k8s service

官网

部署nginx

apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx-deployment
  namespace: svc-test 
spec:
  selector:
    matchLabels:
      app: nginx
  replicas: 1
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:alpine
        ports:
        - containerPort: 80

k get pod -n nginx -o wide
NAME                                READY   STATUS    RESTARTS   AGE   IP          NODE             NOMINATED NODE   READINESS GATES
nginx-deployment-6fb79bc456-mmcqh   1/1     Running   0          25m   10.1.0.21   docker-desktop   <none>           <none>

k exec -it nginx-deployment-6fb79bc456-mmcqh -n nginx -- /bin/sh
/ # curl 10.1.0.21
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

Service类型

service四种类型

ClusterIP

集群内访问

apiVersion: v1
kind: Service
metadata:
  name: nginx-service
  namespace: svc-test
spec:
  selector:
    app: nginx
  ports:
  - protocol: TCP
    port: 8087
    targetPort: 80
  type: ClusterIP

k get svc -n svc-test               
NAME            TYPE        CLUSTER-IP    EXTERNAL-IP   PORT(S)    AGE
nginx-service   ClusterIP   10.99.0.119   <none>        8087/TCP   8d

k exec -it nginx-deployment-6fb79bc456-mmcqh -n svc-test -- /bin/sh
/ # curl 10.99.0.119:8087

NodePort

集群外访问

port: 8087 , Service暴露出来的Port
targetPort: 80, Container上暴露的Port
nodePort: 32344, Node 暴露出来的Port

apiVersion: v1
kind: Service
metadata:
  name: nginx-service
  namespace: svc-test
spec:
  selector:
    app: nginx
  ports:
  - protocol: TCP
    port: 8087
    targetPort: 80
    nodePort: 32344
  type: NodePort

k get svc -n nginx -o wide           
NAME            TYPE       CLUSTER-IP     EXTERNAL-IP   PORT(S)        AGE   SELECTOR
nginx-service   NodePort   10.107.32.94   <none>        8087:32344/TCP   31m   app=nginx

 curl 127.0.0.1:32344

LoadBalancer

来自外部负载均衡器的流量将直接重定向到后端 Pod 上，不过实际它们是如何工作的，这要依赖于云提供商

apiVersion: v1
kind: Service
metadata:
  name: nginx-service
  namespace: svc-test
spec:
  selector:
    app: nginx
  ports:
  - protocol: TCP
    port: 8087
    targetPort: 80
    nodePort: 31577
  type: LoabBalancer

k get svc -n svc-test
NAME            TYPE           CLUSTER-IP     EXTERNAL-IP   PORT(S)          AGE
nginx-service   LoadBalancer   10.102.170.4   localhost     8087:31557/TCP   6m46s

通过EXTERNAL-IP访问

curl localhost:8087

k describe svc nginx-service  -n svc-test         
Name:                     nginx-service
Namespace:                svc-test
Labels:                   <none>
Annotations:              <none>
Selector:                 app=nginx
Type:                     LoadBalancer
IP Family Policy:         SingleStack
IP Families:              IPv4
IP:                       10.102.170.4
IPs:                      10.102.170.4
LoadBalancer Ingress:     localhost
Port:                     <unset>  8087/TCP
TargetPort:               80/TCP
NodePort:                 <unset>  31557/TCP
Endpoints:                10.1.0.57:80
Session Affinity:         None
External Traffic Policy:  Cluster
Events:                   <none>

LoadBalancer Ingress:负载均衡器的 IP 地址
Endpoints: 正在运行 nginx-deployment 应用程序的 Pod 的内部地址

ExternalName

可以用于从集群内访问集群外服务或跨ns访问服务，ExternalName即引入的svc名称。ExternalName service 也是一种service，那么ingress controller 会支持，那么就可以实现跨namespace的ingress。
ExternalName参考
参考文章