规则并关联至挑选的后端pod资源对象;相对于userspace代理模式来说,该模式用户请求无须在用户空间和内核空间来回切换,因此效率高效;此种模式下kube-proxy就只负责生成iptalbes规则,调度有iptables规则完成;
ipvs代理模式
提示:ipvs代理模式,kube-proxy会跟踪apiserver上service和endpoint对象的变动,据此来调用netlink接口创建ipvs规则,并确保与apiserver中的变动保持同步;这种模式与iptables的模式不同之处仅在于其请求调度由ipvs完成,余下其他功能仍由iptables完成;比如流量捕获,nat等等功能都会由iptables完成;ipvs代理模型类似iptables模型,ipvs构建于netfilter的钩子函数之上,但它使用hash表作为底层数据结构并工作于内核空间,因此具有流量转发速度快,规则同步性能好的特点,除此之外,ipvs还支持众多调度算法,比如rr,lc,sh,dh等等;
service类型
在k8s上service的类型有4种,第一种是clusterIP,我们在创建service资源时,如果不指定其type类型,默认就是clusterip;第二种是NodePort类型,第三种是LoadBalancer,第四种是ExternalName;不同类型的service,其功能和作用也有所不同;
ClusterIP
提示:如上所示,ClusterIP类型的service就是在k8s节点上创建一个满足serviceip地址的iptables或ipvs规则;这种类型的service的ip地址一定是我们在初始化集群时,指定的service网络(10.96.0.0/12)中的地址;这也意味着这种类型service不能被集群外部客户端所访问,仅能在集群节点上访问;
NodePort
提示:NodePort类型的service,是建构在ClusterIP的基础上做的扩展,主要解决了集群外部客户端访问问题;如上图所示,NodePort类型service在创建时,它会每个节点上创建一条DNAT规则,外部客户端访问集群任意节点的指定端口,都会被DNAT到对应的service上,从而实现访问集群内部Pod;对于集群内部客户端的访问它还是通过ClusterIP进行的;NodePort类型service与ClusterIP类型service唯一不同的是,NodePort类型service能够被外部客户端所访问,在集群每个节点上都有对应的DNAT规则;
LoadBalancer
提示:LoadBalancer这种类型的service是在NodePort的基础上做的扩展,这种类型service只能在底层是云环境的K8s上创建,如果底层是非云环境,这种类型无法实现,只能手动搭建反向代理进行对NodePort类型的service进行反代;它主要解决NodePort类型service被集群外部访问时的端口映射以及负载;
ExternalName
https://github.com/users/hhcarm7521/projects/1082
https://github.com/users/zenglvnieki2/projects/1089
https://github.com/users/hhcarm7521/projects/1083
https://github.com/users/zenglvnieki2/projects/1090
https://github.com/users/hhcarm7521/projects/1084
https://github.com/users/zenglvnieki2/projects/1091
https://github.com/users/hhcarm7521/projects/1085
https://github.com/users/zenglvnieki2/projects/1092
https://github.com/users/hhcarm7521/projects/1086
https://github.com/users/zenglvnieki2/projects/1093
https://github.com/users/hhcarm7521/projects/1087
https://github.com/users/hhcarm7521/projects/1088
https://github.com/users/zenglvnieki2/projects/1094
https://github.com/users/hhcarm7521/projects/1089
https://github.com/users/zenglvnieki2/projects/1095
https://github.com/users/hhcarm7521/projects/1090
https://github.com/users/zenglvnieki2/projects/1096
https://github.com/users/hhcarm7521/projects/1091
https://github.com/users/zenglvnieki2/projects/1097
https://github.com/users/hhcarm7521/projects/1092
https://github.com/users/zenglvnieki2/projects/1098
https://github.com/users/hhcarm7521/projects/1093
https://github.com/users/zenglvnieki2/projects/1099
https://github.com/users/hhcarm7521/projects/1094
https://github.com/users/zenglvnieki2/projects/1100
https://github.com/users/hhcarm7521/projects/1095
https://github.com/users/zenglvnieki2/projects/1101
https://github.com/users/hhcarm7521/projects/1096
https://github.com/users/zenglvnieki2/projects/1102
https://github.com/users/hhcarm7521/projects/1097
https://github.com/users/zenglvnieki2/projects/1103
https://github.com/users/hhcarm7521/projects/1098
https://github.com/users/zenglvnieki2/projects/1104
https://github.com/users/hhcarm7521/projects/1099
https://github.com/users/zenglvnieki2/projects/1105
https://github.com/users/hhcarm7521/projects/1100
https://github.com/users/zenglvnieki2/projects/1106
https://github.com/users/hhcarm7521/projects/1101
https://github.com/users/zenglvnieki2/projects/1107
https://github.com/users/hhcarm7521/projects/1102
https://github.com/users/zenglvnieki2/projects/1108
https://github.com/users/zenglvnieki2/projects/1109
https://github.com/users/hhcarm7521/projects/1103
https://github.com/users/zenglvnieki2/projects/1110
https://github.com/users/hhcarm7521/projects/1104
https://github.com/users/zenglvnieki2/projects/1111
https://github.com/users/hhcarm7521/projects/1105
https://github.com/users/zenglvnieki2/projects/1112
https://github.com/users/hhcarm7521/projects/1106
https://github.com/users/hhcarm7521/projects/1107
https://github.com/users/hhcarm7521/projects/1108
https://github.com/users/zenglvnieki2/projects/1113
https://github.com/users/hhcarm7521/projects/1109
https://github.com/users/zenglvnieki2/projects/1114
https://github.com/users/hhcarm7521/projects/1110
https://github.com/users/zenglvnieki2/projects/1115
https://github.com/users/zenglvnieki2/projects/1116
https://github.com/users/hhcarm7521/projects/1111
https://github.com/users/zenglvnieki2/projects/1117
https://github.com/users/zenglvnieki2/projects/1118
https://github.com/users/hhcarm7521/projects/1112
https://github.com/users/hhcarm7521/projects/1113
https://github.com/users/zenglvnieki2/projects/1119
https://github.com/users/hhcarm7521/projects/1114
https://github.com/users/zenglvnieki2/projects/1120
https://github.com/users/hhcarm7521/projects/1115
https://github.com/users/zenglvnieki2/projects/1121
https://github.com/users/hhcarm7521/projects/1116
https://github.com/users/zenglvnieki2/projects/1122
https://github.com/users/hhcarm7521/projects/1117
https://github.com/users/zenglvnieki2/projects/1123
https://github.com/users/hhcarm7521/projects/1118
https://github.com/users/zenglvnieki2/projects/1124
https://github.com/users/hhcarm7521/projects/1119
https://github.com/users/hhcarm7521/projects/1120
https://github.com/users/zenglvnieki2/projects/1125
https://github.com/users/hhcarm7521/projects/1121
https://github.com/users/zenglvnieki2/projects/1126
https://github.com/users/hhcarm7521/projects/1122
https://github.com/users/zenglvnieki2/projects/1127
https://github.com/users/hhcarm7521/projects/1123
https://github.com/users/zenglvnieki2/projects/1128
https://github.com/users/hhcarm7521/projects/1124
https://github.com/users/zenglvnieki2/projects/1129
https://github.com/users/hhcarm7521/projects/1125
https://github.com/users/zenglvnieki2/projects/1130
https://github.com/users/zenglvnieki2/projects/1131
https://github.com/users/hhcarm7521/projects/1126
https://github.com/users/zenglvnieki2/projects/1132
https://github.com/users/hhcarm7521/projects/1127
https://github.com/users/zenglvnieki2/projects/1133
https://github.com/users/hhcarm7521/projects/1128
https://github.com/users/zenglvnieki2/projects/1134
https://github.com/users/hhcarm7521/projects/1129
https://github.com/users/zenglvnieki2/projects/1135
https://github.com/users/zenglvnieki2/projects/1136
https://github.com/users/hhcarm7521/projects/1130
https://github.com/users/hhcarm7521/projects/1131
https://github.com/users/zenglvnieki2/projects/1137
https://github.com/users/zenglvnieki2/projects/1138
https://github.com/users/hhcarm7521/projects/1132
https://github.com/users/zenglvnieki2/projects/1139
https://github.com/users/hhcarm7521/projects/1133
https://github.com/users/hhcarm7521/projects/1134
https://github.com/users/hhcarm7521/projects/1135
https://github.com/users/hhcarm7521/projects/1136
https://github.com/users/hhcarm7521/projects/1137
https://github.com/users/hhcarm7521/projects/1138
https://github.com/users/hhcarm7521/projects/1139
https://github.com/users/hhcarm7521/projects/1140
https://github.com/users/hhcarm7521/projects/1141
https://github.com/users/hhcarm7521/projects/1142
https://github.com/users/zenglvnieki2/projects/1140
https://github.com/users/hhcarm7521/projects/1143
https://github.com/users/zenglvnieki2/projects/1141
https://github.com/users/hhcarm7521/projects/1144
https://github.com/users/zenglvnieki2/projects/1142
https://github.com/users/hhcarm7521/projects/1145
https://github.com/users/zenglvnieki2/projects/1143
https://github.com/users/hhcarm7521/projects/1146
https://github.com/users/zenglvnieki2/projects/1144
https://github.com/users/hhcarm7521/projects/1147
https://github.com/users/hhcarm7521/projects/1148
https://github.com/users/zenglvnieki2/projects/1145
https://github.com/users/hhcarm7521/projects/1149
https://github.com/users/zenglvnieki2/projects/1146
https://github.com/users/hhcarm7521/projects/1150
https://github.com/users/hhcarm7521/projects/1151
https://github.com/users/zenglvnieki2/projects/1147
https://github.com/users/zenglvnieki2/projects/1148
https://github.com/users/hhcarm7521/projects/1152
https://github.com/users/zenglvnieki2/projects/1149
https://github.com/users/hhcarm7521/projects/1153
https://github.com/users/zenglvnieki2/projects/1150
https://github.com/users/hhcarm7521/projects/1154
https://github.com/users/hhcarm7521/projects/1155
https://github.com/users/hhcarm7521/projects/1156
https://github.com/users/hhcarm7521/projects/1157
https://github.com/users/zenglvnieki2/projects/1151
https://github.com/users/zenglvnieki2/projects/1152
https://github.com/users/zenglvnieki2/projects/1153
https://github.com/users/hhcarm7521/projects/1158
https://github.com/users/hhcarm7521/projects/1159
https://github.com/users/zenglvnieki2/projects/1154
https://github.com/users/hhcarm7521/projects/1160
https://github.com/users/zenglvnieki2/projects/1155
https://github.com/users/hhcarm7521/projects/1161
https://github.com/users/zenglvnieki2/projects/1156
https://github.com/users/hhcarm7521/projects/1162
https://github.com/users/zenglvnieki2/projects/1157
https://github.com/users/hhcarm7521/projects/1163
https://github.com/users/hhcarm7521/projects/1164
https://github.com/users/zenglvnieki2/projects/1158
https://github.com/users/hhcarm7521/projects/1165
https://github.com/users/zenglvnieki2/projects/1159
https://github.com/users/hhcarm7521/projects/1166
https://github.com/users/zenglvnieki2/projects/1160
https://github.com/users/hhcarm7521/projects/1167
https://github.com/users/zenglvnieki2/projects/1161
https://github.com/users/hhcarm7521/projects/1168
https://github.com/users/zenglvnieki2/projects/1162
https://github.com/users/zenglvnieki2/projects/1163
https://github.com/users/hhcarm7521/projects/1169
https://github.com/users/zenglvnieki2/projects/1164
https://github.com/users/hhcarm7521/projects/1170
https://github.com/users/zenglvnieki2/projects/1165
https://github.com/users/zenglvnieki2/projects/1166
https://github.com/users/hhcarm7521/projects/1171
https://github.com/users/zenglvnieki2/projects/1167
https://github.com/users/hhcarm7521/projects/1172
https://github.com/users/zenglvnieki2/projects/1168
https://github.com/users/hhcarm7521/projects/1173
https://github.com/users/zenglvnieki2/projects/1169
https://github.com/users/hhcarm7521/projects/1174
https://github.com/users/zenglvnieki2/projects/1170
https://github.com/users/hhcarm7521/projects/1175
https://github.com/users/hhcarm7521/projects/1176
https://github.com/users/zenglvnieki2/projects/1171
https://github.com/users/hhcarm7521/projects/1177
https://github.com/users/zenglvnieki2/projects/1172
https://github.com/users/hhcarm7521/projects/1178
https://github.com/users/zenglvnieki2/projects/1173
https://github.com/users/hhcarm7521/projects/1179
https://github.com/users/zenglvnieki2/projects/1174
https://github.com/users/hhcarm7521/projects/1180
https://github.com/users/zenglvnieki2/projects/1175
https://github.com/users/zenglvnieki2/projects/1176
https://github.com/users/hhcarm7521/projects/1181
https://github.com/users/zenglvnieki2/projects/1177
https://github.com/users/jrgb88184622/projects/664
https://github.com/users/ijt94441977/projects/741
https://github.com/users/ijt94441977/projects/742
https://github.com/users/jrgb88184622/projects/665
https://github.com/users/ijt94441977/projects/743
https://github.com/users/ijt94441977/projects/744
https://github.com/users/jrgb88184622/projects/666
https://github.com/users/ijt94441977/projects/745
https://github.com/users/jrgb88184622/projects/667
https://github.com/users/ijt94441977/projects/746
https://github.com/users/ijt94441977/projects/747
https://github.com/users/ijt94441977/projects/748
https://github.com/users/ijt94441977/projects/749
https://github.com/users/ijt94441977/projects/750
https://github.com/users/ijt94441977/projects/751
https://github.com/users/ijt94441977/projects/752
https://github.com/users/ijt94441977/projects/753
https://github.com/users/jrgb88184622/projects/668
https://github.com/users/ijt94441977/projects/754
https://github.com/users/ijt94441977/projects/755
https://github.com/users/jrgb88184622/projects/669
https://github.com/users/ijt94441977/projects/756
https://github.com/users/jrgb88184622/projects/670
https://github.com/users/ijt94441977/projects/757
https://github.com/users/jrgb88184622/projects/671
https://github.com/users/ijt94441977/projects/758
https://github.com/users/jrgb88184622/projects/672
https://github.com/users/ijt94441977/projects/759
https://github.com/users/ijt94441977/projects/760
https://github.com/users/ijt94441977/projects/761
https://github.com/users/jrgb88184622/projects/673
https://github.com/users/ijt94441977/projects/762
https://github.com/users/jrgb88184622/projects/674
https://github.com/users/ijt94441977/projects/763
https://github.com/users/jrgb88184622/projects/675
https://github.com/users/ijt94441977/projects/764
https://github.com/users/jrgb88184622/projects/676
https://github.com/users/ijt94441977/projects/765
https://github.com/users/jrgb88184622/projects/677
https://github.com/users/ijt94441977/projects/766
https://github.com/users/jrgb88184622/projects/678
https://github.com/users/ijt94441977/projects/767
https://github.com/users/jrgb88184622/projects/679
https://github.com/users/ijt94441977/projects/768
https://github.com/users/jrgb88184622/projects/680
https://github.com/users/ijt94441977/projects/769
https://github.com/users/jrgb88184622/projects/681
https://github.com/users/ijt94441977/projects/770
https://github.com/users/jrgb88184622/projects/682
https://github.com/users/ijt94441977/projects/771
https://github.com/users/jrgb88184622/projects/683
https://github.com/users/jrgb88184622/projects/684
https://github.com/users/ijt94441977/projects/772
https://github.com/users/jrgb88184622/projects/685
https://github.com/users/jrgb88184622/projects/686
https://github.com/users/jrgb88184622/projects/687
https://github.com/users/jrgb88184622/projects/688
https://github.com/users/jrgb88184622/projects/689
https://github.com/users/jrgb88184622/projects/690
https://github.com/users/jrgb88184622/projects/691
https://github.com/users/jrgb88184622/projects/692
https://github.com/users/ijt94441977/projects/773
https://github.com/users/jrgb88184622/projects/693
https://github.com/users/ijt94441977/projects/774
https://github.com/users/ijt94441977/projects/775
https://github.com/users/jrgb88184622/projects/694
https://github.com/users/ijt94441977/projects/776
https://github.com/users/jrgb88184622/projects/695
https://github.com/users/ijt94441977/projects/777
https://github.com/users/jrgb88184622/projects/696
https://github.com/users/jrgb88184622/projects/697
https://github.com/users/jrgb88184622/projects/698
https://github.com/users/jrgb88184622/projects/699
https://github.com/users/jrgb88184622/projects/700
https://github.com/users/ijt94441977/projects/778
https://github.com/users/jrgb88184622/projects/701
https://github.com/users/ijt94441977/projects/779
https://github.com/users/ijt94441977/projects/780
https://github.com/users/jrgb88184622/projects/702
https://github.com/users/ijt94441977/projects/781
https://github.com/users/jrgb88184622/projects/703
https://github.com/users/ijt94441977/projects/782
https://github.com/users/jrgb88184622/projects/704
https://github.com/users/jrgb88184622/projects/705
https://github.com/users/ijt94441977/projects/783
https://github.com/users/jrgb88184622/projects/706
https://github.com/users/jrgb88184622/projects/707
https://github.com/users/ijt94441977/projects/784
https://github.com/users/jrgb88184622/projects/708
https://github.com/users/ijt94441977/projects/785
https://github.com/users/jrgb88184622/projects/709
https://github.com/users/jrgb88184622/projects/710
https://github.com/users/ijt94441977/projects/786
https://github.com/users/ijt94441977/projects/787
https://github.com/users/jrgb88184622/projects/711
https://github.com/users/ijt94441977/projects/788
https://github.com/users/jrgb88184622/projects/712
https://github.com/users/ijt94441977/projects/789
https://github.com/users/ijt94441977/projects/790
https://github.com/users/jrgb88184622/projects/713
https://github.com/users/ijt94441977/projects/791
https://github.com/users/jrgb88184622/projects/714
https://github.com/users/jrgb88184622/projects/715
https://github.com/users/ijt94441977/projects/792
https://github.com/users/jrgb88184622/projects/716
https://github.com/users/ijt94441977/projects/793
https://github.com/users/jrgb88184622/projects/717
https://github.com/users/ijt94441977/projects/794
https://github.com/users/jrgb88184622/projects/718
https://github.com/users/ijt94441977/projects/795
https://github.com/users/jrgb88184622/projects/719
https://github.com/users/jrgb88184622/projects/720
https://github.com/users/jrgb88184622/projects/721
https://github.com/users/ijt94441977/projects/796
https://github.com/users/ijt94441977/projects/797
https://github.com/users/jrgb88184622/projects/722
https://github.com/users/ijt94441977/projects/798
https://github.com/users/jrgb88184622/projects/723
https://github.com/users/jrgb88184622/projects/724
https://github.com/users/jrgb88184622/projects/725
https://github.com/users/ijt94441977/projects/799
https://github.com/users/jrgb88184622/projects/726
https://github.com/users/ijt94441977/projects/800
https://github.com/users/ijt94441977/projects/801
https://github.com/users/jrgb88184622/projects/727
提示:ExternalName这种类型service主要用来解决对应service引用集群外部的服务;我们知道对于service来说,它就是一条iptables或ipvs规则,对于后端引用的资源是什么,取决于对应endpoint关联的是什么资源的ip地址和端口;如果我们需要在集群中使用集群外部的服务,我们就可以创建ExternalName类型的service,指定后端关联外部某个服务端ip地址或域名即可
容器编排系统k8s之Service资源
560
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
