部署nginx
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
namespace: svc-test
spec:
selector:
matchLabels:
app: nginx
replicas: 1
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:alpine
ports:
- containerPort: 80
k get pod -n nginx -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-deployment-6fb79bc456-mmcqh 1/1 Running 0 25m 10.1.0.21 docker-desktop <none> <none>
k exec -it nginx-deployment-6fb79bc456-mmcqh -n nginx -- /bin/sh
/ # curl 10.1.0.21
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
Service类型
ClusterIP
集群内访问
apiVersion: v1
kind: Service
metadata:
name: nginx-service
namespace: svc-test
spec:
selector:
app: nginx
ports:
- protocol: TCP
port: 8087
targetPort: 80
type: ClusterIP
k get svc -n svc-test
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
nginx-service ClusterIP 10.99.0.119 <none> 8087/TCP 8d
k exec -it nginx-deployment-6fb79bc456-mmcqh -n svc-test -- /bin/sh
/ # curl 10.99.0.119:8087
NodePort
集群外访问
port: 8087 , Service暴露出来的Port
targetPort: 80, Container上暴露的Port
nodePort: 32344, Node 暴露出来的Port
apiVersion: v1
kind: Service
metadata:
name: nginx-service
namespace: svc-test
spec:
selector:
app: nginx
ports:
- protocol: TCP
port: 8087
targetPort: 80
nodePort: 32344
type: NodePort
k get svc -n nginx -o wide
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
nginx-service NodePort 10.107.32.94 <none> 8087:32344/TCP 31m app=nginx
curl 127.0.0.1:32344
LoadBalancer
来自外部负载均衡器的流量将直接重定向到后端 Pod 上,不过实际它们是如何工作的,这要依赖于云提供商
apiVersion: v1
kind: Service
metadata:
name: nginx-service
namespace: svc-test
spec:
selector:
app: nginx
ports:
- protocol: TCP
port: 8087
targetPort: 80
nodePort: 31577
type: LoabBalancer
k get svc -n svc-test
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
nginx-service LoadBalancer 10.102.170.4 localhost 8087:31557/TCP 6m46s
通过EXTERNAL-IP访问
curl localhost:8087
k describe svc nginx-service -n svc-test
Name: nginx-service
Namespace: svc-test
Labels: <none>
Annotations: <none>
Selector: app=nginx
Type: LoadBalancer
IP Family Policy: SingleStack
IP Families: IPv4
IP: 10.102.170.4
IPs: 10.102.170.4
LoadBalancer Ingress: localhost
Port: <unset> 8087/TCP
TargetPort: 80/TCP
NodePort: <unset> 31557/TCP
Endpoints: 10.1.0.57:80
Session Affinity: None
External Traffic Policy: Cluster
Events: <none>
LoadBalancer Ingress:负载均衡器的 IP 地址
Endpoints: 正在运行 nginx-deployment 应用程序的 Pod 的内部地址
ExternalName
可以用于从集群内访问集群外服务或跨ns访问服务,ExternalName即引入的svc名称。ExternalName service 也是一种service,那么ingress controller 会支持,那么就可以实现跨namespace的ingress。
ExternalName参考
参考文章