kubernetes通過service訪問pod

service訪問pod

每個pod都會有自己的ip地址，當controller用新的pod代替發生故障的pod時，新的pod會分配到新的IP地址

 

service有自己的ip，而且這個ip是不變的。客戶端只需要訪問service的ip kubernetes則負責建立和維護service與pod的映射關系，無論后端pod如何變化，對客戶端不會有任何影響，因為service沒有變

案例：

[root@master myservice]# cat service.yml 
apiVersion: apps/v1
kind: Deployment
metadata:
  name: httpd-deploy
  labels:
    run: apache
spec:
  replicas: 3
  selector:
    matchLabels:
      run: apache
  template:
    metadata:
      labels:
        run: apache
    spec:
      containers:
      - name: httpd
        image: httpd
        ports:
        - containerPort: 80

 

[root@master myservice]# kubectl get pod -o wide
NAME                     READY   STATUS    RESTARTS   AGE   IP            NODE    NOMINATED NODE   READINESS GATES
httpd-57c7d78848-k8wnm   1/1     Running   0          25s   10.244.1.40   node1   <none>           <none>
httpd-57c7d78848-lmq97   1/1     Running   0          25s   10.244.1.39   node1   <none>           <none>
httpd-57c7d78848-v4mk8   1/1     Running   0          25s   10.244.2.30   node2   <none>           <none>



[root@master myservice]# curl 10.244.1.40
<html><body><h1>It works!</h1></body></html>

 

 

 

創建service

[root@master myservice]# cat server.yml 
apiVersion: v1
kind: Service
metadata:
   name: httpd-svc
spec:
  selector:
    run: apache
  ports:
  - protocol: TCP
    port: 8080
    targetPort: 80

 

[root@master myservice]# kubectl get service
NAME         TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)    AGE
httpd-svc    ClusterIP   10.96.213.197   <none>        8080/TCP   12m
kubernetes   ClusterIP   10.96.0.1       <none>        443/TCP    10d

[root@master myservice]# curl 10.96.213.197:8080
<html><body><h1>It works!</h1></body></html>

通過kubectl describe 可以查看httpd-svc 與pod的對應關系

[root@master myservice]# kubectl describe service httpd-svc
Name:              httpd-svc
Namespace:         default
Labels:            <none>
Annotations:       kubectl.kubernetes.io/last-applied-configuration:
                     {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"httpd-svc","namespace":"default"},"spec":{"ports":[{"port":8080,"...
Selector:          run=apache
Type:              ClusterIP
IP:                10.96.213.197
Port:              <unset>  8080/TCP
TargetPort:        80/TCP
Endpoints:         10.244.1.43:80,10.244.1.44:80,10.244.2.32:80
Session Affinity:  None
Events:            <none>

DNS 訪問 service

集群中的pod可以通過 服務名字+命名空間 訪問服務：

 

[root@master myservice]# kubectl run -it --rm --image=busybox:latest bash
kubectl run --generator=deployment/apps.v1 is DEPRECATED and will be removed in a future version. Use kubectl run --generator=run-pod/v1 or kubectl create instead.
If you don't see a command prompt, try pressing enter.
/ # wget httpd-svc.default:8080
Connecting to httpd-svc.default:8080 (10.96.213.197:8080)
saving to 'index.html'
index.html           100% |*****************************************************|    45  0:00:00 ETA
'index.html' saved
/ # cat index.html 
<html><body><h1>It works!</h1></body></html>

 

外網訪問服務：

需要在 httpd-svc里spec下添加類型為NodePort

 

[root@master myservice]# cat server.yml 
apiVersion: v1
kind: Service
metadata:
   name: httpd-svc
spec:
  type: NodePort
  selector:
    run: apache
  ports:
  - protocol: TCP
    port: 8080
    targetPort: 80

 

重新運行yml文件

查看：

[root@master myservice]# kubectl get service
NAME         TYPE        CLUSTER-IP    EXTERNAL-IP   PORT(S)          AGE
httpd-svc    NodePort    10.96.95.12   <none>        8080:30002/TCP   16s
kubernetes   ClusterIP   10.96.0.1     <none>        443/TCP          10d

類型變成了NodePort

監聽30002端口收到請求會轉發給10.96.95.12的8080端口，然后按照上面的規則發給pod

自己指定端口在30000-32767 之間別的端口不行

 

 

測試：

[root@master myservice]# curl 192.168.172.134:30002
<html><body><h1>It works!</h1></body></html>
[root@master myservice]# curl 192.168.172.135:30002
<html><body><h1>It works!</h1></body></html>
[root@master myservice]# curl 192.168.172.136:30002
<html><body><h1>It works!</h1></body></html>

自己指定端口：

[root@master myservice]# cat server.yml 
apiVersion: v1
kind: Service
metadata:
   name: httpd-svc
spec:
  type: NodePort
  selector:
    run: apache
  ports:
  - protocol: TCP
    nodePort: 31111
    port: 8080
    targetPort: 80

nodePort: 31111  是開放主機的端口

port: 8080       服務的端口

targetPort: 80    pod的端口

查看並驗證：

[root@master myservice]# kubectl   describe   svc httpd-svc
Name:                     httpd-svc
Namespace:                default
Labels:                   <none>
Annotations:              kubectl.kubernetes.io/last-applied-configuration:
                            {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"httpd-svc","namespace":"default"},"spec":{"ports":[{"nodePort":31...
Selector:                 run=apache
Type:                     NodePort
IP:                       10.96.103.106
Port:                     <unset>  8080/TCP
TargetPort:               80/TCP
NodePort:                 <unset>  31111/TCP
Endpoints:                10.244.1.47:80,10.244.1.48:80,10.244.2.36:80
Session Affinity:         None
External Traffic Policy:  Cluster
Events:                   <none>

[root@master myservice]# kubectl get service
NAME         TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)          AGE
httpd-svc    NodePort    10.96.103.106   <none>        8080:31111/TCP   2m19s
kubernetes   ClusterIP   10.96.0.1       <none>        443/TCP          10d

[root@master myservice]# curl 192.168.172.134:31111
<html><body><h1>It works!</h1></body></html>
[root@master myservice]# curl 192.168.172.135:31111
<html><body><h1>It works!</h1></body></html>
[root@master myservice]# curl 192.168.172.136:31111
<html><body><h1>It works!</h1></body></html>